package org.apereo.cas.web.flow;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import java.util.List;
import java.util.stream.Collectors;
import lombok.Generated;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.principal.Principal;
import org.apereo.cas.util.spring.ApplicationContextProvider;
import org.apereo.cas.web.flow.actions.BaseCasWebflowAction;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:org/apereo/cas/web/flow/PopulateSpringSecurityContextAction.class */
public class PopulateSpringSecurityContextAction extends BaseCasWebflowAction {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(PopulateSpringSecurityContextAction.class);

    protected Event doExecute(RequestContext requestContext) {
        Authentication authentication = WebUtils.getAuthentication(requestContext);
        Principal resolvePrincipal = resolvePrincipal(authentication.getPrincipal());
        HttpServletRequest httpServletRequestFromExternalWebflowContext = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
        List list = (List) resolvePrincipal.getAttributes().keySet().stream().map(SimpleGrantedAuthority::new).collect(Collectors.toList());
        PreAuthenticatedAuthenticationToken preAuthenticatedAuthenticationToken = new PreAuthenticatedAuthenticationToken(resolvePrincipal, authentication.getCredentials(), list);
        preAuthenticatedAuthenticationToken.setAuthenticated(true);
        preAuthenticatedAuthenticationToken.setDetails(new PreAuthenticatedGrantedAuthoritiesWebAuthenticationDetails(httpServletRequestFromExternalWebflowContext, list));
        SecurityContext context = SecurityContextHolder.getContext();
        context.setAuthentication(preAuthenticatedAuthenticationToken);
        HttpSession session = httpServletRequestFromExternalWebflowContext.getSession(true);
        LOGGER.trace("Storing security context in session [{}] for [{}]", session.getId(), resolvePrincipal);
        session.setAttribute("SPRING_SECURITY_CONTEXT", context);
        return null;
    }

    protected Principal resolvePrincipal(Principal principal) {
        return (Principal) ApplicationContextProvider.getMultifactorAuthenticationPrincipalResolvers().stream().filter(multifactorAuthenticationPrincipalResolver -> {
            return multifactorAuthenticationPrincipalResolver.supports(principal);
        }).findFirst().map(multifactorAuthenticationPrincipalResolver2 -> {
            return multifactorAuthenticationPrincipalResolver2.resolve(principal);
        }).orElse(principal);
    }
}
