package sernet.gs.server.security;

import org.apache.log4j.Logger;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.ui.digestauth.DigestProcessingFilter;
import org.springframework.security.ui.digestauth.DigestProcessingFilterEntryPoint;
import sernet.gs.service.SecurityException;
import sernet.hui.common.VeriniceContext;
import sernet.verinice.interfaces.IAuthService;
import sernet.verinice.interfaces.IRightsServerHandler;

/* loaded from: input_file:sernet/gs/server/security/DigestAuthenticationService.class */
public final class DigestAuthenticationService implements IAuthService {
    private final Logger log = Logger.getLogger(DigestAuthenticationService.class);
    private DigestProcessingFilterEntryPoint entryPoint;
    private String adminUsername;

    public String[] getRoles() {
        if (this.log.isDebugEnabled()) {
            this.log.debug("getRoles()...");
        }
        GrantedAuthority[] authorities = SecurityContextHolder.getContext().getAuthentication().getAuthorities();
        String[] strArr = new String[authorities.length];
        for (int i = 0; i < authorities.length; i++) {
            strArr[i] = authorities[i].getAuthority();
        }
        return strArr;
    }

    public String getAdminUsername() {
        return this.adminUsername;
    }

    public void setAdminUsername(String str) {
        this.adminUsername = str;
    }

    public String hashPassword(String str, String str2) {
        if (getRightsServerHandler().isEnabled(getUsername(), "accountsettings")) {
            return DigestProcessingFilter.encodePasswordInA1Format(str, this.entryPoint.getRealmName(), str2);
        }
        throw new SecurityException("Action is not allowed for the current user");
    }

    public String hashOwnPassword(String str, String str2) throws SecurityException {
        if (getUsername().equals(str)) {
            return DigestProcessingFilter.encodePasswordInA1Format(str, this.entryPoint.getRealmName(), str2);
        }
        throw new SecurityException(Messages.getString("AuthenticationService.0"));
    }

    public void setEntryPoint(DigestProcessingFilterEntryPoint digestProcessingFilterEntryPoint) {
        this.entryPoint = digestProcessingFilterEntryPoint;
    }

    public String getUsername() {
        try {
            return getUserDetails().getUsername();
        } catch (Exception e) {
            this.log.error(Messages.getString("AuthenticationService.1"), e);
            return "";
        }
    }

    public boolean isLogoutPossible() {
        return getUserDetails().isLogoutPossible();
    }

    private VeriniceUserDetails getUserDetails() {
        VeriniceUserDetails veriniceUserDetails = null;
        Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        if (principal instanceof VeriniceUserDetails) {
            veriniceUserDetails = (VeriniceUserDetails) principal;
        }
        return veriniceUserDetails;
    }

    public boolean isPermissionHandlingNeeded() {
        return true;
    }

    public boolean isScopeOnly() {
        try {
            return getUserDetails().isScopeOnly();
        } catch (Exception e) {
            this.log.error("Error while getting scope only value.", e);
            return false;
        }
    }

    private IRightsServerHandler getRightsServerHandler() {
        return (IRightsServerHandler) VeriniceContext.get("rightsServerHandler");
    }

    public boolean isHandlingPasswords() {
        return true;
    }

    public boolean isDeactivated() {
        try {
            return getUserDetails().isAccountDeactivated();
        } catch (Exception e) {
            this.log.error("Error while getting account deactivated value.", e);
            return false;
        }
    }
}
