package org.apereo.cas.web.flow;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.ArrayList;
import lombok.Generated;
import org.apereo.cas.authentication.MultifactorAuthenticationPrincipalResolver;
import org.apereo.cas.authentication.principal.Principal;
import org.apereo.cas.util.spring.SecurityContextUtils;
import org.apereo.cas.web.flow.actions.BaseCasWebflowAction;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.core.annotation.AnnotationAwareOrderComparator;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-actions-core-7.3.0-RC2.jar:org/apereo/cas/web/flow/PopulateSpringSecurityContextAction.class */
public class PopulateSpringSecurityContextAction extends BaseCasWebflowAction {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) PopulateSpringSecurityContextAction.class);
    private final ObjectProvider<SecurityContextRepository> securityContextRepository;

    @Override // org.apereo.cas.web.flow.actions.BaseCasWebflowAction
    protected Event doExecuteInternal(RequestContext requestContext) {
        HttpServletRequest httpServletRequestFromExternalWebflowContext = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
        HttpServletResponse httpServletResponseFromExternalWebflowContext = WebUtils.getHttpServletResponseFromExternalWebflowContext(requestContext);
        SecurityContext buildAuthenticationContext = buildAuthenticationContext(requestContext);
        this.securityContextRepository.ifAvailable(securityContextRepository -> {
            securityContextRepository.saveContext(buildAuthenticationContext, httpServletRequestFromExternalWebflowContext, httpServletResponseFromExternalWebflowContext);
        });
        SecurityContextHolder.setContext(buildAuthenticationContext);
        return null;
    }

    protected SecurityContext buildAuthenticationContext(RequestContext requestContext) {
        return SecurityContextUtils.createSecurityContext(resolvePrincipal(WebUtils.getAuthentication(requestContext).getPrincipal(), requestContext), WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext));
    }

    protected Principal resolvePrincipal(Principal principal, RequestContext requestContext) {
        ArrayList arrayList = new ArrayList(requestContext.getActiveFlow().getApplicationContext().getBeansOfType(MultifactorAuthenticationPrincipalResolver.class).values());
        AnnotationAwareOrderComparator.sort(arrayList);
        return (Principal) arrayList.stream().filter(multifactorAuthenticationPrincipalResolver -> {
            return multifactorAuthenticationPrincipalResolver.supports(principal);
        }).findFirst().map(multifactorAuthenticationPrincipalResolver2 -> {
            return multifactorAuthenticationPrincipalResolver2.resolve(principal);
        }).orElse(principal);
    }

    @Generated
    public PopulateSpringSecurityContextAction(ObjectProvider<SecurityContextRepository> objectProvider) {
        this.securityContextRepository = objectProvider;
    }
}
