package org.teiid.spring.identity;

import java.util.Iterator;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.teiid.security.Credentials;
import org.teiid.security.GSSResult;
import org.teiid.security.SecurityHelper;

/* loaded from: input_file:BOOT-INF/lib/teiid-spring-boot-starter-1.0.3.jar:org/teiid/spring/identity/SpringSecurityHelper.class */
public class SpringSecurityHelper implements SecurityHelper {
    private static ThreadLocal<TeiidSecurityContext> securityContext = new ThreadLocal<>();
    private static final Log logger = LogFactory.getLog((Class<?>) SpringSecurityHelper.class);

    @Override // org.teiid.security.SecurityHelper
    public TeiidSecurityContext associateSecurityContext(Object obj) {
        TeiidSecurityContext teiidSecurityContext = securityContext.get();
        if (obj != teiidSecurityContext) {
            securityContext.set((TeiidSecurityContext) obj);
        }
        return teiidSecurityContext;
    }

    @Override // org.teiid.security.SecurityHelper
    public void clearSecurityContext() {
        securityContext.remove();
    }

    @Override // org.teiid.security.SecurityHelper
    public TeiidSecurityContext getSecurityContext() {
        return securityContext.get();
    }

    @Override // org.teiid.security.SecurityHelper
    public Subject getSubjectInContext(String str) {
        TeiidSecurityContext teiidSecurityContext = securityContext.get();
        if (teiidSecurityContext == null || !teiidSecurityContext.getSecurityDomain().equals(str)) {
            return null;
        }
        return getSubjectInContext(teiidSecurityContext);
    }

    @Override // org.teiid.security.SecurityHelper
    public Subject getSubjectInContext(Object obj) {
        if (obj instanceof TeiidSecurityContext) {
            return ((TeiidSecurityContext) obj).getSubject();
        }
        return null;
    }

    @Override // org.teiid.security.SecurityHelper
    public Object authenticate(String str, String str2, Credentials credentials, String str3) throws LoginException {
        Subject subject;
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || (authentication instanceof AnonymousAuthenticationToken)) {
            subject = new Subject();
            subject.getPrincipals().add(new SimplePrincipal(str2));
        } else {
            subject = buildSubject(authentication);
            str2 = authentication.getName();
        }
        if (logger.isTraceEnabled()) {
            logger.trace("Logged in user: " + subject);
        }
        TeiidSecurityContext teiidSecurityContext = new TeiidSecurityContext(subject, str2, str);
        associateSecurityContext((Object) teiidSecurityContext);
        return teiidSecurityContext;
    }

    @Override // org.teiid.security.SecurityHelper
    public GSSResult negotiateGssLogin(String str, byte[] bArr) throws LoginException {
        return null;
    }

    private Subject buildSubject(Authentication authentication) {
        Subject subject = new Subject();
        subject.getPrincipals().add(new SimplePrincipal(authentication == null ? "anonymous" : authentication.getName()));
        if (authentication != null) {
            SimpleGroup simpleGroup = new SimpleGroup("Roles");
            Iterator<? extends GrantedAuthority> it = authentication.getAuthorities().iterator();
            while (it.hasNext()) {
                String authority = it.next().getAuthority();
                if (authority.startsWith("ROLE_")) {
                    simpleGroup.addMember(new SimplePrincipal(authority.substring(5)));
                }
            }
            subject.getPrincipals().add(simpleGroup);
        }
        return subject;
    }
}
