package ca.nrc.cadc.web;

import ca.nrc.cadc.accesscontrol.AccessControlUtil;
import ca.nrc.cadc.auth.AuthMethod;
import ca.nrc.cadc.auth.AuthenticationUtil;
import ca.nrc.cadc.auth.PrincipalExtractor;
import ca.nrc.cadc.auth.SSOCookieCredential;
import ca.nrc.cadc.net.NetUtil;
import java.io.IOException;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.security.auth.Subject;

/* loaded from: input_file:ca/nrc/cadc/web/SubjectGenerator.class */
public class SubjectGenerator {
    private final AccessControlUtil accessControlUtil;

    public SubjectGenerator(AccessControlUtil accessControlUtil) {
        this.accessControlUtil = accessControlUtil;
    }

    public SubjectGenerator() {
        this(new AccessControlUtil());
    }

    public final Subject generate(PrincipalExtractor principalExtractor) throws IOException {
        Subject subject = AuthenticationUtil.getSubject(principalExtractor);
        Set publicCredentials = subject.getPublicCredentials(SSOCookieCredential.class);
        SSOCookieCredential sSOCookieCredential = publicCredentials.isEmpty() ? null : ((SSOCookieCredential[]) publicCredentials.toArray(new SSOCookieCredential[0]))[0];
        if (sSOCookieCredential != null) {
            HashSet hashSet = new HashSet();
            Iterator<String> it = this.accessControlUtil.getSSOServers().iterator();
            while (it.hasNext()) {
                hashSet.add(new SSOCookieCredential(sSOCookieCredential.getSsoCookieValue(), NetUtil.getDomainName(it.next())));
                hashSet.add(AuthMethod.COOKIE);
            }
            subject.getPublicCredentials().addAll(hashSet);
        }
        return subject;
    }
}
