package org.seedstack.seed.security.internal;

import com.google.common.collect.Lists;
import io.nuun.kernel.api.plugin.InitState;
import io.nuun.kernel.api.plugin.context.InitContext;
import io.nuun.kernel.api.plugin.request.BindingRequest;
import io.nuun.kernel.api.plugin.request.ClasspathScanRequest;
import io.nuun.kernel.api.plugin.request.ClasspathScanRequestBuilder;
import io.nuun.kernel.core.AbstractPlugin;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.ServiceLoader;
import org.apache.commons.configuration.Configuration;
import org.seedstack.seed.SeedException;
import org.seedstack.seed.core.internal.application.ApplicationPlugin;
import org.seedstack.seed.core.spi.configuration.ConfigurationProvider;
import org.seedstack.seed.core.utils.SeedReflectionUtils;
import org.seedstack.seed.el.internal.ELPlugin;
import org.seedstack.seed.security.PrincipalCustomizer;
import org.seedstack.seed.security.Realm;
import org.seedstack.seed.security.RoleMapping;
import org.seedstack.seed.security.RolePermissionResolver;
import org.seedstack.seed.security.Scope;
import org.seedstack.seed.security.spi.SecurityErrorCodes;
import org.seedstack.seed.security.spi.SecurityScope;
import org.seedstack.seed.security.spi.data.DataObfuscationHandler;
import org.seedstack.seed.security.spi.data.DataSecurityHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/seedstack/seed/security/internal/SecurityPlugin.class */
public class SecurityPlugin extends AbstractPlugin {
    private static final Logger LOGGER = LoggerFactory.getLogger(SecurityPlugin.class);
    public static final String SECURITY_PREFIX = "org.seedstack.seed.security";
    private final Collection<SecurityProvider> securityProviders = new ArrayList();
    private final Map<String, Class<? extends Scope>> scopeClasses = new HashMap();
    private Configuration securityConfiguration;
    private Map<Class<?>, Collection<Class<?>>> scannedClasses;
    private Collection<Class<? extends DataSecurityHandler<?>>> dataSecurityHandlers;
    private Collection<Class<? extends PrincipalCustomizer<?>>> principalCustomizerClasses;
    private boolean elDisabled;

    public SecurityPlugin() {
        Iterator it = ServiceLoader.load(SecurityProvider.class, SeedReflectionUtils.findMostCompleteClassLoader(SecurityPlugin.class)).iterator();
        while (it.hasNext()) {
            this.securityProviders.add((SecurityProvider) it.next());
        }
    }

    public String name() {
        return "security";
    }

    /* JADX WARN: Multi-variable type inference failed */
    public InitState init(InitContext initContext) {
        this.securityConfiguration = ((ConfigurationProvider) initContext.dependency(ConfigurationProvider.class)).getConfiguration().subset(SECURITY_PREFIX);
        this.elDisabled = ((ELPlugin) initContext.dependency(ELPlugin.class)).isDisabled();
        this.scannedClasses = initContext.scannedSubTypesByAncestorClass();
        this.principalCustomizerClasses = (Collection) this.scannedClasses.get(PrincipalCustomizer.class);
        this.dataSecurityHandlers = (Collection) this.scannedClasses.get(DataSecurityHandler.class);
        Collection<Class<?>> collection = this.scannedClasses.get(Scope.class);
        if (collection != null) {
            for (Class<?> cls : collection) {
                if (Scope.class.isAssignableFrom(cls)) {
                    SecurityScope annotation = cls.getAnnotation(SecurityScope.class);
                    String value = annotation != null ? annotation.value() : cls.getSimpleName();
                    try {
                        cls.getConstructor(String.class);
                        if (this.scopeClasses.containsKey(value)) {
                            throw SeedException.createNew(SecurityErrorCodes.DUPLICATE_SCOPE_NAME).put("scopeName", value);
                        }
                        this.scopeClasses.put(value, cls);
                    } catch (NoSuchMethodException e) {
                        throw SeedException.wrap(e, SecurityErrorCodes.MISSING_ADEQUATE_SCOPE_CONSTRUCTOR).put("scopeName", value);
                    }
                }
            }
        }
        for (SecurityProvider securityProvider : this.securityProviders) {
            LOGGER.debug("Initializing security provider {}", securityProvider.getClass().getCanonicalName());
            securityProvider.init(initContext);
        }
        if (this.elDisabled) {
            LOGGER.warn("No Java EL support, data security is disabled");
        }
        return InitState.INITIALIZED;
    }

    public void provideContainerContext(Object obj) {
        Iterator<SecurityProvider> it = this.securityProviders.iterator();
        while (it.hasNext()) {
            it.next().provideContainerContext(obj);
        }
    }

    public Collection<Class<?>> requiredPlugins() {
        return Lists.newArrayList(new Class[]{ApplicationPlugin.class, ConfigurationProvider.class, ELPlugin.class});
    }

    public Object nativeUnitModule() {
        return new SecurityModule(new SecurityConfigurer(this.securityConfiguration, this.scannedClasses, this.principalCustomizerClasses), this.scopeClasses, this.dataSecurityHandlers, this.elDisabled, this.securityProviders);
    }

    public Collection<ClasspathScanRequest> classpathScanRequests() {
        ClasspathScanRequestBuilder descendentTypeOf = classpathScanRequestBuilder().descendentTypeOf(Realm.class).descendentTypeOf(RoleMapping.class).descendentTypeOf(RolePermissionResolver.class).descendentTypeOf(Scope.class).descendentTypeOf(DataSecurityHandler.class).descendentTypeOf(PrincipalCustomizer.class);
        Iterator<SecurityProvider> it = this.securityProviders.iterator();
        while (it.hasNext()) {
            it.next().classpathScanRequests(descendentTypeOf);
        }
        return descendentTypeOf.build();
    }

    public Collection<BindingRequest> bindingRequests() {
        return (Collection) bindingRequestsBuilder().descendentTypeOf(DataObfuscationHandler.class).build();
    }
}
