package sernet.gs.server.security;

import java.util.IdentityHashMap;
import java.util.Set;
import org.aspectj.lang.ProceedingJoinPoint;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.context.SecurityContext;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import sernet.verinice.interfaces.ICommand;

/* loaded from: input_file:sernet/gs/server/security/InternalAuthenticationProvider.class */
public final class InternalAuthenticationProvider implements org.springframework.security.providers.AuthenticationProvider {
    private static final Object LOCK = new Object();
    private static InternalAuthenticationProvider instance;
    private IdentityHashMap<ICommand, ICommand> allowedInstances;
    private InternalAuthentication authentication = new InternalAuthentication(this, "$internaluser$", "$notused$", new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_USER"), new GrantedAuthorityImpl("ROLE_WEB"), new GrantedAuthorityImpl("ROLE_ADMIN")}, null);

    /* loaded from: input_file:sernet/gs/server/security/InternalAuthenticationProvider$InternalAuthentication.class */
    private final class InternalAuthentication extends UsernamePasswordAuthenticationToken {
        private InternalAuthentication(Object obj, Object obj2, GrantedAuthority[] grantedAuthorityArr) {
            super(obj, obj2, grantedAuthorityArr);
        }

        public void setAuthenticated(boolean z) {
            StackTraceElement[] stackTrace = Thread.currentThread().getStackTrace();
            if (z && stackTrace.length >= 1 && InternalAuthenticationProvider.class.getName().equals(stackTrace[1].getClassName()) && "authenticate".equals(stackTrace[1].getMethodName())) {
                super.setAuthenticated(true);
            }
        }

        /* synthetic */ InternalAuthentication(InternalAuthenticationProvider internalAuthenticationProvider, Object obj, Object obj2, GrantedAuthority[] grantedAuthorityArr, InternalAuthentication internalAuthentication) {
            this(obj, obj2, grantedAuthorityArr);
        }
    }

    /* JADX WARN: Type inference failed for: r0v3, types: [java.lang.Throwable, java.lang.Object] */
    public InternalAuthenticationProvider() {
        SecurityContextHolder.setStrategyName("MODE_INHERITABLETHREADLOCAL");
        synchronized (LOCK) {
            if (instance != null) {
                throw new IllegalStateException("Only one instance of this class allowed.");
            }
            instance = this;
        }
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (!authentication.equals(this.authentication)) {
            return null;
        }
        authentication.setAuthenticated(true);
        return authentication;
    }

    public boolean supports(Class cls) {
        return cls == InternalAuthentication.class;
    }

    public void setAllowedInstances(Set<ICommand> set) {
        if (set == null || this.allowedInstances != null) {
            throw new IllegalArgumentException();
        }
        this.allowedInstances = new IdentityHashMap<>();
        for (ICommand iCommand : set) {
            this.allowedInstances.put(iCommand, iCommand);
        }
    }

    public Object doInsertAuthentication(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        SecurityContext context = SecurityContextHolder.getContext();
        Authentication authentication = context.getAuthentication();
        if (context.getAuthentication() == null || !authentication.isAuthenticated()) {
            Object obj = proceedingJoinPoint.getArgs()[0];
            if (!(obj instanceof ICommand)) {
                throw new IllegalStateException("Argument is either null or not of type " + ICommand.class.getName() + ".");
            }
            if (!this.allowedInstances.containsKey(obj)) {
                throw new IllegalStateException("It was not configured that this instance can receive an Authentication instance.");
            }
            context.setAuthentication(this.authentication);
        }
        try {
            return proceedingJoinPoint.proceed();
        } finally {
            context.setAuthentication(authentication);
        }
    }
}
