package be.atbash.ee.security.octopus.mgt;

import be.atbash.ee.security.octopus.authc.AuthenticationException;
import be.atbash.ee.security.octopus.authc.AuthenticationInfo;
import be.atbash.ee.security.octopus.authz.AuthorizationException;
import be.atbash.ee.security.octopus.authz.Authorizer;
import be.atbash.ee.security.octopus.authz.permission.Permission;
import be.atbash.ee.security.octopus.realm.OctopusOfflineRealm;
import be.atbash.ee.security.octopus.subject.DefaultSubjectFactory;
import be.atbash.ee.security.octopus.subject.PrincipalCollection;
import be.atbash.ee.security.octopus.subject.Subject;
import be.atbash.ee.security.octopus.subject.SubjectContext;
import be.atbash.ee.security.octopus.subject.support.DefaultSubjectContext;
import be.atbash.ee.security.octopus.token.AuthenticationToken;
import be.atbash.ee.security.octopus.util.OctopusCollectionUtils;
import be.atbash.util.exception.AtbashIllegalActionException;
import java.util.Collection;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:be/atbash/ee/security/octopus/mgt/DefaultSecurityManager.class */
public class DefaultSecurityManager implements Authorizer {
    private static final Logger log = LoggerFactory.getLogger(DefaultSecurityManager.class);
    private DefaultSubjectFactory subjectFactory = new DefaultSubjectFactory();
    private OctopusOfflineRealm octopusRealm = new OctopusOfflineRealm();

    public DefaultSecurityManager() {
        this.octopusRealm.initDependencies();
    }

    protected SubjectContext createSubjectContext() {
        return new DefaultSubjectContext();
    }

    protected Subject createSubject(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo, Subject subject) {
        SubjectContext createSubjectContext = createSubjectContext();
        createSubjectContext.setAuthenticated(true);
        createSubjectContext.setAuthenticationToken(authenticationToken);
        createSubjectContext.setAuthenticationInfo(authenticationInfo);
        if (subject != null) {
            createSubjectContext.setSubject(subject);
        }
        return createSubject(createSubjectContext);
    }

    public Subject login(Subject subject, AuthenticationToken authenticationToken) throws AuthenticationException {
        try {
            return createSubject(authenticationToken, authenticate(authenticationToken), subject);
        } catch (AuthenticationException e) {
            throw e;
        }
    }

    public AuthenticationInfo authenticate(AuthenticationToken authenticationToken) throws AuthenticationException {
        return this.octopusRealm.authenticate(authenticationToken);
    }

    protected SubjectContext copy(SubjectContext subjectContext) {
        return new DefaultSubjectContext(subjectContext);
    }

    public Subject createSubject(SubjectContext subjectContext) {
        return doCreateSubject(resolvePrincipals(ensureSecurityManager(copy(subjectContext))));
    }

    protected Subject doCreateSubject(SubjectContext subjectContext) {
        return this.subjectFactory.createSubject(subjectContext);
    }

    protected SubjectContext ensureSecurityManager(SubjectContext subjectContext) {
        return subjectContext;
    }

    protected SubjectContext resolvePrincipals(SubjectContext subjectContext) {
        if (OctopusCollectionUtils.isEmpty(subjectContext.resolvePrincipals())) {
            log.trace("No identity (PrincipalCollection) found in the context.  Looking for a remembered identity.");
        }
        return subjectContext;
    }

    public void logout(Subject subject) {
        if (subject == null) {
            throw new AtbashIllegalActionException("(OCT-DEV-051) Subject method argument cannot be null.");
        }
        PrincipalCollection principals = subject.getPrincipals();
        if (principals == null || principals.isEmpty() || !log.isDebugEnabled()) {
            return;
        }
        log.debug("Logging out subject with primary principal {}", principals.getPrimaryPrincipal());
    }

    public boolean isPermitted(PrincipalCollection principalCollection, String str) {
        return this.octopusRealm.isPermitted(principalCollection, str);
    }

    public boolean isPermitted(PrincipalCollection principalCollection, Permission permission) {
        return this.octopusRealm.isPermitted(principalCollection, permission);
    }

    public boolean[] isPermitted(PrincipalCollection principalCollection, String... strArr) {
        return this.octopusRealm.isPermitted(principalCollection, strArr);
    }

    public boolean[] isPermitted(PrincipalCollection principalCollection, List<Permission> list) {
        return this.octopusRealm.isPermitted(principalCollection, list);
    }

    public boolean isPermittedAll(PrincipalCollection principalCollection, String... strArr) {
        return this.octopusRealm.isPermittedAll(principalCollection, strArr);
    }

    public boolean isPermittedAll(PrincipalCollection principalCollection, Collection<Permission> collection) {
        return this.octopusRealm.isPermittedAll(principalCollection, collection);
    }

    public void checkPermission(PrincipalCollection principalCollection, String str) throws AuthorizationException {
        this.octopusRealm.checkPermission(principalCollection, str);
    }

    public void checkPermission(PrincipalCollection principalCollection, Permission permission) throws AuthorizationException {
        this.octopusRealm.checkPermission(principalCollection, permission);
    }

    public void checkPermissions(PrincipalCollection principalCollection, String... strArr) throws AuthorizationException {
        this.octopusRealm.checkPermissions(principalCollection, strArr);
    }

    public void checkPermissions(PrincipalCollection principalCollection, Collection<Permission> collection) throws AuthorizationException {
        this.octopusRealm.checkPermissions(principalCollection, collection);
    }

    public boolean hasRole(PrincipalCollection principalCollection, String str) {
        return this.octopusRealm.hasRole(principalCollection, str);
    }

    public boolean[] hasRoles(PrincipalCollection principalCollection, List<String> list) {
        return this.octopusRealm.hasRoles(principalCollection, list);
    }

    public boolean hasAllRoles(PrincipalCollection principalCollection, Collection<String> collection) {
        return this.octopusRealm.hasAllRoles(principalCollection, collection);
    }

    public void checkRole(PrincipalCollection principalCollection, String str) throws AuthorizationException {
        this.octopusRealm.checkRole(principalCollection, str);
    }

    public void checkRoles(PrincipalCollection principalCollection, Collection<String> collection) throws AuthorizationException {
        this.octopusRealm.checkRoles(principalCollection, collection);
    }

    public void checkRoles(PrincipalCollection principalCollection, String... strArr) throws AuthorizationException {
        this.octopusRealm.checkRoles(principalCollection, strArr);
    }
}
