package com.supermap.services.security;

import com.supermap.services.security.BuiltInToken;
import java.util.Collection;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.subject.PrincipalCollection;

/* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/security/BuiltInTokenSupportedRealm.class */
public class BuiltInTokenSupportedRealm extends UsernamePasswordRealm {
    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.supermap.services.security.UsernamePasswordRealm
    public AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        if (!(authenticationToken instanceof BuiltInToken)) {
            return super.doGetAuthenticationInfo(authenticationToken);
        }
        BuiltInToken builtInToken = (BuiltInToken) authenticationToken;
        String username = builtInToken.getUsername();
        int indexOf = StringUtils.indexOf(username, SecurityConstants.SEPRARATOR_OF_EXTENDED_STORAGE_AND_USERNAME);
        if (indexOf == -1) {
            return builtInToken.getAuthenticationInfo(getName());
        }
        String substring = username.substring(0, indexOf);
        String substring2 = username.substring(indexOf + SecurityConstants.SEPRARATOR_OF_EXTENDED_STORAGE_AND_USERNAME.length());
        ExtendedUserStorage extendedUserStorage = this.extendedStorageMap.get(substring);
        ExtendedUserInfo extendedUserInfo = extendedUserStorage == null ? new ExtendedUserInfo() : extendedUserStorage.getUser(substring2);
        if (extendedUserInfo == null) {
            extendedUserInfo = new ExtendedUserInfo();
        }
        BuiltInToken.BuiltInSimpleAuthenticationInfo authenticationInfo = builtInToken.getAuthenticationInfo(getName(), substring2);
        BuiltInToken.BuiltInSimplePrincipalCollection builtInSimplePrincipalCollection = authenticationInfo.getBuiltInSimplePrincipalCollection();
        builtInSimplePrincipalCollection.add(substring, SecurityConstants.EXTENDED_STORAGE_REALM);
        builtInSimplePrincipalCollection.add(extendedUserInfo, SecurityConstants.EXTENDED_STORAGE_REALM);
        return authenticationInfo;
    }

    @Override // com.supermap.services.security.UsernamePasswordRealm, com.supermap.services.security.ResourceIdentifiedPermissionAuthorizingRealm
    public AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection, Set<String> set) {
        Collection fromRealm = principalCollection.fromRealm(getName());
        if (fromRealm == null || fromRealm.isEmpty()) {
            return null;
        }
        if (!(principalCollection instanceof BuiltInToken.BuiltInSimplePrincipalCollection)) {
            return super.doGetAuthorizationInfo(principalCollection, set);
        }
        BuiltInToken.BuiltInSimplePrincipalCollection builtInSimplePrincipalCollection = (BuiltInToken.BuiltInSimplePrincipalCollection) principalCollection;
        ExtendedUserInfo extendedUserInfo = SecurityUtility.getExtendedUserInfo(builtInSimplePrincipalCollection);
        if (builtInSimplePrincipalCollection.lookupPermission() || builtInSimplePrincipalCollection.lookupRole()) {
            AuthorizationInfo doGetAuthorizationInfo = super.doGetAuthorizationInfo(principalCollection, set);
            if (builtInSimplePrincipalCollection.lookupRole()) {
                if (extendedUserInfo != null) {
                    builtInSimplePrincipalCollection.roles(extendedUserInfo.roles);
                }
                builtInSimplePrincipalCollection.roles(doGetAuthorizationInfo.getRoles());
            }
            if (builtInSimplePrincipalCollection.lookupPermission()) {
                builtInSimplePrincipalCollection.permissions(doGetAuthorizationInfo.getStringPermissions());
            }
        }
        return builtInSimplePrincipalCollection.a();
    }

    protected void assertCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) throws AuthenticationException {
        if (authenticationToken instanceof BuiltInToken) {
            return;
        }
        super.assertCredentialsMatch(authenticationToken, authenticationInfo);
    }
}
