package org.summerclouds.common.security;

import java.util.Locale;
import java.util.UUID;
import javax.servlet.http.HttpSession;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.FilterInvocation;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.summerclouds.common.core.log.MLog;
import org.summerclouds.common.core.security.ISecurity;
import org.summerclouds.common.core.security.ISubject;
import org.summerclouds.common.core.security.ISubjectEnvironment;
import org.summerclouds.common.core.tool.MSpring;
import org.summerclouds.common.core.tool.MSystem;
import org.summerclouds.common.core.util.SingleList;
import org.summerclouds.common.security.permissions.Ace;

/* loaded from: input_file:org/summerclouds/common/security/SecurityService.class */
public class SecurityService extends MLog implements ISecurity {
    private static final String ATTR_LOCALE = "locale";
    static final FilterInvocation FILTER_INVOCATION = new FilterInvocation("/", "GET");

    @Value("${security.admin.username:admin}")
    private String adminUsername = "admin";

    public ISubject getCurrent() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            return null;
        }
        Object principal = authentication.getPrincipal();
        if (principal instanceof User) {
            return new SubjectImpl((User) principal, authentication);
        }
        return null;
    }

    public void subjectCleanup() {
        SecurityContextHolder.getContext().setAuthentication((Authentication) null);
    }

    public ISubject getSubject(String str) {
        User loadUserByUsername = ((UserDetailsService) MSpring.lookup(UserDetailsService.class)).loadUserByUsername(str);
        return new SubjectImpl(loadUserByUsername, new UsernamePasswordAuthenticationToken(loadUserByUsername, UUID.randomUUID().toString(), loadUserByUsername.getAuthorities()));
    }

    public ISubjectEnvironment asSubject(String str) {
        UserDetails loadUserByUsername = ((UserDetailsService) MSpring.lookup(UserDetailsService.class)).loadUserByUsername(str);
        return new SubjectEnvironmentImpl(new UsernamePasswordAuthenticationToken(loadUserByUsername, UUID.randomUUID().toString(), loadUserByUsername.getAuthorities()));
    }

    public ISubjectEnvironment asSubject(ISubject iSubject) {
        return new SubjectEnvironmentImpl(((SubjectImpl) iSubject).getAuthentication());
    }

    public String getAdminName() {
        return this.adminUsername;
    }

    public boolean hasPermission(Class<?> cls, String str, String str2) {
        return hasPermission(MSystem.getCanonicalClassName(cls), str, str2);
    }

    public boolean hasPermission(String str) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        try {
            ((AccessDecisionManager) MSpring.lookup(AccessDecisionManager.class)).decide(authentication, FILTER_INVOCATION, new SingleList(new ConfigAttributeImpl("ACE_" + str)));
            return true;
        } catch (AccessDeniedException e) {
            return false;
        }
    }

    public boolean hasPermission(String str, String str2, String str3) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        try {
            ((AccessDecisionManager) MSpring.lookup(AccessDecisionManager.class)).decide(authentication, FILTER_INVOCATION, new SingleList(new ConfigAttributeImpl("ACE_" + Ace.normalize(str, str2, str3))));
            return true;
        } catch (AccessDeniedException e) {
            return false;
        }
    }

    public boolean hasPermission(ISubject iSubject, Class<?> cls, String str, String str2) {
        return hasPermission(iSubject, MSystem.getCanonicalClassName(cls), str, str2);
    }

    public boolean hasPermission(ISubject iSubject, String str) {
        Authentication authentication = ((SubjectImpl) iSubject).getAuthentication();
        try {
            ((AccessDecisionManager) MSpring.lookup(AccessDecisionManager.class)).decide(authentication, FILTER_INVOCATION, new SingleList(new ConfigAttributeImpl(str)));
            return true;
        } catch (AccessDeniedException e) {
            return false;
        }
    }

    public boolean hasPermission(ISubject iSubject, String str, String str2, String str3) {
        Authentication authentication = ((SubjectImpl) iSubject).getAuthentication();
        try {
            ((AccessDecisionManager) MSpring.lookup(AccessDecisionManager.class)).decide(authentication, FILTER_INVOCATION, new SingleList(new ConfigAttributeImpl("ACE_" + Ace.normalize(str, str2, str3))));
            return true;
        } catch (AccessDeniedException e) {
            return false;
        }
    }

    public boolean hasRole(String str) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        try {
            ((AccessDecisionManager) MSpring.lookup(AccessDecisionManager.class)).decide(authentication, FILTER_INVOCATION, new SingleList(new ConfigAttributeImpl("ROLE_" + str)));
            return true;
        } catch (AccessDeniedException e) {
            return false;
        }
    }

    public boolean hasRole(ISubject iSubject, String str) {
        Authentication authentication = ((SubjectImpl) iSubject).getAuthentication();
        try {
            ((AccessDecisionManager) MSpring.lookup(AccessDecisionManager.class)).decide(authentication, FILTER_INVOCATION, new SingleList(new ConfigAttributeImpl("ROLE_" + str)));
            return true;
        } catch (AccessDeniedException e) {
            return false;
        }
    }

    public boolean isAdmin() {
        return hasPermission("*");
    }

    public boolean isAdmin(ISubject iSubject) {
        return hasPermission(iSubject, "*");
    }

    public boolean isAuthenticated() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            return false;
        }
        return authentication.isAuthenticated();
    }

    public void setLocale(Locale locale) {
        RequestContextHolder.currentRequestAttributes().getRequest().getSession(true).setAttribute(ATTR_LOCALE, locale);
    }

    public Locale getLocale() {
        Object attribute;
        HttpSession session = RequestContextHolder.currentRequestAttributes().getRequest().getSession(false);
        if (session != null && (attribute = session.getAttribute(ATTR_LOCALE)) != null) {
            if (attribute instanceof Locale) {
                return (Locale) attribute;
            }
            if (attribute instanceof String) {
                return Locale.forLanguageTag((String) attribute);
            }
        }
        return Locale.getDefault();
    }

    public Object getSessionAttribute(String str) {
        HttpSession session;
        ServletRequestAttributes currentRequestAttributes = RequestContextHolder.currentRequestAttributes();
        if (currentRequestAttributes == null || (session = currentRequestAttributes.getRequest().getSession(false)) == null) {
            return null;
        }
        return session.getAttribute(str);
    }

    public Object getSessionAttribute(String str, Object obj) {
        HttpSession session;
        Object attribute;
        ServletRequestAttributes currentRequestAttributes = RequestContextHolder.currentRequestAttributes();
        if (currentRequestAttributes != null && (session = currentRequestAttributes.getRequest().getSession(false)) != null && (attribute = session.getAttribute(str)) != null) {
            return attribute;
        }
        return obj;
    }

    public void setSessionAttribute(String str, Object obj) {
        ServletRequestAttributes currentRequestAttributes = RequestContextHolder.currentRequestAttributes();
        if (currentRequestAttributes == null) {
            return;
        }
        currentRequestAttributes.getRequest().getSession(true).setAttribute(str, obj);
    }

    public void touch() {
        ServletRequestAttributes currentRequestAttributes = RequestContextHolder.currentRequestAttributes();
        if (currentRequestAttributes == null) {
            return;
        }
        HttpSession session = currentRequestAttributes.getRequest().getSession(true);
        session.setMaxInactiveInterval(session.getMaxInactiveInterval() + ((int) (System.currentTimeMillis() - (session.getLastAccessedTime() / 1000))));
    }

    public boolean hasPermission(Class<?> cls) {
        if (cls == null) {
            return false;
        }
        return hasPermission(Class.class, "execute", MSystem.getCanonicalClassName(cls));
    }
}
