package org.molgenis.security.user;

import java.util.Collection;
import java.util.LinkedHashSet;
import java.util.Objects;
import java.util.stream.Stream;
import org.molgenis.data.DataService;
import org.molgenis.data.security.auth.RoleMembership;
import org.molgenis.data.security.auth.User;
import org.molgenis.security.core.SidUtils;
import org.molgenis.security.core.runas.RunAsSystem;
import org.molgenis.security.oidc.model.OidcUserMappingMetadata;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/* loaded from: input_file:org/molgenis/security/user/UserDetailsServiceImpl.class */
public class UserDetailsServiceImpl implements UserDetailsService {
    private final DataService dataService;
    private final GrantedAuthoritiesMapper grantedAuthoritiesMapper;

    public UserDetailsServiceImpl(DataService dataService, GrantedAuthoritiesMapper grantedAuthoritiesMapper) {
        this.dataService = (DataService) Objects.requireNonNull(dataService);
        this.grantedAuthoritiesMapper = (GrantedAuthoritiesMapper) Objects.requireNonNull(grantedAuthoritiesMapper);
    }

    @RunAsSystem
    public UserDetails loadUserByUsername(String str) {
        User user = (User) this.dataService.query("sys_sec_User", User.class).eq("username", str).findOne();
        if (user == null) {
            throw new UsernameNotFoundException("unknown user '" + str + "'");
        }
        return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), user.isActive(), true, true, true, getAuthorities(user));
    }

    @RunAsSystem
    public Collection<? extends GrantedAuthority> getAuthorities(User user) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        if (user.isSuperuser()) {
            linkedHashSet.add(new SimpleGrantedAuthority("ROLE_SU"));
        }
        if (user.getUsername().equals("anonymous")) {
            linkedHashSet.add(new SimpleGrantedAuthority("ROLE_ANONYMOUS"));
        } else {
            linkedHashSet.add(new SimpleGrantedAuthority("ROLE_USER"));
        }
        Stream map = this.dataService.query("sys_sec_RoleMembership", RoleMembership.class).eq(OidcUserMappingMetadata.USER, user).findAll().filter((v0) -> {
            return v0.isCurrent();
        }).map((v0) -> {
            return v0.getRole();
        }).map((v0) -> {
            return v0.getName();
        }).map(SidUtils::createRoleAuthority).map(SimpleGrantedAuthority::new);
        Objects.requireNonNull(linkedHashSet);
        map.forEach((v1) -> {
            r1.add(v1);
        });
        return this.grantedAuthoritiesMapper.mapAuthorities(linkedHashSet);
    }
}
