package org.gcube.application.cms.implementations.utils;

import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.gcube.application.geoportal.common.model.document.accounting.AccountingInfo;
import org.gcube.application.geoportal.common.model.document.accounting.Context;
import org.gcube.common.authorization.library.provider.AccessTokenProvider;
import org.gcube.common.authorization.library.provider.SecurityTokenProvider;
import org.gcube.common.authorization.utils.manager.SecretManager;
import org.gcube.common.authorization.utils.manager.SecretManagerProvider;
import org.gcube.common.authorization.utils.user.User;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/cms-plugin-framework-1.0.5-SNAPSHOT.jar:org/gcube/application/cms/implementations/utils/UserUtils.class */
public class UserUtils {
    private static final Logger log = LoggerFactory.getLogger(UserUtils.class);
    public static List<String> DEFAULT_ROLES = new ArrayList();

    /* loaded from: input_file:WEB-INF/lib/cms-plugin-framework-1.0.5-SNAPSHOT.jar:org/gcube/application/cms/implementations/utils/UserUtils$AuthenticatedUser.class */
    public static class AuthenticatedUser {
        private User user;
        private Set<String> roles;
        private String uma_token;
        private String gcube_token;
        private String context;

        public String toString() {
            StringBuilder sb = new StringBuilder();
            sb.append("User [user=");
            sb.append(this.user);
            sb.append(", uma_token=");
            sb.append(this.uma_token == null ? this.uma_token : "***");
            sb.append(", gcube_token=");
            sb.append(this.gcube_token == null ? this.gcube_token : "***");
            sb.append(", roles=");
            sb.append(this.roles);
            sb.append(", context=");
            sb.append(this.context);
            sb.append("]");
            return sb.toString();
        }

        public AccountingInfo asInfo() {
            AccountingInfo accountingInfo = new AccountingInfo();
            org.gcube.application.geoportal.common.model.document.accounting.User user = new org.gcube.application.geoportal.common.model.document.accounting.User();
            try {
                user.setUsername(getUser().getUsername());
                user.setRoles(this.roles);
            } catch (Exception e) {
                UserUtils.log.warn("Unable to determine user id, using FAKE", e);
                user.setUsername("FAKE");
                user.setRoles(new HashSet());
                user.getRoles().addAll(UserUtils.DEFAULT_ROLES);
            }
            accountingInfo.setUser(user);
            accountingInfo.setInstant(LocalDateTime.now());
            Context context = new Context();
            context.setId(this.context);
            context.setName(this.context.contains("/") ? this.context.substring(this.context.lastIndexOf("/")) : this.context);
            accountingInfo.setContext(context);
            return accountingInfo;
        }

        public AuthenticatedUser(User user, Set<String> set, String str, String str2, String str3) {
            this.user = user;
            this.roles = set;
            this.uma_token = str;
            this.gcube_token = str2;
            this.context = str3;
        }

        public User getUser() {
            return this.user;
        }

        public Set<String> getRoles() {
            return this.roles;
        }

        public String getUma_token() {
            return this.uma_token;
        }

        public String getGcube_token() {
            return this.gcube_token;
        }

        public String getContext() {
            return this.context;
        }
    }

    public static AuthenticatedUser getCurrent() throws SecurityException {
        log.debug("Loading caller info..");
        SecretManager secretManager = SecretManagerProvider.instance.get();
        String context = secretManager.getContext();
        if (context == null) {
            throw new SecurityException("Cannot determine context");
        }
        User user = secretManager.getUser();
        log.info("Identified caller {} in context {}", user.getUsername(), context);
        HashSet hashSet = new HashSet();
        hashSet.addAll(user.getRoles());
        AuthenticatedUser authenticatedUser = new AuthenticatedUser(user, hashSet, AccessTokenProvider.instance.get(), SecurityTokenProvider.instance.get(), context);
        log.info("Current User is {} ", authenticatedUser);
        return authenticatedUser;
    }
}
