package it.geosolutions.geostore.services.rest.security;

import it.geosolutions.geostore.core.model.User;
import it.geosolutions.geostore.core.model.UserGroup;
import it.geosolutions.geostore.core.model.enums.GroupReservedNames;
import it.geosolutions.geostore.core.model.enums.Role;
import it.geosolutions.geostore.core.security.GrantedAuthoritiesMapper;
import it.geosolutions.geostore.services.rest.utils.GroupMapper;
import java.util.HashSet;
import javax.servlet.http.HttpServletRequest;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;

/* loaded from: input_file:it/geosolutions/geostore/services/rest/security/HeadersAuthenticationFilter.class */
public class HeadersAuthenticationFilter extends GeoStoreAuthenticationFilter {
    public static final String DEFAULT_USERNAME_HEADER = "x-geostore-user";
    public static final String DEFAULT_GROUPS_HEADER = "x-geostore-groups";
    public static final String DEFAULT_ROLE_HEADER = "x-geostore-role";
    private GrantedAuthoritiesMapper authoritiesMapper;
    private String usernameHeader = DEFAULT_USERNAME_HEADER;
    private String groupsHeader = DEFAULT_GROUPS_HEADER;
    private String roleHeader = DEFAULT_ROLE_HEADER;
    private String listDelimiter = ",";
    private String defaultRole = "USER";
    private boolean addEveryOneGroup = false;
    private GroupMapper groupMapper = null;

    /* JADX WARN: Type inference failed for: r0v73, types: [long, it.geosolutions.geostore.core.model.UserGroup, java.lang.Object] */
    @Override // it.geosolutions.geostore.services.rest.security.GeoStoreAuthenticationFilter
    protected void authenticate(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(this.usernameHeader);
        if (header != null) {
            User user = new User();
            user.setId(-1L);
            user.setTrusted(true);
            user.setName(header);
            user.setRole(getUserRole(this.defaultRole));
            String header2 = httpServletRequest.getHeader(this.groupsHeader);
            HashSet hashSet = new HashSet();
            user.setGroups(new HashSet());
            boolean z = false;
            long j = 1;
            if (header2 != null) {
                for (String str : header2.split(this.listDelimiter)) {
                    if (str.equals(GroupReservedNames.EVERYONE.groupName())) {
                        z = true;
                    }
                    if (this.groupMapper != null) {
                        str = this.groupMapper.transform(str);
                    }
                    ?? userGroup = new UserGroup();
                    userGroup.setGroupName(str);
                    j++;
                    userGroup.setId(Long.valueOf((long) userGroup));
                    userGroup.setEnabled(true);
                    user.getGroups().add(userGroup);
                    hashSet.add(new GrantedAuthorityImpl(str));
                }
            }
            if (!z && this.addEveryOneGroup) {
                UserGroup userGroup2 = new UserGroup();
                userGroup2.setGroupName(GroupReservedNames.EVERYONE.groupName());
                long j2 = j;
                long j3 = j2 + 1;
                userGroup2.setId(Long.valueOf(j2));
                userGroup2.setEnabled(true);
                user.getGroups().add(userGroup2);
                hashSet.add(new GrantedAuthorityImpl(GroupReservedNames.EVERYONE.groupName()));
            }
            HashSet hashSet2 = new HashSet();
            String header3 = httpServletRequest.getHeader(this.roleHeader);
            if (header3 != null) {
                user.setRole(getUserRole(header3));
                hashSet2.add(createRole(header3));
            } else if (this.authoritiesMapper != null) {
                Role role = user.getRole();
                for (GrantedAuthority grantedAuthority : this.authoritiesMapper.mapAuthorities(hashSet)) {
                    hashSet2.add(createRole(grantedAuthority.getAuthority()));
                    role = morePrivileged(getUserRole(grantedAuthority.getAuthority()), role);
                }
                user.setRole(role);
                hashSet2.add(createRole(user.getRole().name()));
            } else {
                hashSet2.add(createRole(user.getRole().name()));
            }
            SecurityContextHolder.getContext().setAuthentication(new PreAuthenticatedAuthenticationToken(user, "", hashSet2));
        }
    }

    private Role morePrivileged(Role role, Role role2) {
        return (role.equals(Role.ADMIN) || role2.equals(Role.ADMIN)) ? Role.ADMIN : (role.equals(Role.USER) || role2.equals(Role.USER)) ? Role.USER : Role.GUEST;
    }

    private GrantedAuthorityImpl createRole(String str) {
        return new GrantedAuthorityImpl("ROLE_" + str);
    }

    private Role getUserRole(String str) {
        return "USER".equalsIgnoreCase(str) ? Role.USER : "ADMIN".equalsIgnoreCase(str) ? Role.ADMIN : "GUEST".equalsIgnoreCase(str) ? Role.GUEST : getUserRole(this.defaultRole);
    }

    public String getUsernameHeader() {
        return this.usernameHeader;
    }

    public void setUsernameHeader(String str) {
        this.usernameHeader = str;
    }

    public String getGroupsHeader() {
        return this.groupsHeader;
    }

    public void setGroupsHeader(String str) {
        this.groupsHeader = str;
    }

    public String getRoleHeader() {
        return this.roleHeader;
    }

    public void setRoleHeader(String str) {
        this.roleHeader = str;
    }

    public String getListDelimiter() {
        return this.listDelimiter;
    }

    public void setListDelimiter(String str) {
        this.listDelimiter = str;
    }

    public String getDefaultRole() {
        return this.defaultRole;
    }

    public void setDefaultRole(String str) {
        this.defaultRole = str;
    }

    public GrantedAuthoritiesMapper getAuthoritiesMapper() {
        return this.authoritiesMapper;
    }

    public void setAuthoritiesMapper(GrantedAuthoritiesMapper grantedAuthoritiesMapper) {
        this.authoritiesMapper = grantedAuthoritiesMapper;
    }

    public boolean isAddEveryOneGroup() {
        return this.addEveryOneGroup;
    }

    public void setAddEveryOneGroup(boolean z) {
        this.addEveryOneGroup = z;
    }

    public GroupMapper getGroupMapper() {
        return this.groupMapper;
    }

    public void setGroupMapper(GroupMapper groupMapper) {
        this.groupMapper = groupMapper;
    }
}
