package org.seedstack.seed.security.internal.realms;

import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import javax.inject.Inject;
import javax.inject.Named;
import org.seedstack.seed.security.AuthenticationException;
import org.seedstack.seed.security.AuthenticationInfo;
import org.seedstack.seed.security.AuthenticationToken;
import org.seedstack.seed.security.IncorrectCredentialsException;
import org.seedstack.seed.security.Realm;
import org.seedstack.seed.security.RoleMapping;
import org.seedstack.seed.security.RolePermissionResolver;
import org.seedstack.seed.security.SecurityConfig;
import org.seedstack.seed.security.UnknownAccountException;
import org.seedstack.seed.security.UnsupportedTokenException;
import org.seedstack.seed.security.UsernamePasswordToken;
import org.seedstack.seed.security.principals.PrincipalProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/seedstack/seed/security/internal/realms/ConfigurationRealm.class */
public class ConfigurationRealm implements Realm {
    private static final Logger LOGGER = LoggerFactory.getLogger(ConfigurationRealm.class);
    private final Set<ConfigurationUser> users = new HashSet();
    private final RoleMapping roleMapping;
    private final RolePermissionResolver rolePermissionResolver;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/seedstack/seed/security/internal/realms/ConfigurationRealm$ConfigurationUser.class */
    public static class ConfigurationUser {
        private final String username;
        private final String password;
        private final Set<String> roles;

        ConfigurationUser(String str, String str2, Set<String> set) {
            this.username = str;
            this.password = str2;
            this.roles = new HashSet(set);
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            return this.username.equals(((ConfigurationUser) obj).username);
        }

        public int hashCode() {
            return this.username.hashCode();
        }
    }

    @Inject
    protected ConfigurationRealm(@Named("ConfigurationRealm-role-mapping") RoleMapping roleMapping, @Named("ConfigurationRealm-role-permission-resolver") RolePermissionResolver rolePermissionResolver, SecurityConfig securityConfig) {
        this.roleMapping = roleMapping;
        this.rolePermissionResolver = rolePermissionResolver;
        if (securityConfig.getUsers().isEmpty()) {
            LOGGER.warn("{} is enabled, but no user is defined in configuration", getClass().getSimpleName());
            return;
        }
        for (Map.Entry<String, SecurityConfig.UserConfig> entry : securityConfig.getUsers().entrySet()) {
            SecurityConfig.UserConfig value = entry.getValue();
            this.users.add(new ConfigurationUser(entry.getKey(), value.getPassword(), value.getRoles()));
        }
    }

    public Set<String> getRealmRoles(PrincipalProvider<?> principalProvider, Collection<PrincipalProvider<?>> collection) {
        ConfigurationUser findUser = findUser(principalProvider.getPrincipal().toString());
        return findUser != null ? findUser.roles : Collections.emptySet();
    }

    public AuthenticationInfo getAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        if (!(authenticationToken instanceof UsernamePasswordToken)) {
            throw new UnsupportedTokenException("ConfigurationRealm only supports UsernamePasswordToken");
        }
        UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken;
        ConfigurationUser findUser = findUser(usernamePasswordToken.getUsername());
        if (findUser == null) {
            throw new UnknownAccountException("Unknown user " + usernamePasswordToken.getUsername());
        }
        if (findUser.password.equals(new String(usernamePasswordToken.getPassword()))) {
            return new AuthenticationInfo(usernamePasswordToken.getUsername(), usernamePasswordToken.getPassword());
        }
        throw new IncorrectCredentialsException();
    }

    public RoleMapping getRoleMapping() {
        return this.roleMapping;
    }

    public RolePermissionResolver getRolePermissionResolver() {
        return this.rolePermissionResolver;
    }

    public Class<? extends AuthenticationToken> supportedToken() {
        return UsernamePasswordToken.class;
    }

    private ConfigurationUser findUser(String str) {
        for (ConfigurationUser configurationUser : this.users) {
            if (configurationUser.username.equals(str)) {
                return configurationUser;
            }
        }
        return null;
    }
}
