package org.hyperledger.besu.ethereum.api.jsonrpc.authentication;

import io.vertx.core.AsyncResult;
import io.vertx.core.Future;
import io.vertx.core.Handler;
import io.vertx.core.Vertx;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.AuthProvider;
import io.vertx.ext.auth.User;
import java.io.IOException;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;
import org.apache.tuweni.toml.Toml;
import org.apache.tuweni.toml.TomlTable;
import org.springframework.security.crypto.bcrypt.BCrypt;

/* loaded from: input_file:org/hyperledger/besu/ethereum/api/jsonrpc/authentication/TomlAuth.class */
public class TomlAuth implements AuthProvider {
    public static final String PRIVACY_PUBLIC_KEY = "privacyPublicKey";
    private final Vertx vertx;
    private final TomlAuthOptions options;

    public TomlAuth(Vertx vertx, TomlAuthOptions tomlAuthOptions) {
        this.vertx = vertx;
        this.options = tomlAuthOptions;
    }

    public void authenticate(JsonObject jsonObject, Handler<AsyncResult<User>> handler) {
        String string = jsonObject.getString("username");
        if (string == null) {
            handler.handle(Future.failedFuture("No username provided"));
            return;
        }
        String string2 = jsonObject.getString("password");
        if (string2 == null) {
            handler.handle(Future.failedFuture("No password provided"));
        } else {
            readUser(string, asyncResult -> {
                if (!asyncResult.succeeded()) {
                    handler.handle(Future.failedFuture(asyncResult.cause()));
                } else {
                    TomlUser tomlUser = (TomlUser) asyncResult.result();
                    checkPasswordHash(string2, tomlUser.getPassword(), asyncResult -> {
                        if (asyncResult.succeeded()) {
                            handler.handle(Future.succeededFuture(tomlUser));
                        } else {
                            handler.handle(Future.failedFuture(asyncResult.cause()));
                        }
                    });
                }
            });
        }
    }

    private void readUser(String str, Handler<AsyncResult<TomlUser>> handler) {
        this.vertx.executeBlocking(promise -> {
            try {
                TomlTable tableOrEmpty = Toml.parse(this.options.getTomlPath()).getTableOrEmpty("Users." + str);
                if (tableOrEmpty.isEmpty()) {
                    promise.fail("User not found");
                    return;
                }
                TomlUser readTomlUserFromTable = readTomlUserFromTable(str, tableOrEmpty);
                if ("".equals(readTomlUserFromTable.getPassword())) {
                    promise.fail("No password set for user");
                } else {
                    promise.complete(readTomlUserFromTable);
                }
            } catch (IOException e) {
                promise.fail(e);
            }
        }, asyncResult -> {
            if (asyncResult.succeeded()) {
                handler.handle(Future.succeededFuture((TomlUser) asyncResult.result()));
            } else {
                handler.handle(Future.failedFuture(asyncResult.cause()));
            }
        });
    }

    private TomlUser readTomlUserFromTable(String str, TomlTable tomlTable) {
        return new TomlUser(str, tomlTable.getString("password", () -> {
            return "";
        }), (List) tomlTable.getArrayOrEmpty("groups").toList().stream().map((v0) -> {
            return v0.toString();
        }).collect(Collectors.toList()), (List) tomlTable.getArrayOrEmpty("permissions").toList().stream().map((v0) -> {
            return v0.toString();
        }).collect(Collectors.toList()), (List) tomlTable.getArrayOrEmpty("roles").toList().stream().map((v0) -> {
            return v0.toString();
        }).collect(Collectors.toList()), Optional.ofNullable(tomlTable.getString(PRIVACY_PUBLIC_KEY)));
    }

    private void checkPasswordHash(String str, String str2, Handler<AsyncResult<Void>> handler) {
        if (BCrypt.checkpw(str, str2)) {
            handler.handle(Future.succeededFuture());
        } else {
            handler.handle(Future.failedFuture("Invalid password"));
        }
    }
}
