package com.baosight.buapx.security.handler;

import com.baosight.buapx.security.userdetails.SecurityUserInfo;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextImpl;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;

/* loaded from: input_file:lib/cas_client_all-1.0.0.jar:com/baosight/buapx/security/handler/AbstractSpringSecurity3Handler.class */
public abstract class AbstractSpringSecurity3Handler implements IAuthPostHandler {
    @Override // com.baosight.buapx.security.handler.IAuthPostHandler
    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SecurityUserInfo securityUserInfo, boolean z) {
        if (z) {
            SecurityContextImpl securityContextImpl = new SecurityContextImpl();
            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loadUserByUsername(securityUserInfo.getUserName()), (Object) null, loadUserAuthorities(securityUserInfo.getUserName()));
            SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
            securityContextImpl.setAuthentication(usernamePasswordAuthenticationToken);
            httpServletRequest.getSession().setAttribute("SPRING_SECURITY_CONTEXT", securityContextImpl);
            updateSession(httpServletRequest, securityUserInfo.getUserName());
        }
    }

    public UserDetails loadUserByUsername(String str) {
        HashSet hashSet = new HashSet();
        List<GrantedAuthority> loadUserAuthorities = loadUserAuthorities(str);
        if (loadUserAuthorities != null && loadUserAuthorities.size() != 0) {
            hashSet.addAll(loadUserAuthorities);
        }
        ArrayList arrayList = new ArrayList(hashSet);
        if (arrayList.size() == 0) {
            throw new RuntimeException("User '" + str + "' has no authorities and will be treated as 'not found'");
        }
        return createUserDetails(str, arrayList);
    }

    private UserDetails loadUserByUsernameIndeed(String str) {
        return new User(str, "12345", true, true, true, true, AuthorityUtils.NO_AUTHORITIES);
    }

    protected List<GrantedAuthority> loadUserAuthorities(String str) {
        List<String> loadRoles = loadRoles(str);
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = loadRoles.iterator();
        while (it.hasNext()) {
            arrayList.add(new SimpleGrantedAuthority(it.next()));
        }
        return arrayList;
    }

    protected UserDetails createUserDetails(String str, List<GrantedAuthority> list) {
        return new User(str, "12345", true, true, true, true, list);
    }

    public abstract List<String> loadRoles(String str);

    public abstract void updateSession(HttpServletRequest httpServletRequest, String str);
}
