package sk.seges.acris.security.server.spring.login;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import org.apache.log4j.Logger;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.transaction.annotation.Transactional;
import sk.seges.acris.security.server.core.login.api.LoginService;
import sk.seges.acris.security.server.session.ClientSession;
import sk.seges.acris.security.server.session.SessionIDGenerator;
import sk.seges.acris.security.server.spring.context.AcrisSecurityContext;
import sk.seges.acris.security.server.spring.user_management.domain.SpringUserAdapter;
import sk.seges.acris.security.server.spring.user_management.service.provider.WebIdUsernamePasswordAuthenticationToken;
import sk.seges.acris.security.server.util.LoggedUserRole;
import sk.seges.acris.security.shared.exception.AuthenticationException;
import sk.seges.acris.security.shared.exception.SecurityException;
import sk.seges.acris.security.shared.exception.ServerException;
import sk.seges.acris.security.shared.user_management.domain.UserPasswordLoginToken;
import sk.seges.acris.security.shared.user_management.domain.api.LoginToken;
import sk.seges.corpis.server.domain.user.server.model.data.UserData;

/* loaded from: input_file:sk/seges/acris/security/server/spring/login/SpringLoginService.class */
public class SpringLoginService implements LoginService {
    private AuthenticationManager authenticationManager;
    private SessionIDGenerator sessionIDGenerator;
    private Logger log = Logger.getLogger(SpringLoginService.class);
    static final /* synthetic */ boolean $assertionsDisabled;

    public SpringLoginService(AuthenticationManager authenticationManager, SessionIDGenerator sessionIDGenerator) {
        this.authenticationManager = authenticationManager;
        this.sessionIDGenerator = sessionIDGenerator;
    }

    protected String[] getUserAuthorities(UserDetails userDetails) {
        Collection authorities = userDetails.getAuthorities();
        String[] strArr = new String[authorities.size()];
        int i = 0;
        Iterator it = authorities.iterator();
        while (it.hasNext()) {
            int i2 = i;
            i++;
            strArr[i2] = ((GrantedAuthority) it.next()).getAuthority();
        }
        return strArr;
    }

    protected Authentication createAuthenticationToken(LoginToken loginToken) throws ServerException {
        if (!$assertionsDisabled && !(loginToken instanceof UserPasswordLoginToken)) {
            throw new AssertionError();
        }
        UserPasswordLoginToken userPasswordLoginToken = (UserPasswordLoginToken) loginToken;
        return new WebIdUsernamePasswordAuthenticationToken(userPasswordLoginToken.getUsername(), userPasswordLoginToken.getPassword(), userPasswordLoginToken.getWebId());
    }

    protected ClientSession createClientSession() {
        return new ClientSession();
    }

    public void changeAuthentication(ClientSession clientSession) {
        UserData userData = (UserData) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        userData.setRoles(clientSession.getUser().getRoles());
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(userData, authentication.getCredentials(), authentication.getAuthorities()));
    }

    public void postProcessLogin(ClientSession clientSession, LoginToken loginToken) {
    }

    @Transactional
    public ClientSession login(LoginToken loginToken) throws ServerException {
        try {
            Authentication authenticate = this.authenticationManager.authenticate(createAuthenticationToken(loginToken));
            createSecurityContext(authenticate);
            ClientSession createClientSession = createClientSession();
            createClientSession.setSessionId(this.sessionIDGenerator.generate(loginToken));
            ArrayList arrayList = new ArrayList();
            arrayList.add(new LoggedUserRole());
            if (authenticate.getPrincipal() instanceof SpringUserAdapter) {
                SpringUserAdapter springUserAdapter = (SpringUserAdapter) authenticate.getPrincipal();
                if (springUserAdapter.getRoles() == null || springUserAdapter.getRoles().isEmpty()) {
                    springUserAdapter.setRoles(arrayList);
                } else {
                    springUserAdapter.getRoles().addAll(arrayList);
                }
                createClientSession.setUser(springUserAdapter.getUser());
            } else if (authenticate.getPrincipal() instanceof UserData) {
                UserData userData = (UserData) authenticate.getPrincipal();
                if (userData.getRoles() == null || userData.getRoles().isEmpty()) {
                    userData.setRoles(arrayList);
                } else {
                    userData.getRoles().addAll(arrayList);
                }
                createClientSession.setUser(userData);
            } else if (authenticate.getPrincipal() == null) {
                this.log.warn("Null principal in the security context. Invalid state occured. Please provide valid principal.");
            } else {
                this.log.warn("Unsupported type of the principal. Class " + authenticate.getPrincipal().getClass().getCanonicalName() + " is not supported!");
            }
            postProcessLogin(createClientSession, loginToken);
            return createClientSession;
        } catch (AuthenticationException e) {
            throw new SecurityException("Unable to login", e);
        }
    }

    protected void createSecurityContext(Authentication authentication) {
        Authentication usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), authentication.getAuthorities());
        AcrisSecurityContext acrisSecurityContext = new AcrisSecurityContext();
        acrisSecurityContext.setAuthentication(usernamePasswordAuthenticationToken);
        SecurityContextHolder.setContext(acrisSecurityContext);
    }

    public void logout() {
        SecurityContextHolder.clearContext();
        SecurityContextHolder.setContext(new AcrisSecurityContext());
    }

    static {
        $assertionsDisabled = !SpringLoginService.class.desiredAssertionStatus();
    }
}
