package fr.ifremer.allegro.obsdeb.security;

import com.google.common.collect.Lists;
import fr.ifremer.allegro.obsdeb.security.util.Encryption;
import fr.ifremer.allegro.obsdeb.service.ObsdebServiceLocator;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:fr/ifremer/allegro/obsdeb/security/SecurityContextHelper.class */
public class SecurityContextHelper {
    private static final Log log = LogFactory.getLog(SecurityContextHelper.class);

    public static Authentication getAuthentication() {
        return SecurityContextHolder.getContext().getAuthentication();
    }

    public static void clear() {
        SecurityContextHolder.clearContext();
    }

    public static ObsdebUser getObsdebUser() {
        Authentication authentication = getAuthentication();
        if (authentication == null || authentication.getPrincipal() == null) {
            return null;
        }
        Object principal = authentication.getPrincipal();
        if (principal instanceof ObsdebUser) {
            return (ObsdebUser) principal;
        }
        return null;
    }

    public static boolean authenticate(String str, String str2) {
        Authentication usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(str, StringUtils.isBlank(str2) ? "" : Encryption.sha(str2));
        try {
            if (log.isDebugEnabled()) {
                log.debug("try to authenticate '" + str + "' in local database");
            }
            usernamePasswordAuthenticationToken = ObsdebServiceLocator.instance().getAuthenticationManager().authenticate(usernamePasswordAuthenticationToken);
            if (log.isDebugEnabled()) {
                log.debug("database authentication successful");
            }
        } catch (AuthenticationException e) {
            usernamePasswordAuthenticationToken.setAuthenticated(false);
            if (log.isDebugEnabled()) {
                log.debug("database authentication failed : " + e.getLocalizedMessage());
            }
        }
        SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
        return usernamePasswordAuthenticationToken.isAuthenticated();
    }

    public static boolean hasStrictAuthority(ObsdebAuthority obsdebAuthority) {
        return hasStrictAuthority(getAuthentication(), obsdebAuthority);
    }

    public static boolean hasStrictAuthority(List<ObsdebAuthority> list) {
        return hasStrictAuthority(getAuthentication(), list);
    }

    public static boolean hasStrictAuthority(Authentication authentication, Object obj) {
        if (authentication == null || CollectionUtils.isEmpty(authentication.getAuthorities()) || obj == null) {
            return false;
        }
        ArrayList newArrayList = Lists.newArrayList();
        if (obj instanceof Collection) {
            newArrayList.addAll((Collection) obj);
        } else {
            if (!(obj instanceof ObsdebAuthority)) {
                log.error("the 'authorities' object is not a ObsdebAuthority and not a Collection<ObsdebAuthority>");
                return false;
            }
            newArrayList.add((ObsdebAuthority) obj);
        }
        newArrayList.retainAll(authentication.getAuthorities());
        return !newArrayList.isEmpty();
    }

    public static boolean hasMinimumAuthority(ObsdebAuthority obsdebAuthority) {
        return hasMinimumAuthority(getAuthentication(), obsdebAuthority);
    }

    public static boolean hasMinimumAuthority(Authentication authentication, Object obj) {
        if (authentication == null || CollectionUtils.isEmpty(authentication.getAuthorities()) || obj == null) {
            return false;
        }
        ArrayList newArrayList = Lists.newArrayList();
        if (obj instanceof Collection) {
            newArrayList.addAll((Collection) obj);
        } else {
            if (!(obj instanceof ObsdebAuthority)) {
                log.error("the 'authorities' object is not a ObsdebAuthority and not a Collection<ObsdebAuthority>");
                return false;
            }
            newArrayList.add((ObsdebAuthority) obj);
        }
        Collections.sort(newArrayList);
        ObsdebAuthority obsdebAuthority = (ObsdebAuthority) newArrayList.get(newArrayList.size() - 1);
        Iterator it = ((List) authentication.getAuthorities()).iterator();
        while (it.hasNext()) {
            if (((ObsdebAuthority) it.next()).compareTo(obsdebAuthority) >= 0) {
                return true;
            }
        }
        return false;
    }
}
