package pl.edu.icm.synat.services.security;

import java.util.Collection;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.jasig.cas.client.validation.Assertion;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.core.convert.converter.Converter;
import org.springframework.security.cas.authentication.CasAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.util.Assert;
import pl.edu.icm.synat.api.services.security.ServiceSecurityContextManager;
import pl.edu.icm.synat.api.services.security.ServiceUserAuthenticationToken;
import pl.edu.icm.synat.api.services.security.ServiceUserTicket;
import pl.edu.icm.synat.api.services.security.user.ServiceUser;
import pl.edu.icm.synat.api.services.security.user.ServiceUserRole;

/* loaded from: input_file:WEB-INF/lib/synat-platform-connector-1.25.7-SNAPSHOT.jar:pl/edu/icm/synat/services/security/ServiceUserTokenConverter.class */
public class ServiceUserTokenConverter implements Converter<CasAuthenticationToken, ServiceUserAuthenticationToken>, InitializingBean {
    private static final long DEFAULT_VALIDATION_TIME_IN_SECONDS = 1800;
    private long defaulValidationTime = DEFAULT_VALIDATION_TIME_IN_SECONDS;
    private Converter<GrantedAuthority, Set<ServiceUserRole>> serviceUserRolesConverter;
    private ServiceSecurityContextManager serviceSecurityContextManager;

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.serviceUserRolesConverter, "serviceUserRolesConverter required");
        Assert.notNull(this.serviceSecurityContextManager, "serviceSecurityContextManager required");
        Assert.notNull(Long.valueOf(this.defaulValidationTime), "defaulValidationTime required");
    }

    @Override // org.springframework.core.convert.converter.Converter
    public ServiceUserAuthenticationToken convert(CasAuthenticationToken casAuthenticationToken) {
        long time;
        Assertion assertion = casAuthenticationToken.getAssertion();
        if (assertion.getValidUntilDate() != null) {
            time = assertion.getValidUntilDate().getTime();
        } else {
            Date validFromDate = assertion.getValidFromDate();
            time = validFromDate != null ? validFromDate.getTime() + (this.defaulValidationTime * 1000) : System.currentTimeMillis() + (this.defaulValidationTime * 1000);
        }
        ServiceUserTicket serviceUserTicket = new ServiceUserTicket();
        serviceUserTicket.setTicketValue((String) casAuthenticationToken.getCredentials());
        serviceUserTicket.setExpirationTime(time);
        UserDetails userDetails = (UserDetails) casAuthenticationToken.getPrincipal();
        Collection<? extends GrantedAuthority> authorities = userDetails.getAuthorities();
        ServiceUser serviceUser = new ServiceUser(userDetails);
        serviceUser.setRoles(convertRoles(authorities));
        return new ServiceUserAuthenticationToken(serviceUser, serviceUserTicket);
    }

    private Set<ServiceUserRole> convertRoles(Collection<? extends GrantedAuthority> collection) {
        HashSet hashSet = new HashSet();
        if (collection == null) {
            return hashSet;
        }
        Iterator<? extends GrantedAuthority> it = collection.iterator();
        while (it.hasNext()) {
            hashSet.addAll(this.serviceUserRolesConverter.convert(it.next()));
        }
        return hashSet;
    }

    public void setServiceUserRolesConverter(Converter<GrantedAuthority, Set<ServiceUserRole>> converter) {
        this.serviceUserRolesConverter = converter;
    }

    public void setServiceSecurityContextManager(ServiceSecurityContextManager serviceSecurityContextManager) {
        this.serviceSecurityContextManager = serviceSecurityContextManager;
    }

    public void setDefaulValidationTime(long j) {
        this.defaulValidationTime = j;
    }
}
