package com.alibaba.nacos.plugin.auth.impl;

import com.alibaba.nacos.plugin.auth.api.IdentityContext;
import com.alibaba.nacos.plugin.auth.api.Permission;
import com.alibaba.nacos.plugin.auth.api.Resource;
import com.alibaba.nacos.plugin.auth.constant.ActionTypes;
import com.alibaba.nacos.plugin.auth.exception.AccessException;
import com.alibaba.nacos.plugin.auth.impl.constant.AuthConstants;
import com.alibaba.nacos.plugin.auth.impl.users.NacosUser;
import com.alibaba.nacos.plugin.auth.impl.users.User;
import com.alibaba.nacos.plugin.auth.spi.server.AuthPluginService;
import com.alibaba.nacos.sys.utils.ApplicationUtils;
import java.util.Collection;
import java.util.LinkedList;
import java.util.List;

/* loaded from: input_file:com/alibaba/nacos/plugin/auth/impl/NacosAuthPluginService.class */
public class NacosAuthPluginService implements AuthPluginService {
    private static final String USER_IDENTITY_PARAM_KEY = "user";
    private static final List<String> IDENTITY_NAMES = new LinkedList<String>() { // from class: com.alibaba.nacos.plugin.auth.impl.NacosAuthPluginService.1
        {
            add(AuthConstants.AUTHORIZATION_HEADER);
            add("accessToken");
            add(AuthConstants.PARAM_USERNAME);
            add(AuthConstants.PARAM_PASSWORD);
        }
    };
    private NacosAuthManager nacosAuthManager;

    public Collection<String> identityNames() {
        return IDENTITY_NAMES;
    }

    public boolean enableAuth(ActionTypes actionTypes, String str) {
        return true;
    }

    public boolean validateIdentity(IdentityContext identityContext, Resource resource) throws AccessException {
        checkNacosAuthManager();
        User login = this.nacosAuthManager.login(identityContext);
        identityContext.setParameter(USER_IDENTITY_PARAM_KEY, login);
        identityContext.setParameter("identity_id", login.getUserName());
        return true;
    }

    public Boolean validateAuthority(IdentityContext identityContext, Permission permission) throws AccessException {
        this.nacosAuthManager.auth(permission, (NacosUser) identityContext.getParameter(USER_IDENTITY_PARAM_KEY));
        return true;
    }

    public String getAuthServiceName() {
        return AuthConstants.AUTH_PLUGIN_TYPE;
    }

    private void checkNacosAuthManager() {
        if (null == this.nacosAuthManager) {
            this.nacosAuthManager = (NacosAuthManager) ApplicationUtils.getBean(NacosAuthManager.class);
        }
    }
}
