package com.addc.server.commons.security;

import com.addc.commons.Constants;
import com.addc.commons.cache.ExpiringCache;
import com.addc.sas.security.AuthenticatorOperations;
import org.omg.GSSUP.InitialContextToken;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:com/addc/server/commons/security/AuthenticatorImpl.class */
public class AuthenticatorImpl implements AuthenticatorOperations {
    private static final long SESSION_DURATION = 1200000;
    private static final long FLUSH_PERIOD = 300000;
    private static final Logger LOGGER = LoggerFactory.getLogger(AuthenticatorImpl.class);
    private final AuthenticationProvider authenticationProvider;
    private final ExpiringCache<Authentication> authenticatedPrincipals;
    private final AuthorizationProvider authorizationProvider;

    public AuthenticatorImpl(AuthenticationProvider authenticationProvider) {
        this(authenticationProvider, null);
    }

    public AuthenticatorImpl(AuthenticationProvider authenticationProvider, AuthorizationProvider authorizationProvider) {
        this.authenticationProvider = authenticationProvider;
        this.authorizationProvider = authorizationProvider;
        this.authenticatedPrincipals = new ExpiringCache<>(SESSION_DURATION, FLUSH_PERIOD);
    }

    public boolean authenticate(InitialContextToken initialContextToken) {
        Authentication fromInitialContext = fromInitialContext(initialContextToken);
        boolean z = false;
        Authentication authentication = (Authentication) this.authenticatedPrincipals.get(fromInitialContext.getName());
        if (authentication == null) {
            try {
                Authentication authenticate = this.authenticationProvider.authenticate(fromInitialContext);
                this.authenticatedPrincipals.put(authenticate.getName(), authenticate);
                SecurityContextHolder.getContext().setAuthentication(authenticate);
                z = true;
            } catch (AuthenticationException e) {
                LOGGER.error("Failed to authenticate {}", fromInitialContext.getPrincipal(), e);
            }
        } else {
            LOGGER.debug("Recovered user {} with permissions {}", authentication.getName(), authentication.getAuthorities());
            SecurityContextHolder.getContext().setAuthentication(authentication);
            z = true;
        }
        return z;
    }

    public void resetCache() {
        this.authenticatedPrincipals.clear();
    }

    public boolean authorize(String str, String str2) {
        LOGGER.debug("Authorize current user for {}/{}", str, str2);
        if (this.authorizationProvider == null) {
            return true;
        }
        return this.authorizationProvider.isAuthorized(SecurityContextHolder.getContext().getAuthentication(), str, str2);
    }

    private Authentication fromInitialContext(InitialContextToken initialContextToken) {
        String str = new String(initialContextToken.username, Constants.UTF8);
        String str2 = new String(initialContextToken.password, Constants.UTF8);
        LOGGER.debug("Received InitialContext user: {}, pass: {}, target: {}", new Object[]{str, str2, new String(initialContextToken.target_name, Constants.UTF8)});
        return new UsernamePasswordAuthenticationToken(str, str2);
    }
}
