package org.flowable.ui.idm.security;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.flowable.idm.api.Group;
import org.flowable.idm.api.IdmIdentityService;
import org.flowable.idm.api.Privilege;
import org.flowable.idm.api.User;
import org.flowable.spring.boot.ldap.FlowableLdapProperties;
import org.flowable.ui.common.security.SecurityUtils;
import org.flowable.ui.common.service.idm.cache.UserCache;
import org.flowable.ui.idm.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.transaction.annotation.Transactional;

/* loaded from: input_file:org/flowable/ui/idm/security/UserDetailsService.class */
public class UserDetailsService implements org.springframework.security.core.userdetails.UserDetailsService {

    @Autowired
    protected UserCache userCache;

    @Autowired
    protected IdmIdentityService identityService;

    @Autowired
    protected UserService userService;

    @Autowired(required = false)
    protected FlowableLdapProperties ldapProperties;
    protected long userValidityPeriod;

    @Transactional
    public UserDetails loadUserByUsername(String str) {
        User user;
        String str2 = str;
        if (this.ldapProperties == null || !this.ldapProperties.isEnabled()) {
            str2 = str.toLowerCase();
            user = (User) this.identityService.createUserQuery().userIdIgnoreCase(str2).singleResult();
        } else {
            user = (User) this.identityService.createUserQuery().userId(str2).singleResult();
        }
        if (user == null) {
            throw new UsernameNotFoundException("User " + str2 + " was not found in the database");
        }
        String id = user.getId();
        List list = this.identityService.createPrivilegeQuery().userId(id).list();
        HashSet hashSet = new HashSet();
        Iterator it = list.iterator();
        while (it.hasNext()) {
            hashSet.add(new SimpleGrantedAuthority(((Privilege) it.next()).getName()));
        }
        List<Group> list2 = this.identityService.createGroupQuery().groupMember(id).list();
        if (!list2.isEmpty()) {
            ArrayList arrayList = new ArrayList(list2.size());
            for (Group group : list2) {
                hashSet.add(SecurityUtils.createGroupAuthority(group.getId()));
                arrayList.add(group.getId());
            }
            Iterator it2 = this.identityService.createPrivilegeQuery().groupIds(arrayList).list().iterator();
            while (it2.hasNext()) {
                hashSet.add(new SimpleGrantedAuthority(((Privilege) it2.next()).getName()));
            }
        }
        if (StringUtils.isNotBlank(user.getTenantId())) {
            hashSet.add(SecurityUtils.createTenantAuthority(user.getTenantId()));
        }
        this.userCache.putUser(user.getId(), new UserCache.CachedUser(user, hashSet));
        return org.springframework.security.core.userdetails.User.withUsername(id).password((String) StringUtils.defaultIfBlank(user.getPassword(), "")).authorities(hashSet).build();
    }

    public void setUserValidityPeriod(long j) {
        this.userValidityPeriod = j;
    }
}
