package org.zoxweb.server.shiro;

import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.logging.Logger;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.zoxweb.server.shiro.authc.DomainAuthenticationInfo;
import org.zoxweb.server.shiro.authc.DomainPrincipalCollection;
import org.zoxweb.server.shiro.authc.DomainUsernamePasswordToken;
import org.zoxweb.shared.data.shiro.LoginStatusDAO;
import org.zoxweb.shared.util.Const;
import org.zoxweb.shared.util.NVPair;
import org.zoxweb.shared.util.SharedUtil;

/* loaded from: input_file:org/zoxweb/server/shiro/ShiroProxyRealm.class */
public class ShiroProxyRealm extends AuthorizingRealm {
    private static final transient Logger log = Logger.getLogger(Const.LOGGER_NAME);
    private String proxyURL;
    private boolean permissionsLookupEnabled = false;
    private HashMap<String, LoginStatusDAO> loginMap = new HashMap<>();

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        LoginStatusDAO loginStatusDAO = this.loginMap.get(SharedUtil.toCanonicalID(':', ((DomainPrincipalCollection) principalCollection).getDomainID(), (String) getAvailablePrincipal(principalCollection)));
        HashSet hashSet = new HashSet();
        Iterator<NVPair> it = loginStatusDAO.getUserRoles().iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getValue());
        }
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(hashSet);
        if (isPermissionsLookupEnabled()) {
            HashSet hashSet2 = new HashSet();
            Iterator<NVPair> it2 = loginStatusDAO.getUserPermissions().iterator();
            while (it2.hasNext()) {
                hashSet2.add(it2.next().getValue());
            }
            simpleAuthorizationInfo.setStringPermissions(hashSet2);
        }
        return simpleAuthorizationInfo;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        if (this.proxyURL == null || !(authenticationToken instanceof DomainUsernamePasswordToken)) {
            throw new AuthenticationException("Invalid token");
        }
        String domainID = ((DomainUsernamePasswordToken) authenticationToken).getDomainID();
        String applicationID = ((DomainUsernamePasswordToken) authenticationToken).getApplicationID();
        String userID = ((DomainUsernamePasswordToken) authenticationToken).getUserID();
        try {
            String canonicalID = SharedUtil.toCanonicalID(':', domainID, authenticationToken.getPrincipal());
            this.loginMap.get(canonicalID);
            this.loginMap.put(canonicalID, ShiroProxyAuthentication.login(this.proxyURL, true, domainID, applicationID, null, (String) authenticationToken.getPrincipal(), new String((char[]) authenticationToken.getCredentials())));
            log.info("Credential info found for " + canonicalID);
            return new DomainAuthenticationInfo(authenticationToken.getPrincipal(), userID, authenticationToken.getCredentials(), getName(), domainID, applicationID);
        } catch (Exception e) {
            e.printStackTrace();
            throw new AuthenticationException(e.getMessage());
        }
    }

    public void setPermissionsLookupEnabled(boolean z) {
        this.permissionsLookupEnabled = z;
    }

    public boolean isPermissionsLookupEnabled() {
        return this.permissionsLookupEnabled;
    }

    public String getProxyURL() {
        return this.proxyURL;
    }

    public void setProxyURL(String str) {
        this.proxyURL = str;
    }
}
