package org.genesys.blocks.security;

import java.util.Arrays;
import java.util.Iterator;
import org.genesys.blocks.security.model.AclSid;
import org.genesys.blocks.security.model.BasicUser;
import org.genesys.blocks.util.CurrentApplicationContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;

/* loaded from: input_file:org/genesys/blocks/security/SecurityContextUtil.class */
public class SecurityContextUtil {
    private static PermissionEvaluator permissionEvaluator;
    public static final Logger LOG = LoggerFactory.getLogger(SecurityContextUtil.class);
    private static final Authentication ANONYMOUS_AUTH = new PreAuthenticatedAuthenticationToken("Anyone", (Object) null, Arrays.asList(new SimpleGrantedAuthority("ROLE_EVERYONE")));

    private static synchronized boolean updatePermissionEvaluator() {
        PermissionEvaluator permissionEvaluator2 = (PermissionEvaluator) updateBean(PermissionEvaluator.class);
        permissionEvaluator = permissionEvaluator2;
        return permissionEvaluator2 != null;
    }

    static final <T> T updateBean(Class<T> cls) {
        ApplicationContext context = CurrentApplicationContext.getContext();
        if (context == null) {
            LOG.warn("You should initialize a bean instance of org.genesys.blocks.util.CurrentApplicationContext in your context");
            return null;
        }
        try {
            return (T) context.getBean(cls);
        } catch (BeansException e) {
            LOG.warn("Could not find {} instance in your context: {}", cls, e.getMessage());
            return null;
        }
    }

    public static String getUsername() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication.getPrincipal() instanceof UserDetails) {
            return ((UserDetails) authentication.getPrincipal()).getUsername();
        }
        return null;
    }

    public static <T extends BasicUser<?>> T getMe() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            return null;
        }
        Object principal = authentication.getPrincipal();
        if (principal instanceof BasicUser) {
            return (T) principal;
        }
        LOG.warn("Principal {} is not BasicUser, but type {}", principal, principal.getClass());
        return null;
    }

    public static <T extends AclSid> T getCurrentUser() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            return null;
        }
        Object principal = authentication.getPrincipal();
        if (principal instanceof AclSid) {
            return (T) principal;
        }
        LOG.warn("Principal {} is not AclSid, but type {}. Auth of type {}", new Object[]{principal, principal.getClass(), authentication.getClass()});
        return null;
    }

    public static boolean hasRole(String str) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            return false;
        }
        Iterator it = authentication.getAuthorities().iterator();
        while (it.hasNext()) {
            if (((GrantedAuthority) it.next()).getAuthority().equals("ROLE_" + str)) {
                return true;
            }
        }
        return false;
    }

    public static boolean hasAnyRole(String... strArr) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            return false;
        }
        for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) {
            for (String str : strArr) {
                if (grantedAuthority.getAuthority().equals("ROLE_" + str)) {
                    return true;
                }
            }
        }
        return false;
    }

    public static boolean hasAuthority(String str) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            return false;
        }
        Iterator it = authentication.getAuthorities().iterator();
        while (it.hasNext()) {
            if (((GrantedAuthority) it.next()).getAuthority().equals(str)) {
                return true;
            }
        }
        return false;
    }

    public static boolean hasPermission(Object obj, Object obj2) {
        if (permissionEvaluator == null) {
            LOG.info("permissionEvaluator not available. Checking context again");
            if (!updatePermissionEvaluator()) {
                LOG.warn("permissionEvaluator not available. No permissions.");
                return false;
            }
        }
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null) {
            return permissionEvaluator.hasPermission(authentication, obj, obj2);
        }
        return false;
    }

    public static boolean anyoneHasPermission(Object obj, Object obj2) {
        if (permissionEvaluator == null) {
            LOG.info("permissionEvaluator not available. Checking context again");
            if (!updatePermissionEvaluator()) {
                LOG.warn("permissionEvaluator not available. No permissions.");
                return false;
            }
        }
        if (ANONYMOUS_AUTH != null) {
            return permissionEvaluator.hasPermission(ANONYMOUS_AUTH, obj, obj2);
        }
        return false;
    }

    public static String getOAuthClientId() {
        OAuth2Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (!(authentication instanceof OAuth2Authentication)) {
            return null;
        }
        OAuth2Authentication oAuth2Authentication = authentication;
        LOG.debug("OAuth authentication: {}", oAuth2Authentication);
        String clientId = oAuth2Authentication.getOAuth2Request().getClientId();
        LOG.debug("OAuth clientId: {}", clientId);
        return clientId;
    }

    static {
        updatePermissionEvaluator();
    }
}
