package com.atlassian.crowd.service;

import com.atlassian.crowd.embedded.api.PasswordCredential;
import com.atlassian.crowd.exception.ApplicationNotFoundException;
import com.atlassian.crowd.exception.ExpiredCredentialException;
import com.atlassian.crowd.exception.InactiveAccountException;
import com.atlassian.crowd.exception.InvalidAuthenticationException;
import com.atlassian.crowd.exception.OperationFailedException;
import com.atlassian.crowd.integration.springsecurity.user.CrowdUserDetails;
import com.atlassian.crowd.integration.springsecurity.user.CrowdUserDetailsService;
import com.atlassian.crowd.manager.application.ApplicationAccessDeniedException;
import com.atlassian.crowd.manager.application.ApplicationManager;
import com.atlassian.crowd.manager.application.ApplicationService;
import com.atlassian.crowd.manager.authentication.TokenAuthenticationManager;
import com.atlassian.crowd.model.application.Application;
import com.atlassian.crowd.model.application.ApplicationType;
import com.atlassian.crowd.model.authentication.UserAuthenticationContext;
import com.atlassian.crowd.model.authentication.ValidationFactor;
import com.atlassian.crowd.model.token.TokenLifetime;
import com.atlassian.crowd.model.user.UserTemplate;
import java.security.Principal;
import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import org.springframework.dao.DataAccessException;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/* loaded from: input_file:com/atlassian/crowd/service/UserServiceImpl.class */
public class UserServiceImpl implements UserService {
    private final ApplicationManager applicationManager;
    private final ApplicationService applicationService;
    private final TokenAuthenticationManager tokenAuthenticationManager;
    private final CrowdUserDetailsService crowdUserDetailsService;

    public UserServiceImpl(ApplicationManager applicationManager, ApplicationService applicationService, CrowdUserDetailsService crowdUserDetailsService, TokenAuthenticationManager tokenAuthenticationManager) {
        this.applicationManager = applicationManager;
        this.applicationService = applicationService;
        this.crowdUserDetailsService = crowdUserDetailsService;
        this.tokenAuthenticationManager = tokenAuthenticationManager;
    }

    @Override // com.atlassian.crowd.service.UserService
    public String getRemoteUsername() {
        String str = null;
        CrowdUserDetails crowdUserDetails = getCrowdUserDetails();
        if (crowdUserDetails != null) {
            str = crowdUserDetails.getUsername();
        }
        return str;
    }

    private CrowdUserDetails getCrowdUserDetails() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || (authentication instanceof AnonymousAuthenticationToken) || authentication.getPrincipal() == null || !(authentication.getPrincipal() instanceof CrowdUserDetails)) {
            return null;
        }
        return (CrowdUserDetails) authentication.getPrincipal();
    }

    @Override // com.atlassian.crowd.service.UserService
    public String getAuthenticatedUsername(HttpServletRequest httpServletRequest) {
        return getRemoteUsername();
    }

    @Override // com.atlassian.crowd.service.UserService
    public boolean isUserInGroup(String str, String str2) {
        return this.applicationService.isUserNestedGroupMember(getCrowdApplication(), str, str2);
    }

    private Application getCrowdApplication() {
        try {
            return this.applicationManager.findByName(ApplicationType.CROWD.getDisplayName());
        } catch (ApplicationNotFoundException e) {
            throw new RuntimeException("Failed to find Crowd application for service, with name: <" + ApplicationType.CROWD.getDisplayName() + ">", e);
        }
    }

    @Override // com.atlassian.crowd.service.UserService
    public boolean isSystemAdmin(String str) throws DataAccessException {
        try {
            CrowdUserDetails loadUserByUsername = this.crowdUserDetailsService.loadUserByUsername(str);
            String str2 = this.crowdUserDetailsService.getAuthorityPrefix() + this.crowdUserDetailsService.getAuthoritySuffix();
            Iterator it = loadUserByUsername.getAuthorities().iterator();
            while (it.hasNext()) {
                if (((GrantedAuthority) it.next()).getAuthority().equals(str2)) {
                    return true;
                }
            }
            return false;
        } catch (UsernameNotFoundException e) {
            return false;
        }
    }

    @Override // com.atlassian.crowd.service.UserService
    public boolean authenticate(String str, String str2) {
        try {
            return this.tokenAuthenticationManager.authenticateUser(buildUserAuthenticationContext(str, str2), TokenLifetime.USE_DEFAULT).getRandomHash() != null;
        } catch (OperationFailedException e) {
            throw new RuntimeException("Failed to authenticate user due to: " + e.getMessage(), e);
        } catch (InvalidAuthenticationException e2) {
            return false;
        } catch (ApplicationNotFoundException e3) {
            return false;
        } catch (ExpiredCredentialException e4) {
            return false;
        } catch (ApplicationAccessDeniedException e5) {
            return false;
        } catch (InactiveAccountException e6) {
            return false;
        }
    }

    @Override // com.atlassian.crowd.service.UserService
    public Principal resolve(String str) throws DataAccessException {
        CrowdUserDetails loadUserByUsername = this.crowdUserDetailsService.loadUserByUsername(str);
        if (loadUserByUsername == null) {
            return null;
        }
        UserTemplate userTemplate = new UserTemplate(loadUserByUsername.getUsername(), loadUserByUsername.getFirstName(), loadUserByUsername.getLastName(), loadUserByUsername.getFullName());
        userTemplate.setEmailAddress(loadUserByUsername.getEmail());
        return userTemplate;
    }

    private UserAuthenticationContext buildUserAuthenticationContext(String str, String str2) {
        UserAuthenticationContext userAuthenticationContext = new UserAuthenticationContext();
        userAuthenticationContext.setApplication(ApplicationType.CROWD.getDisplayName());
        userAuthenticationContext.setName(str);
        userAuthenticationContext.setCredential(new PasswordCredential(str2));
        userAuthenticationContext.setValidationFactors(new ValidationFactor[0]);
        return userAuthenticationContext;
    }
}
