package com.jzt.wotu.sso;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import org.keycloak.KeycloakPrincipal;
import org.keycloak.adapters.springsecurity.token.KeycloakAuthenticationToken;
import org.keycloak.representations.AccessToken;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.security.core.authority.mapping.SimpleAuthorityMapper;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/jzt/wotu/sso/SecurityAuthenticationProvider.class */
public class SecurityAuthenticationProvider implements AuthenticationProvider {
    private static final Logger log = LoggerFactory.getLogger(SecurityAuthenticationProvider.class);

    @Autowired
    private SSOAuthService authService;
    private GrantedAuthoritiesMapper grantedAuthoritiesMapper;

    public void setGrantedAuthoritiesMapper(GrantedAuthoritiesMapper grantedAuthoritiesMapper) {
        this.grantedAuthoritiesMapper = grantedAuthoritiesMapper;
    }

    public Authentication authenticate(Authentication authentication) throws RuntimeException {
        new SimpleAuthorityMapper().setPrefix("ROLE_");
        KeycloakAuthenticationToken keycloakAuthenticationToken = (KeycloakAuthenticationToken) authentication;
        keycloakAuthenticationToken.setAuthenticated(true);
        ArrayList arrayList = new ArrayList();
        AuthUser currentUser = this.authService.getCurrentUser(keycloakAuthenticationToken);
        if (currentUser.getRealmRoleList() != null) {
            Iterator<String> it = currentUser.getRealmRoleList().iterator();
            while (it.hasNext()) {
                arrayList.add(new SimpleGrantedAuthority("ROLE_base_" + it.next()));
            }
        }
        if (currentUser.getClientRoleList() != null) {
            Iterator<String> it2 = currentUser.getClientRoleList().iterator();
            while (it2.hasNext()) {
                arrayList.add(new SimpleGrantedAuthority("ROLE_" + it2.next()));
            }
        }
        return new KeycloakAuthenticationToken(keycloakAuthenticationToken.getAccount(), keycloakAuthenticationToken.isInteractive(), mapAuthorities(arrayList));
    }

    private AccessToken getAccessToken(KeycloakAuthenticationToken keycloakAuthenticationToken) {
        return ((KeycloakPrincipal) keycloakAuthenticationToken.getPrincipal()).getKeycloakSecurityContext().getToken();
    }

    private Collection<? extends GrantedAuthority> mapAuthorities(Collection<? extends GrantedAuthority> collection) {
        return this.grantedAuthoritiesMapper != null ? this.grantedAuthoritiesMapper.mapAuthorities(collection) : collection;
    }

    public boolean supports(Class<?> cls) {
        return KeycloakAuthenticationToken.class.isAssignableFrom(cls);
    }
}
