package org.jenkinsci.plugins.reverse_proxy_auth.auth;

import edu.umd.cs.findbugs.annotations.CheckForNull;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Set;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySearchTemplate;
import org.jenkinsci.plugins.reverse_proxy_auth.data.UserSearchTemplate;
import org.jenkinsci.plugins.reverse_proxy_auth.model.ReverseProxyUserDetails;
import org.springframework.util.Assert;

/* loaded from: input_file:org/jenkinsci/plugins/reverse_proxy_auth/auth/DefaultReverseProxyAuthoritiesPopulator.class */
public class DefaultReverseProxyAuthoritiesPopulator implements ReverseProxyAuthoritiesPopulator {
    private static final Log logger = LogFactory.getLog(DefaultReverseProxyAuthoritiesPopulator.class);
    private GrantedAuthority defaultRole;
    private final ReverseProxySearchTemplate reverseProxyTemplate;
    private String rolePrefix = "ROLE_";
    private boolean convertToUpperCase = true;

    @CheckForNull
    protected Hashtable<String, GrantedAuthority[]> authContext;

    public DefaultReverseProxyAuthoritiesPopulator(@CheckForNull Hashtable<String, GrantedAuthority[]> hashtable) {
        this.authContext = hashtable != null ? new Hashtable<>(hashtable) : null;
        this.reverseProxyTemplate = new ReverseProxySearchTemplate();
    }

    protected Set<GrantedAuthority> getAdditionalRoles(ReverseProxyUserDetails reverseProxyUserDetails) {
        return null;
    }

    @Override // org.jenkinsci.plugins.reverse_proxy_auth.auth.ReverseProxyAuthoritiesPopulator
    public final GrantedAuthority[] getGrantedAuthorities(ReverseProxyUserDetails reverseProxyUserDetails) {
        Set<GrantedAuthority> groupMembershipRoles = getGroupMembershipRoles(reverseProxyUserDetails.getUsername());
        Set<GrantedAuthority> additionalRoles = getAdditionalRoles(reverseProxyUserDetails);
        if (additionalRoles != null) {
            groupMembershipRoles.addAll(additionalRoles);
        }
        if (this.defaultRole != null) {
            groupMembershipRoles.add(this.defaultRole);
        }
        return (GrantedAuthority[]) groupMembershipRoles.toArray(new GrantedAuthority[groupMembershipRoles.size()]);
    }

    public Set<GrantedAuthority> getGroupMembershipRoles(String str) {
        HashSet hashSet = new HashSet();
        Set<String> searchForSingleAttributeValues = this.reverseProxyTemplate.searchForSingleAttributeValues(new UserSearchTemplate(str), this.authContext != null ? this.authContext.get(str) : null);
        if (logger.isDebugEnabled()) {
            logger.debug("Roles from search: " + String.valueOf(searchForSingleAttributeValues));
        }
        for (String str2 : searchForSingleAttributeValues) {
            if (this.convertToUpperCase) {
                str2 = str2.toUpperCase();
            }
            hashSet.add(new GrantedAuthorityImpl(this.rolePrefix + str2));
        }
        return hashSet;
    }

    public void setConvertToUpperCase(boolean z) {
        this.convertToUpperCase = z;
    }

    public void setDefaultRole(String str) {
        Assert.notNull(str, "The defaultRole property cannot be set to null");
        this.defaultRole = new GrantedAuthorityImpl(str);
    }

    public void setRolePrefix(String str) {
        Assert.notNull(str, "rolePrefix must not be null");
        this.rolePrefix = str;
    }
}
