package com.atlassian.bamboo.applinks;

import com.atlassian.bamboo.spring.ComponentAccessor;
import com.atlassian.bamboo.user.BambooUserManager;
import com.atlassian.sal.api.user.UserManager;
import com.google.common.base.Supplier;
import java.util.concurrent.Callable;
import org.acegisecurity.Authentication;
import org.acegisecurity.adapters.PrincipalAcegiUserToken;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.userdetails.UserDetails;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:com/atlassian/bamboo/applinks/ImpersonationServiceImpl.class */
public class ImpersonationServiceImpl implements ImpersonationService {
    private static final Logger log = Logger.getLogger(ImpersonationServiceImpl.class);
    public static final String USER_TOKEN_KEY = "USER_TOKEN_KEY";
    private final BambooUserManager bambooUserManager;
    private final Supplier<UserManager> salUserManager = ComponentAccessor.newOsgiServiceProxy(UserManager.class);

    public ImpersonationServiceImpl(BambooUserManager bambooUserManager) {
        this.bambooUserManager = bambooUserManager;
    }

    @NotNull
    public <V> Callable<V> runAsUser(@NotNull final String str, @NotNull final Callable<V> callable) {
        return new Callable<V>() { // from class: com.atlassian.bamboo.applinks.ImpersonationServiceImpl.1
            @Override // java.util.concurrent.Callable
            public V call() throws Exception {
                Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
                try {
                    UserDetails loadUserByUsername = ImpersonationServiceImpl.this.bambooUserManager.loadUserByUsername(str);
                    if (loadUserByUsername == null) {
                        throw new IllegalArgumentException("username '" + str + "' does not exist. Cannot impersonate this user.");
                    }
                    SecurityContextHolder.getContext().setAuthentication(new PrincipalAcegiUserToken(ImpersonationServiceImpl.USER_TOKEN_KEY, loadUserByUsername.getUsername(), loadUserByUsername.getPassword(), loadUserByUsername.getAuthorities(), loadUserByUsername));
                    if (!str.equals(((UserManager) ImpersonationServiceImpl.this.salUserManager.get()).getRemoteUsername())) {
                        throw new IllegalStateException("Could not impersonate user '" + str + "'. Call to '" + ImpersonationServiceImpl.this.salUserManager.getClass() + ".getRemoteUsername()' returns '" + ((UserManager) ImpersonationServiceImpl.this.salUserManager.get()).getRemoteUsername() + "'");
                    }
                    V v = (V) callable.call();
                    SecurityContextHolder.getContext().setAuthentication(authentication);
                    return v;
                } catch (Throwable th) {
                    SecurityContextHolder.getContext().setAuthentication(authentication);
                    throw th;
                }
            }
        };
    }

    @NotNull
    public <V> Callable<V> runWithOptionalUserImpersonation(@Nullable final String str, @NotNull final Callable<V> callable) {
        return new Callable<V>() { // from class: com.atlassian.bamboo.applinks.ImpersonationServiceImpl.2
            @Override // java.util.concurrent.Callable
            public V call() throws Exception {
                UserDetails loadUserByUsername;
                Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
                try {
                    if (StringUtils.isNotBlank(str) && (loadUserByUsername = ImpersonationServiceImpl.this.bambooUserManager.loadUserByUsername(str)) != null) {
                        SecurityContextHolder.getContext().setAuthentication(new PrincipalAcegiUserToken(ImpersonationServiceImpl.USER_TOKEN_KEY, loadUserByUsername.getUsername(), loadUserByUsername.getPassword(), loadUserByUsername.getAuthorities(), loadUserByUsername));
                    }
                    V v = (V) callable.call();
                    SecurityContextHolder.getContext().setAuthentication(authentication);
                    return v;
                } catch (Throwable th) {
                    SecurityContextHolder.getContext().setAuthentication(authentication);
                    throw th;
                }
            }
        };
    }
}
