package io.confluent.common.security.jetty;

import io.confluent.common.security.auth.JwtPrincipal;
import io.confluent.security.auth.client.rest.RestClient;
import io.confluent.security.auth.common.JwtBearerToken;
import java.util.Map;
import javax.security.auth.Subject;
import javax.servlet.ServletRequest;
import org.eclipse.jetty.security.AbstractLoginService;
import org.eclipse.jetty.server.UserIdentity;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/confluent/common/security/jetty/MdsBasicLoginService.class */
public class MdsBasicLoginService extends AbstractLoginService {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) MdsBasicLoginService.class);
    private final String realmName;
    private RestClient restClient;

    public MdsBasicLoginService(Map<String, ?> map, String str) {
        this.realmName = str;
        this.restClient = new RestClient(map);
    }

    @Override // org.eclipse.jetty.security.AbstractLoginService, org.eclipse.jetty.security.LoginService
    public UserIdentity login(String str, Object obj, ServletRequest servletRequest) {
        UserIdentity userIdentity = null;
        log.trace("Login attempt for user {}", str);
        try {
            JwtBearerToken login = this.restClient.login(str + ":" + obj);
            Subject subject = new Subject();
            JwtPrincipal jwtPrincipal = new JwtPrincipal(login.jwtClaims(), login.value());
            subject.getPrincipals().add(jwtPrincipal);
            userIdentity = this._identityService.newUserIdentity(subject, jwtPrincipal, new String[0]);
            log.trace("User identity created on subject {}", subject);
        } catch (Exception e) {
            log.error("Login failed for " + str, (Throwable) e);
        }
        return userIdentity;
    }

    @Override // org.eclipse.jetty.security.AbstractLoginService, org.eclipse.jetty.security.LoginService
    public String getName() {
        return this.realmName;
    }

    @Override // org.eclipse.jetty.security.AbstractLoginService
    protected AbstractLoginService.UserPrincipal loadUserInfo(String str) {
        throw new UnsupportedOperationException("loadUserInfo");
    }

    @Override // org.eclipse.jetty.security.AbstractLoginService
    protected String[] loadRoleInfo(AbstractLoginService.UserPrincipal userPrincipal) {
        throw new UnsupportedOperationException("loadRoleInfo");
    }

    void setRestClient(RestClient restClient) {
        this.restClient = restClient;
    }
}
