package org.uberfire.backend.server.security;

import javax.annotation.PostConstruct;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
import org.jboss.errai.security.shared.api.identity.User;
import org.jboss.errai.security.shared.exception.AuthenticationException;
import org.jboss.errai.security.shared.service.AuthenticationService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.uberfire.commons.services.cdi.Startup;
import org.uberfire.java.nio.file.api.FileSystemProviders;
import org.uberfire.java.nio.file.spi.FileSystemProvider;
import org.uberfire.java.nio.security.FileSystemUser;
import org.uberfire.java.nio.security.SecuredFileSystemProvider;
import org.uberfire.security.authz.AuthorizationManager;

@ApplicationScoped
@Startup
/* loaded from: input_file:WEB-INF/lib/uberfire-backend-server-1.1.0.Beta2.jar:org/uberfire/backend/server/security/IOServiceSecuritySetup.class */
public class IOServiceSecuritySetup {
    public static final String AUTH_DOMAIN_KEY = "org.uberfire.domain";
    private static final Logger LOG = LoggerFactory.getLogger(IOServiceSecuritySetup.class);

    @Inject
    @IOSecurityAuth
    Instance<AuthenticationService> authenticationManagers;

    @Inject
    AuthorizationManager authorizationManager;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/uberfire-backend-server-1.1.0.Beta2.jar:org/uberfire/backend/server/security/IOServiceSecuritySetup$UserAdapter.class */
    public static class UserAdapter implements FileSystemUser {
        private final User user;

        UserAdapter(User user) {
            this.user = user;
        }

        @Override // org.uberfire.java.nio.security.FileSystemUser
        public String getName() {
            return this.user.getIdentifier();
        }

        public User getWrappedUser() {
            return this.user;
        }
    }

    @PostConstruct
    public void setup() {
        AuthenticationService authenticationService;
        if (this.authenticationManagers.isUnsatisfied()) {
            String property = System.getProperty("org.uberfire.io.auth", null);
            authenticationService = (property == null || property.toLowerCase().equals("jaas") || property.toLowerCase().equals("container")) ? new JAASAuthenticationService(System.getProperty(AUTH_DOMAIN_KEY, "ApplicationRealm")) : (AuthenticationService) loadClazz(property, AuthenticationService.class);
        } else {
            authenticationService = (AuthenticationService) this.authenticationManagers.get();
        }
        for (FileSystemProvider fileSystemProvider : FileSystemProviders.installedProviders()) {
            if (fileSystemProvider instanceof SecuredFileSystemProvider) {
                SecuredFileSystemProvider securedFileSystemProvider = (SecuredFileSystemProvider) fileSystemProvider;
                AuthenticationService authenticationService2 = authenticationService;
                securedFileSystemProvider.setAuthenticator((str, str2) -> {
                    try {
                        User login = authenticationService2.login(str, str2);
                        if (login != null) {
                            return new UserAdapter(login);
                        }
                        return null;
                    } catch (AuthenticationException e) {
                        LOG.warn("Login failed", e);
                        return null;
                    }
                });
                securedFileSystemProvider.setAuthorizer((fileSystem, fileSystemUser) -> {
                    return this.authorizationManager.authorize(new FileSystemResourceAdaptor(fileSystem), ((UserAdapter) fileSystemUser).getWrappedUser());
                });
            }
        }
    }

    private <T> T loadClazz(String str, Class<T> cls) {
        if (str == null || str.isEmpty()) {
            return null;
        }
        try {
            Class<?> cls2 = Class.forName(str);
            if (cls.isAssignableFrom(cls2)) {
                return cls.cast(cls2.newInstance());
            }
            LOG.error("Class '" + str + "' is not assignable to expected type " + cls + ". Continuing as if no class was specified.");
            return null;
        } catch (Exception e) {
            LOG.error("Failed to load class '" + str + "' as type " + cls + ". Continuing as if none was specified.", e);
            return null;
        }
    }
}
