package com.kerb4j.server.spring;

import com.kerb4j.client.SpnegoClient;
import com.kerb4j.server.marshall.Kerb4JException;
import com.kerb4j.server.marshall.pac.PacSid;
import com.kerb4j.server.marshall.spnego.SpnegoInitToken;
import java.util.ArrayList;
import org.apache.kerby.kerberos.kerb.KrbException;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/* loaded from: input_file:com/kerb4j/server/spring/ExtractGroupsUserDetailsService.class */
public class ExtractGroupsUserDetailsService implements AuthenticationUserDetailsService<SpnegoAuthenticationToken> {
    private SpnegoClient spnegoClient;

    public ExtractGroupsUserDetailsService() {
    }

    public ExtractGroupsUserDetailsService(SpnegoClient spnegoClient) {
        this.spnegoClient = spnegoClient;
    }

    public UserDetails loadUserDetails(SpnegoAuthenticationToken spnegoAuthenticationToken) throws UsernameNotFoundException {
        try {
            PacSid[] groupSids = new SpnegoInitToken(spnegoAuthenticationToken.getToken()).getSpnegoKerberosMechToken().getPac(spnegoAuthenticationToken.getKerberosKeys()).getLogonInfo().getGroupSids();
            ArrayList arrayList = new ArrayList(groupSids.length);
            for (PacSid pacSid : groupSids) {
                arrayList.add(new SimpleGrantedAuthority(pacSid.toHumanReadableString()));
            }
            return new User(spnegoAuthenticationToken.username(), "N/A", arrayList);
        } catch (Kerb4JException | KrbException e) {
            throw new UsernameNotFoundException("Cannot parse Spnego INIT token", e);
        }
    }

    public void setSpnegoClient(SpnegoClient spnegoClient) {
        this.spnegoClient = spnegoClient;
    }
}
