package org.openksavi.sponge.restapi.server.security.spring;

import java.util.Collection;
import java.util.stream.Collectors;
import org.apache.commons.lang3.Validate;
import org.openksavi.sponge.restapi.server.RestApiIncorrectUsernamePasswordServerException;
import org.openksavi.sponge.restapi.server.security.BaseInMemoryKnowledgeBaseProvidedSecurityService;
import org.openksavi.sponge.restapi.server.security.User;
import org.openksavi.sponge.restapi.server.security.UserAuthentication;
import org.openksavi.sponge.restapi.server.security.UserContext;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:org/openksavi/sponge/restapi/server/security/spring/SimpleSpringInMemorySecurityService.class */
public class SimpleSpringInMemorySecurityService extends BaseInMemoryKnowledgeBaseProvidedSecurityService {
    private AuthenticationManager authenticationManager = new SimpleAuthenticationManager();

    /* loaded from: input_file:org/openksavi/sponge/restapi/server/security/spring/SimpleSpringInMemorySecurityService$SimpleAuthenticationManager.class */
    class SimpleAuthenticationManager implements AuthenticationManager {
        SimpleAuthenticationManager() {
        }

        public Authentication authenticate(Authentication authentication) throws AuthenticationException {
            User verifyInMemory = SimpleSpringInMemorySecurityService.this.verifyInMemory(String.valueOf(authentication.getPrincipal()), String.valueOf(authentication.getCredentials()));
            if (verifyInMemory != null) {
                return SimpleSpringInMemorySecurityService.this.createAuthentication(verifyInMemory);
            }
            throw new BadCredentialsException("Incorrect username or password");
        }
    }

    public AuthenticationManager getAuthenticationManager() {
        return this.authenticationManager;
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    @Override // org.openksavi.sponge.restapi.server.security.RestApiSecurityService
    public UserAuthentication authenticateUser(String str, String str2) throws RestApiIncorrectUsernamePasswordServerException {
        try {
            Authentication authenticate = this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(str, str2));
            return new SimpleSpringUserAuthentication(new UserContext(str, (Collection<String>) authenticate.getAuthorities().stream().map(grantedAuthority -> {
                return grantedAuthority.getAuthority();
            }).collect(Collectors.toList())), authenticate);
        } catch (AuthenticationException e) {
            throw new RestApiIncorrectUsernamePasswordServerException("Incorrect username or password", e);
        }
    }

    @Override // org.openksavi.sponge.restapi.server.security.RestApiSecurityService
    public UserAuthentication authenticateAnonymous(User user) {
        return new SimpleSpringUserAuthentication(new UserContext(user.getName(), user.getRoles()), createAuthentication(user));
    }

    @Override // org.openksavi.sponge.restapi.server.security.RestApiSecurityService
    public void openSecurityContext(UserAuthentication userAuthentication) {
        Validate.isTrue(userAuthentication instanceof SimpleSpringUserAuthentication, "The user authentication class should extend %s", new Object[]{SimpleSpringUserAuthentication.class});
        SimpleSpringUserAuthentication simpleSpringUserAuthentication = (SimpleSpringUserAuthentication) userAuthentication;
        if (simpleSpringUserAuthentication.getAuthentication() != null) {
            SecurityContextHolder.getContext().setAuthentication(simpleSpringUserAuthentication.getAuthentication());
        }
    }

    @Override // org.openksavi.sponge.restapi.server.security.RestApiSecurityService
    public void closeSecurityContext() {
        SecurityContextHolder.getContext().setAuthentication((Authentication) null);
    }

    protected Authentication createAuthentication(User user) {
        return new UsernamePasswordAuthenticationToken(user.getName(), user.getPassword(), (Collection) user.getRoles().stream().map(str -> {
            return new SimpleGrantedAuthority(str);
        }).collect(Collectors.toList()));
    }
}
