package org.carewebframework.security.spring;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.carewebframework.api.domain.IUser;
import org.carewebframework.api.security.ISecurityDomain;
import org.carewebframework.api.security.SecurityDomainRegistry;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;

/* loaded from: input_file:standalone.war:WEB-INF/lib/org.carewebframework.security.spring.core-4.0.8.jar:org/carewebframework/security/spring/BaseAuthenticationProvider.class */
public class BaseAuthenticationProvider implements AuthenticationProvider {
    private static final Log log = LogFactory.getLog(BaseAuthenticationProvider.class);
    private final List<String> systemGrantedAuthorities;

    public BaseAuthenticationProvider() {
        this(false);
    }

    public BaseAuthenticationProvider(boolean z) {
        this.systemGrantedAuthorities = new ArrayList();
        this.systemGrantedAuthorities.add(Constants.ROLE_USER);
        if (z) {
            this.systemGrantedAuthorities.add(Constants.PRIV_DEBUG);
        }
    }

    public BaseAuthenticationProvider(List<String> list) {
        this(false);
        this.systemGrantedAuthorities.addAll(list);
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<? extends Object> cls) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        CWFAuthenticationDetails cWFAuthenticationDetails = (CWFAuthenticationDetails) authentication.getDetails();
        String str = (String) authentication.getPrincipal();
        String str2 = (String) authentication.getCredentials();
        String str3 = null;
        if (log.isDebugEnabled()) {
            log.debug("User: " + str);
            log.debug(new StringBuilder().append("Details, RA: ").append(cWFAuthenticationDetails).toString() == null ? "null" : cWFAuthenticationDetails.getRemoteAddress());
        }
        if (str != null && str.contains("\\")) {
            String[] split = str.split("\\\\", 2);
            str3 = split[0];
            str = split.length > 1 ? split[1] : null;
        }
        ISecurityDomain securityDomain = SecurityDomainRegistry.getSecurityDomain(str3);
        if (str == null || str2 == null || securityDomain == null) {
            throw new BadCredentialsException("Missing security credentials.");
        }
        IUser authenticate = securityDomain.authenticate(str, str2);
        cWFAuthenticationDetails.setDetail("user", authenticate);
        Set<String> mergeAuthorities = mergeAuthorities(securityDomain.getGrantedAuthorities(authenticate), this.systemGrantedAuthorities);
        ArrayList arrayList = new ArrayList();
        for (String str4 : mergeAuthorities) {
            if (!str4.isEmpty()) {
                arrayList.add(new SimpleGrantedAuthority(str4));
            }
        }
        User user = new User(str, str2, true, true, true, true, arrayList);
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(user, user.getPassword(), user.getAuthorities());
        usernamePasswordAuthenticationToken.setDetails(cWFAuthenticationDetails);
        return usernamePasswordAuthenticationToken;
    }

    protected Set<String> mergeAuthorities(List<String> list, List<String> list2) {
        HashSet hashSet = list == null ? new HashSet() : new HashSet(list);
        for (String str : this.systemGrantedAuthorities) {
            if (str.startsWith("-")) {
                hashSet.remove(str.substring(1));
            } else {
                hashSet.add(str);
            }
        }
        return hashSet;
    }
}
