package edu.kit.datamanager.security.filter;

import com.fasterxml.jackson.databind.ObjectMapper;
import edu.kit.datamanager.entities.RepoUserRole;
import edu.kit.datamanager.exceptions.InvalidAuthenticationException;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.commons.collections4.MapUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;

/* loaded from: input_file:edu/kit/datamanager/security/filter/JwtAuthenticationToken.class */
public abstract class JwtAuthenticationToken extends AbstractAuthenticationToken {
    private static final Logger LOGGER = LoggerFactory.getLogger(JwtAuthenticationToken.class);
    public static final String PRINCIPALNAME_CLAIM = "principalname";
    public static final String PERMISSIONS_CLAIM = "permissions";
    public static final String SERVICENAME_CLAIM = "servicename";
    public static final String SOURCES_CLAIM = "sources";
    public static final String USERNAME_CLAIM = "username";
    public static final String FIRSTNAME_CLAIM = "firstname";
    public static final String LASTNAME_CLAIM = "lastname";
    public static final String EMAIL_CLAIM = "email";
    public static final String GROUPS_CLAIM = "groups";
    public static final String TOKENTYPE_CLAIM = "tokenType";
    public static final String ROLES_CLAIM = "roles";
    public static final String NOT_AVAILABLE = "N/A";
    private String principalName;
    private List<String> groups;
    private final String token;

    /* loaded from: input_file:edu/kit/datamanager/security/filter/JwtAuthenticationToken$TOKEN_TYPE.class */
    public enum TOKEN_TYPE {
        USER,
        SERVICE,
        TEMPORARY,
        UNSUPPORTED;

        public static TOKEN_TYPE fromString(String str) {
            TOKEN_TYPE token_type = USER;
            if (str != null) {
                try {
                    token_type = valueOf(str);
                } catch (IllegalArgumentException e) {
                    token_type = UNSUPPORTED;
                }
            }
            return token_type;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public JwtAuthenticationToken(String str) {
        super(AuthorityUtils.NO_AUTHORITIES);
        this.token = str;
    }

    public JwtAuthenticationToken(String str, Collection<? extends GrantedAuthority> collection) {
        super(collection);
        this.token = str;
    }

    public static JwtAuthenticationToken factoryToken(String str) {
        return new JwtEmptyToken(str);
    }

    public static JwtAuthenticationToken factoryToken(String str, Map<String, Object> map) {
        JwtAuthenticationToken jwtTemporaryToken;
        String string = MapUtils.getString(map, TOKENTYPE_CLAIM);
        String string2 = MapUtils.getString(map, ROLES_CLAIM);
        HashSet hashSet = new HashSet();
        if (string2 == null) {
            LOGGER.warn("No 'roles' claim found in JWT " + map + ". Using ROLE_GUEST as default.");
        } else {
            try {
                hashSet.addAll(Arrays.asList((String[]) new ObjectMapper().readValue(string2, String[].class)));
            } catch (IOException e) {
                LOGGER.warn("Unable to deserialize 'roles' claim from JWT. Using ROLE_GUEST as default.");
            }
        }
        if (hashSet.isEmpty()) {
            hashSet.add(RepoUserRole.GUEST.getValue());
        }
        List<SimpleGrantedAuthority> grantedAuthorities = grantedAuthorities(new HashSet(hashSet));
        switch (TOKEN_TYPE.fromString(string)) {
            case USER:
                jwtTemporaryToken = new JwtUserToken(str, grantedAuthorities);
                break;
            case SERVICE:
                jwtTemporaryToken = new JwtServiceToken(str, grantedAuthorities);
                break;
            case TEMPORARY:
                jwtTemporaryToken = new JwtTemporaryToken(str, grantedAuthorities);
                break;
            default:
                throw new InvalidAuthenticationException("JWTokens of type " + string + " are currently not supported.");
        }
        for (String str2 : jwtTemporaryToken.getSupportedClaims()) {
            Object object = MapUtils.getObject(map, str2);
            Class classForClaim = jwtTemporaryToken.getClassForClaim(str2);
            if (object != null && !classForClaim.isInstance(object)) {
                throw new InvalidAuthenticationException("Claim " + str2 + " is invalid. Expected type " + classForClaim);
            }
            jwtTemporaryToken.setValueFromClaim(str2, object);
        }
        jwtTemporaryToken.validateToken();
        jwtTemporaryToken.setAuthenticated(true);
        return jwtTemporaryToken;
    }

    public static List<SimpleGrantedAuthority> grantedAuthorities(Set<String> set) {
        return null == set ? new ArrayList() : (List) set.stream().map((v0) -> {
            return v0.toString();
        }).map(SimpleGrantedAuthority::new).collect(Collectors.toList());
    }

    public abstract String[] getSupportedClaims();

    public abstract Class getClassForClaim(String str);

    public abstract void setValueFromClaim(String str, Object obj);

    public void validateToken() {
        if (getPrincipal() == null) {
            throw new InvalidAuthenticationException("Token validatation failed. No principal assigned.");
        }
        validate();
    }

    public abstract void validate() throws InvalidAuthenticationException;

    public abstract TOKEN_TYPE getTokenType();

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setPrincipalName(String str) {
        this.principalName = str;
    }

    public Object getCredentials() {
        return NOT_AVAILABLE;
    }

    public final Object getPrincipal() {
        return this.principalName;
    }

    public final String getToken() {
        return this.token;
    }

    public List<String> getGroups() {
        if (this.groups == null) {
            this.groups = new ArrayList();
        }
        return this.groups;
    }

    public void setGroups(List<String> list) {
        this.groups = new ArrayList();
        if (list != null) {
            this.groups.addAll(list);
        }
    }

    @Deprecated
    public void setGroupId(String str) {
        setGroups(Arrays.asList(str));
    }

    @Deprecated
    public String getGroupId() {
        String str = null;
        if (this.groups != null && !this.groups.isEmpty()) {
            str = this.groups.get(0);
        }
        return str;
    }

    public final void setAuthenticated(boolean z) {
        super.setAuthenticated(z);
    }
}
