package org.wildfly.extension.camel.security;

import java.security.Principal;
import java.security.acl.Group;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Set;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.wildfly.extension.camel.security.LoginContextBuilder;

/* loaded from: input_file:org/wildfly/extension/camel/security/DomainAuthenticationManager.class */
public class DomainAuthenticationManager implements AuthenticationManager {
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (!(authentication instanceof UsernamePasswordAuthenticationToken)) {
            throw new BadCredentialsException("Unsupported authentication type: " + authentication);
        }
        LoginContextBuilder loginContextBuilder = new LoginContextBuilder(LoginContextBuilder.Type.AUTHENTICATION);
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = (UsernamePasswordAuthenticationToken) authentication;
        Object details = authentication.getDetails();
        loginContextBuilder.domain(details instanceof String ? (String) details : "other");
        Object principal = usernamePasswordAuthenticationToken.getPrincipal();
        if (!(principal instanceof String)) {
            throw new UsernameNotFoundException("Unsupported principal: " + principal);
        }
        loginContextBuilder.username((String) principal);
        Object credentials = usernamePasswordAuthenticationToken.getCredentials();
        if (!(credentials instanceof char[])) {
            throw new BadCredentialsException("Unsupported credentials: " + credentials);
        }
        loginContextBuilder.password((char[]) credentials);
        try {
            LoginContext build = loginContextBuilder.build();
            try {
                build.login();
                HashSet hashSet = new HashSet();
                Set<Group> principals = build.getSubject().getPrincipals(Group.class);
                if (principals != null) {
                    for (Group group : principals) {
                        if ("Roles".equals(group.getName())) {
                            Enumeration<? extends Principal> members = group.members();
                            while (members.hasMoreElements()) {
                                hashSet.add(new SimpleGrantedAuthority(members.nextElement().getName()));
                            }
                        }
                    }
                }
                UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken2 = new UsernamePasswordAuthenticationToken(principal, credentials, hashSet);
                usernamePasswordAuthenticationToken2.setDetails(details);
                return usernamePasswordAuthenticationToken2;
            } catch (LoginException e) {
                throw new AuthenticationServiceException("Password invalid/Password required", e);
            }
        } catch (LoginException e2) {
            throw new AuthenticationServiceException("Cannot build login context", e2);
        }
    }
}
