package org.zoxweb.server.shiro;

import java.util.Set;
import java.util.logging.Logger;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.zoxweb.server.shiro.authc.DomainAuthenticationInfo;
import org.zoxweb.server.shiro.authc.DomainPrincipalCollection;
import org.zoxweb.server.shiro.authc.DomainUsernamePasswordToken;
import org.zoxweb.shared.crypto.PasswordDAO;
import org.zoxweb.shared.data.shiro.ShiroRulesManager;
import org.zoxweb.shared.util.Const;

/* loaded from: input_file:org/zoxweb/server/shiro/ShiroBaseRealm.class */
public abstract class ShiroBaseRealm extends AuthorizingRealm implements ShiroRulesManager {
    private static final transient Logger log = Logger.getLogger(Const.LOGGER_NAME);
    protected boolean permissionsLookupEnabled = false;

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        if (principalCollection == null) {
            throw new AuthorizationException("PrincipalCollection method argument cannot be null.");
        }
        log.info("PrincipalCollection class:" + principalCollection.getClass());
        if (!(principalCollection instanceof DomainPrincipalCollection)) {
            throw new AuthorizationException("Not a domain info");
        }
        String str = (String) getAvailablePrincipal(principalCollection);
        String domainID = ((DomainPrincipalCollection) principalCollection).getDomainID();
        Set<String> userRoles = getUserRoles(domainID, str);
        Set<String> set = null;
        if (isPermissionsLookupEnabled()) {
            set = getUserPermissions(domainID, str, userRoles);
        }
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(userRoles);
        simpleAuthorizationInfo.setStringPermissions(set);
        return simpleAuthorizationInfo;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        if (!(authenticationToken instanceof DomainUsernamePasswordToken)) {
            throw new AuthenticationException("Not a domain info");
        }
        log.info("Domain based authentication");
        DomainUsernamePasswordToken domainUsernamePasswordToken = (DomainUsernamePasswordToken) authenticationToken;
        String username = domainUsernamePasswordToken.getUsername();
        String domainID = domainUsernamePasswordToken.getDomainID();
        String userID = domainUsernamePasswordToken.getUserID();
        log.info(domainID + ":" + username);
        if (username == null) {
            throw new AccountException("Null usernames are not allowed by this realm.");
        }
        PasswordDAO userPassword = getUserPassword(domainID, username);
        if (userPassword == null) {
            throw new UnknownAccountException("No account found for user [" + userID + "]");
        }
        return new DomainAuthenticationInfo(username, userID, userPassword, getName(), domainID, null);
    }

    protected abstract PasswordDAO getUserPassword(String str, String str2);

    protected abstract Set<String> getUserRoles(String str, String str2);

    protected abstract Set<String> getUserPermissions(String str, String str2, Set<String> set);

    public boolean isPermissionsLookupEnabled() {
        return this.permissionsLookupEnabled;
    }

    public void setPermissionsLookupEnabled(boolean z) {
        this.permissionsLookupEnabled = z;
    }
}
