package sirius.web.security;

import com.google.common.base.Charsets;
import com.google.common.collect.Maps;
import com.google.common.hash.Hashing;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import sirius.kernel.Sirius;
import sirius.kernel.di.std.Register;
import sirius.kernel.settings.Extension;
import sirius.web.http.WebContext;
import sirius.web.security.UserInfo;

/* loaded from: input_file:sirius/web/security/ConfigUserManager.class */
public class ConfigUserManager extends GenericUserManager {
    private static final String CONFIG_KEY_SECURITY_USERS = "security.users";
    private Map<String, Set<String>> userRoles;

    @Register(name = "config")
    /* loaded from: input_file:sirius/web/security/ConfigUserManager$Factory.class */
    public static class Factory implements UserManagerFactory {
        @Override // sirius.web.security.UserManagerFactory
        @Nonnull
        public UserManager createManager(@Nonnull ScopeInfo scopeInfo, @Nonnull Extension extension) {
            return new ConfigUserManager(scopeInfo, extension);
        }
    }

    protected ConfigUserManager(ScopeInfo scopeInfo, Extension extension) {
        super(scopeInfo, extension);
        this.userRoles = Maps.newTreeMap();
    }

    @Override // sirius.web.security.UserManager
    public UserInfo findUserByName(@Nullable WebContext webContext, String str) {
        Extension extension = Sirius.getSettings().getExtension(CONFIG_KEY_SECURITY_USERS, str);
        if (extension != null) {
            return getUserInfo(webContext, str, extension);
        }
        log("Unknown user: %s", str);
        return null;
    }

    @Override // sirius.web.security.UserManager
    public UserInfo findUserByCredentials(@Nullable WebContext webContext, String str, String str2) {
        Extension extension = Sirius.getSettings().getExtension(CONFIG_KEY_SECURITY_USERS, str);
        if (extension != null && extension.get("passwordHash").isFilled()) {
            if (Hashing.md5().hashBytes((extension.get("salt").asString() + str2).getBytes(Charsets.UTF_8)).toString().equals(extension.get("passwordHash").asString())) {
                return getUserInfo(webContext, str, extension);
            }
            return null;
        }
        if (extension == null) {
            log("Unknown user: %s", str);
            return null;
        }
        log("Invalid password for user: %s", str);
        return null;
    }

    @Override // sirius.web.security.GenericUserManager
    protected Object getUserObject(UserInfo userInfo) {
        return Sirius.getSettings().getExtension(CONFIG_KEY_SECURITY_USERS, userInfo.getUserId());
    }

    private UserInfo getUserInfo(@Nullable WebContext webContext, String str, Extension extension) {
        return UserInfo.Builder.createUser(str).withUsername(extension.get("name").asString()).withEmail(extension.get("email").asString()).withLang(extension.get("lang").getString()).withPermissions(computeRoles(webContext, str)).withUserSupplier(userInfo -> {
            return extension;
        }).build();
    }

    @Override // sirius.web.security.GenericUserManager
    protected Set<String> computeRoles(@Nullable WebContext webContext, String str) {
        Set<String> set = this.userRoles.get(str);
        if (set == null) {
            Extension extension = Sirius.getSettings().getExtension(CONFIG_KEY_SECURITY_USERS, str);
            if (extension != null) {
                set = transformRoles((Collection) extension.get("permissions").get(List.class, Collections.emptyList()), webContext.isTrusted());
                set.add(UserInfo.PERMISSION_LOGGED_IN);
            } else {
                log("Unknown user: %s - Rejecting all roles!", str);
                set = Collections.emptySet();
            }
            this.userRoles.put(str, set);
        }
        return set;
    }

    @Override // sirius.web.security.GenericUserManager
    protected void storeRolesForUser(UserInfo userInfo, WebContext webContext) {
    }

    @Override // sirius.web.security.GenericUserManager
    protected void clearRolesForUser(UserInfo userInfo, WebContext webContext) {
    }
}
