package ec.gob.senescyt.sniese.commons.security.shiro;

import com.google.common.collect.Sets;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientResponse;
import ec.gob.senescyt.sniese.commons.Constantes;
import ec.gob.senescyt.sniese.commons.security.UsuarioAutenticado;
import ec.gob.senescyt.sniese.commons.security.exceptions.LoginIncorrectoException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

/* loaded from: input_file:ec/gob/senescyt/sniese/commons/security/shiro/SeguridadRealm.class */
public class SeguridadRealm extends AuthorizingRealm {
    protected static final String NOMBRE_REALM = "SenescytRealm";
    private final Client cliente = new Client();

    public SeguridadRealm() {
        setAuthenticationCachingEnabled(true);
    }

    public String getName() {
        return NOMBRE_REALM;
    }

    public boolean supports(AuthenticationToken authenticationToken) {
        return authenticationToken instanceof BearerToken;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        ClientResponse validarToken = validarToken(authenticationToken);
        if (validarToken.getStatus() == 200) {
            return crearPrincipalAPartirDeLaRespuesta(authenticationToken, validarToken);
        }
        throw new LoginIncorrectoException();
    }

    private ClientResponse validarToken(AuthenticationToken authenticationToken) {
        return (ClientResponse) this.cliente.resource(Constantes.URI_RECURSO_VERIFICACION_TOKEN).type("application/json").header("Authorization", authenticationToken.getCredentials()).get(ClientResponse.class);
    }

    private AuthenticationInfo crearPrincipalAPartirDeLaRespuesta(AuthenticationToken authenticationToken, ClientResponse clientResponse) {
        return new SimpleAuthenticationInfo(new UsuarioAutenticado((String) clientResponse.getEntity(String.class), authenticationToken.getCredentials().toString()), authenticationToken.getCredentials(), getName());
    }

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return new SimpleAuthorizationInfo(Sets.newHashSet());
    }
}
