package pro.taskana.security;

import java.security.AccessController;
import java.security.Principal;
import java.security.acl.Group;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.security.auth.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:pro/taskana/security/CurrentUserContext.class */
public final class CurrentUserContext {
    private static final String GET_UNIQUE_SECURITY_NAME_METHOD = "getUniqueSecurityName";
    private static final String GET_CALLER_SUBJECT_METHOD = "getCallerSubject";
    private static final String WSSUBJECT_CLASSNAME = "com.ibm.websphere.security.auth.WSSubject";
    private static final Logger LOGGER = LoggerFactory.getLogger(CurrentUserContext.class);
    private static Boolean runningOnWebSphere = null;

    private CurrentUserContext() {
    }

    public static String getUserid() {
        return runningOnWebSphere() ? getUseridFromWSSubject() : getUseridFromJAASSubject();
    }

    private static String getUseridFromWSSubject() {
        try {
            Subject subject = (Subject) Class.forName(WSSUBJECT_CLASSNAME).getMethod(GET_CALLER_SUBJECT_METHOD, (Class[]) null).invoke(null, (Object[]) null);
            LOGGER.debug("Subject of caller: {}", subject);
            if (subject == null) {
                return null;
            }
            Set<Object> publicCredentials = subject.getPublicCredentials();
            LOGGER.debug("Public credentials of caller: {}", publicCredentials);
            Iterator<Object> it = publicCredentials.iterator();
            if (!it.hasNext()) {
                return null;
            }
            Object next = it.next();
            Object invoke = next.getClass().getMethod(GET_UNIQUE_SECURITY_NAME_METHOD, (Class[]) null).invoke(next, (Object[]) null);
            LOGGER.debug("Returning the unique security name of first public credential: {}", invoke);
            return invoke.toString();
        } catch (Exception e) {
            LOGGER.warn("Could not get user from WSSubject. Going ahead unauthorized.");
            return null;
        }
    }

    private static boolean runningOnWebSphere() {
        if (runningOnWebSphere == null) {
            try {
                Class.forName(WSSUBJECT_CLASSNAME);
                LOGGER.debug("WSSubject detected. Assuming that Taskana runs on IBM WebSphere.");
                runningOnWebSphere = new Boolean(true);
            } catch (ClassNotFoundException e) {
                LOGGER.debug("No WSSubject detected. Using JAAS subject further on.");
                runningOnWebSphere = new Boolean(false);
            }
        }
        return runningOnWebSphere.booleanValue();
    }

    private static String getUseridFromJAASSubject() {
        Subject subject = Subject.getSubject(AccessController.getContext());
        LOGGER.trace("Subject of caller: {}", subject);
        if (subject != null) {
            Set<Principal> principals = subject.getPrincipals();
            LOGGER.trace("Public principals of caller: {}", principals);
            for (Principal principal : principals) {
                if (!(principal instanceof Group)) {
                    LOGGER.trace("Returning the first principal that is no group: {}", principal.getName());
                    return principal.getName();
                }
            }
        }
        LOGGER.trace("No userid found in subject!");
        return null;
    }

    public static List<String> getGroupIds() {
        Subject subject = Subject.getSubject(AccessController.getContext());
        LOGGER.trace("Subject of caller: {}", subject);
        ArrayList arrayList = new ArrayList();
        if (subject == null) {
            LOGGER.trace("No groupids found in subject!");
            return arrayList;
        }
        Set<Principal> principals = subject.getPrincipals(Group.class);
        LOGGER.trace("Public groups of caller: {}", principals);
        for (Principal principal : principals) {
            LOGGER.trace("Returning the groupId: {}", principal.getName());
            arrayList.add(principal.getName());
        }
        return arrayList;
    }

    public static List<String> getAccessIds() {
        ArrayList arrayList = new ArrayList();
        List<String> groupIds = getGroupIds();
        arrayList.add(getUserid());
        if (!groupIds.isEmpty()) {
            arrayList.addAll(groupIds);
        }
        return arrayList;
    }
}
