package io.robe.auth.tokenbased;

import com.google.common.base.Optional;
import io.dropwizard.auth.AuthenticationException;
import io.dropwizard.auth.Authenticator;
import io.robe.auth.data.entry.PermissionEntry;
import io.robe.auth.data.entry.RoleEntry;
import io.robe.auth.data.entry.ServiceEntry;
import io.robe.auth.data.entry.UserEntry;
import io.robe.auth.data.store.ServiceStore;
import io.robe.auth.data.store.UserStore;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/robe/auth/tokenbased/TokenBasedAuthenticator.class */
public class TokenBasedAuthenticator implements Authenticator<String, Token> {
    private static final Logger LOGGER = LoggerFactory.getLogger(TokenBasedAuthenticator.class);
    private final ServiceStore serviceStore;
    private final UserStore userStore;

    public TokenBasedAuthenticator(UserStore userStore, ServiceStore serviceStore) {
        this.userStore = userStore;
        this.serviceStore = serviceStore;
    }

    public Optional<Token> authenticate(String str) throws AuthenticationException {
        Token createToken;
        Optional<? extends UserEntry> findByUsername;
        LOGGER.debug("Authenticating from database:  " + str);
        try {
            createToken = TokenFactory.getInstance().createToken(str);
            findByUsername = this.userStore.findByUsername(createToken.getUsername());
        } catch (Exception e) {
            LOGGER.error(str, e);
        }
        if (!findByUsername.isPresent()) {
            LOGGER.warn("User is not available: " + str);
            return Optional.absent();
        }
        if (((UserEntry) findByUsername.get()).isActive()) {
            if (createToken.getPermissions() == null) {
                LOGGER.debug("Loading Permissions from DB: " + str);
                HashSet hashSet = new HashSet();
                HashSet hashSet2 = new HashSet();
                getAllRolePermissions(((UserEntry) findByUsername.get()).getRole(), hashSet2);
                for (PermissionEntry permissionEntry : hashSet2) {
                    if (permissionEntry.getType().equals(PermissionEntry.Type.SERVICE)) {
                        Optional<? extends ServiceEntry> findByCode = this.serviceStore.findByCode(permissionEntry.getRestrictedItemId());
                        if (findByCode.isPresent()) {
                            hashSet.add(((ServiceEntry) findByCode.get()).getPath() + ":" + ((ServiceEntry) findByCode.get()).getMethod());
                        }
                    }
                }
                createToken.setPermissions(Collections.unmodifiableSet(hashSet));
            } else {
                LOGGER.debug("Loading Permissions from Cache: " + str);
            }
            TokenFactory.setCurrentLoginToken(createToken);
            return Optional.fromNullable(createToken);
        }
        return Optional.absent();
    }

    private void getAllRolePermissions(RoleEntry roleEntry, Set<PermissionEntry> set) {
        set.addAll(roleEntry.getPermissions());
        Iterator<? extends RoleEntry> it = roleEntry.getRoles().iterator();
        while (it.hasNext()) {
            getAllRolePermissions(it.next(), set);
        }
    }
}
