package de.mhus.lib.core.aaa;

import de.mhus.lib.core.M;
import de.mhus.lib.core.MSystem;
import de.mhus.lib.core.cfg.CfgString;
import de.mhus.lib.core.logging.Log;
import de.mhus.lib.form.definition.IFmElement;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.BearerToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

/* loaded from: input_file:de/mhus/lib/core/aaa/AbstractRealm.class */
public abstract class AbstractRealm extends AuthorizingRealm implements BearerRealm {
    protected M.DEBUG debugPermissions;
    protected final Log log = Log.getLog(getClass());
    private CfgString CFG_DEBUG_PERMISSIONS = (CfgString) new CfgString(getClass(), "debugPermissions", "yes").updateAction(str -> {
        boolean z = -1;
        switch (str.hashCode()) {
            case 119527:
                if (str.equals("yes")) {
                    z = 2;
                    break;
                }
                break;
            case 3569038:
                if (str.equals(IFmElement.TRUE)) {
                    z = true;
                    break;
                }
                break;
            case 110620997:
                if (str.equals("trace")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
            case true:
                setDebugPermissions(M.DEBUG.TRACE);
                return;
            case true:
                setDebugPermissions(M.DEBUG.YES);
                return;
            default:
                setDebugPermissions(M.DEBUG.NO);
                return;
        }
    }).doUpdateAction();

    public boolean supports(AuthenticationToken authenticationToken) {
        if (authenticationToken == null || !((authenticationToken instanceof TrustedToken) || (authenticationToken instanceof BearerToken))) {
            return super.supports(authenticationToken);
        }
        return true;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        String str = null;
        if (authenticationToken instanceof UsernamePasswordToken) {
            str = ((UsernamePasswordToken) authenticationToken).getUsername();
        } else if (authenticationToken instanceof BearerToken) {
            str = ((JwtProvider) M.l(JwtProvider.class)).readToken(((BearerToken) authenticationToken).getToken()).getSubject();
        } else if (authenticationToken instanceof TrustedToken) {
            str = (String) ((TrustedToken) authenticationToken).getPrincipal();
            if (str.equals(Aaa.USER_GUEST.value())) {
                return Aaa.ACCOUNT_GUEST;
            }
            if (!((TrustedToken) authenticationToken).hasAccess(this.debugPermissions)) {
                if (this.debugPermissions != M.DEBUG.NO) {
                    this.log.i("TrustedToken access denied (3)", new Object[0]);
                }
                throw new AuthenticationException(Aaa.getPrincipal() + ": TrustedToken access denied (3)");
            }
            if (this.debugPermissions != M.DEBUG.NO) {
                this.log.i("TrustedToken access granted", Aaa.getPrincipal(), str);
            }
            if (this.debugPermissions == M.DEBUG.TRACE) {
                this.log.d(MSystem.currentStackTrace(str), new Object[0]);
            }
        }
        if (str == null) {
            throw new AuthenticationException(Aaa.getPrincipal() + ": User or Token not found");
        }
        return doGetAuthenticationInfo(str, authenticationToken);
    }

    protected abstract AuthenticationInfo doGetAuthenticationInfo(String str, AuthenticationToken authenticationToken);

    /* JADX INFO: Access modifiers changed from: protected */
    public String getUsername(PrincipalCollection principalCollection) {
        return getAvailablePrincipal(principalCollection).toString();
    }

    public M.DEBUG getDebugPermissions() {
        return this.debugPermissions;
    }

    public void setDebugPermissions(M.DEBUG debug) {
        this.debugPermissions = debug;
    }
}
