package cn.home1.cloud.config.server.security;

import cn.home1.cloud.config.server.util.Consts;
import cn.home1.cloud.config.server.util.EnvironmentUtils;
import com.google.common.collect.ImmutableList;
import java.util.Collection;
import java.util.Iterator;
import java.util.Optional;
import java.util.regex.Pattern;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.cloud.config.environment.Environment;
import org.springframework.cloud.config.server.environment.EnvironmentController;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/* loaded from: input_file:cn/home1/cloud/config/server/security/GitFileConfigUserDetailsService.class */
public class GitFileConfigUserDetailsService implements UserDetailsService {
    private static final Logger log = LoggerFactory.getLogger(GitFileConfigUserDetailsService.class);
    private static final Pattern PATTERN_AT = Pattern.compile("@");
    private static final Collection<? extends GrantedAuthority> ANONYMOUS_AUTHORITY = ImmutableList.of();
    private static final Collection<? extends GrantedAuthority> ADMIN_AUTHORITY = ImmutableList.of(new SimpleGrantedAuthority("ROLE_" + Role.ADMIN.toString()));
    private static final Collection<? extends GrantedAuthority> HOOK_AUTHORITY = ImmutableList.of(new SimpleGrantedAuthority("ROLE_" + Role.HOOK.toString()));
    private static final GrantedAuthority USER_AUTHORITY = new SimpleGrantedAuthority("ROLE_" + Role.USER.toString());
    private ConfigSecurity configSecurity;
    private String defaultLabel;
    private EnvironmentController environmentController;
    private PrivilegedUserProperties PrivilegedUserProperties;

    public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException {
        String str2;
        String str3;
        Optional of;
        if (str == null) {
            return new User("anonymous", "", ANONYMOUS_AUTHORITY);
        }
        if (str.equals(this.PrivilegedUserProperties.getAdminName())) {
            return new User(str, this.PrivilegedUserProperties.getAdminPassword(), ADMIN_AUTHORITY);
        }
        if (str.equals(this.PrivilegedUserProperties.getHookName())) {
            return new User(str, this.PrivilegedUserProperties.getHookPassword(), HOOK_AUTHORITY);
        }
        if (str.contains("@") && str.endsWith(Consts.DOT_ENV)) {
            Iterator<String> it = PATTERN_AT.splitAsStream(str).iterator();
            str2 = it.next();
            str3 = it.next();
            of = Optional.of(new SimpleGrantedAuthority(Consts.PRIVILEGE_ENV_PROFILE_ + str3));
        } else if (str.endsWith("@default")) {
            Iterator<String> it2 = PATTERN_AT.splitAsStream(str).iterator();
            str2 = it2.next();
            str3 = it2.next();
            of = Optional.empty();
        } else {
            str2 = str;
            str3 = "default";
            of = Optional.of(new SimpleGrantedAuthority(Consts.PRIVILEGE_ENV_PROFILE_WILDCARD));
        }
        ImmutableList of2 = of.isPresent() ? ImmutableList.of(USER_AUTHORITY, of.get()) : ImmutableList.of(USER_AUTHORITY);
        String findExpectedPassword = findExpectedPassword(str2, str3);
        if (findExpectedPassword == null) {
            throw new BadCredentialsException("can not find 'spring.cloud.config.password' application: " + str2 + ", profile: " + str3);
        }
        return new User(str2, this.configSecurity.decryptProperty(findExpectedPassword), of2);
    }

    String findExpectedPassword(String str, String str2) {
        String findExpectedPassword;
        if (this.defaultLabel != null) {
            String findExpectedPassword2 = findExpectedPassword(str, str2, this.defaultLabel);
            findExpectedPassword = findExpectedPassword2 != null ? findExpectedPassword2 : findExpectedPassword(str, str2, null);
        } else {
            findExpectedPassword = findExpectedPassword(str, str2, null);
        }
        return findExpectedPassword;
    }

    String findExpectedPassword(String str, String str2, String str3) {
        try {
            Environment labelled = this.environmentController.labelled(str, str2, str3);
            if (labelled == null) {
                throw new UsernameNotFoundException("can not find the project by username: " + str);
            }
            return EnvironmentUtils.getConfigPassword(labelled);
        } catch (Exception e) {
            log.warn("error on loadUserByUsername from git configuration file, username: {}", str, e);
            throw e;
        }
    }

    public void setConfigSecurity(ConfigSecurity configSecurity) {
        this.configSecurity = configSecurity;
    }

    public void setDefaultLabel(String str) {
        this.defaultLabel = str;
    }

    public void setEnvironmentController(EnvironmentController environmentController) {
        this.environmentController = environmentController;
    }

    public void setPrivilegedUserProperties(PrivilegedUserProperties privilegedUserProperties) {
        this.PrivilegedUserProperties = privilegedUserProperties;
    }
}
