package org.craftercms.engine.util.spring.security.headers;

import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.configuration2.HierarchicalConfiguration;
import org.apache.commons.lang3.StringUtils;
import org.craftercms.core.util.cache.CacheTemplate;
import org.craftercms.engine.service.context.SiteContext;
import org.craftercms.engine.util.ConfigUtils;
import org.craftercms.engine.util.spring.security.CustomUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;

/* loaded from: input_file:org/craftercms/engine/util/spring/security/headers/StandaloneHeadersAuthenticationFilter.class */
public class StandaloneHeadersAuthenticationFilter extends AbstractHeadersAuthenticationFilter {
    private static final Logger logger = LoggerFactory.getLogger(StandaloneHeadersAuthenticationFilter.class);
    public static final String STANDALONE_CONFIG_KEY = "security.headers.standalone";
    protected final CacheTemplate cacheTemplate;

    public StandaloneHeadersAuthenticationFilter(CacheTemplate cacheTemplate) {
        super(STANDALONE_CONFIG_KEY);
        setSupportedPrincipalClass(CustomUser.class);
        this.cacheTemplate = cacheTemplate;
    }

    @Override // org.craftercms.engine.util.spring.security.headers.AbstractHeadersAuthenticationFilter
    protected Object doGetPreAuthenticatedPrincipal(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(getUsernameHeaderName());
        if (!StringUtils.isNotEmpty(header)) {
            return null;
        }
        HierarchicalConfiguration currentConfig = ConfigUtils.getCurrentConfig();
        CustomUser customUser = new CustomUser(header, header, getAuthorities(httpServletRequest, currentConfig));
        addAttributes(customUser, httpServletRequest, currentConfig);
        return customUser;
    }

    protected Collection<GrantedAuthority> getAuthorities(HttpServletRequest httpServletRequest, HierarchicalConfiguration hierarchicalConfiguration) {
        String header = httpServletRequest.getHeader(getGroupsHeaderName());
        if (StringUtils.isNotEmpty(header)) {
            Map map = (Map) this.cacheTemplate.getObject(SiteContext.getCurrent().getContext(), () -> {
                List childConfigurationsAt = hierarchicalConfiguration.childConfigurationsAt(AbstractHeadersAuthenticationFilter.HEADERS_GROUPS_CONFIG_KEY);
                if (CollectionUtils.isNotEmpty(childConfigurationsAt)) {
                    return (Map) childConfigurationsAt.stream().collect(Collectors.toMap(hierarchicalConfiguration2 -> {
                        return hierarchicalConfiguration2.getString("name");
                    }, hierarchicalConfiguration3 -> {
                        return hierarchicalConfiguration3.getString("role");
                    }));
                }
                logger.debug("No groups mapping found in site configuration");
                return Collections.emptyMap();
            }, new Object[]{"role"});
            return (Collection) Arrays.stream(header.split(",")).filter((v0) -> {
                return StringUtils.isNotEmpty(v0);
            }).map((v0) -> {
                return v0.trim();
            }).map(str -> {
                return (String) map.getOrDefault(str, str);
            }).map(SimpleGrantedAuthority::new).collect(Collectors.toSet());
        }
        logger.debug("Groups header '{}' was not present in the request", getGroupsHeaderName());
        return Collections.emptySet();
    }

    protected void addAttributes(CustomUser customUser, HttpServletRequest httpServletRequest, HierarchicalConfiguration hierarchicalConfiguration) {
        List childConfigurationsAt = hierarchicalConfiguration.childConfigurationsAt(AbstractHeadersAuthenticationFilter.HEADERS_ATTRS_CONFIG_KEY);
        if (CollectionUtils.isNotEmpty(childConfigurationsAt)) {
            childConfigurationsAt.forEach(hierarchicalConfiguration2 -> {
                String string = hierarchicalConfiguration2.getString("name");
                String string2 = hierarchicalConfiguration2.getString(AbstractHeadersAuthenticationFilter.FIELD_CONFIG_KEY);
                String header = httpServletRequest.getHeader(getHeaderPrefix() + string);
                if (!StringUtils.isNotEmpty(header)) {
                    logger.debug("Expected header '{}' was not present in the request", string);
                } else {
                    logger.debug("Adding attribute '{}' with value '{}'", string2, header);
                    customUser.setAttribute(string2, header);
                }
            });
        }
    }
}
