package org.alfresco.repo.security.authentication;

import net.sf.acegisecurity.Authentication;
import net.sf.acegisecurity.GrantedAuthority;
import net.sf.acegisecurity.GrantedAuthorityImpl;
import net.sf.acegisecurity.UserDetails;
import net.sf.acegisecurity.context.Context;
import net.sf.acegisecurity.context.ContextHolder;
import net.sf.acegisecurity.context.security.SecureContext;
import net.sf.acegisecurity.context.security.SecureContextImpl;
import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import net.sf.acegisecurity.providers.dao.User;
import org.alfresco.service.cmr.security.PermissionService;

/* loaded from: input_file:org/alfresco/repo/security/authentication/AuthenticationUtil.class */
public abstract class AuthenticationUtil {
    private static final String SYSTEM_USER_NAME = "System";

    /* loaded from: input_file:org/alfresco/repo/security/authentication/AuthenticationUtil$RunAsWork.class */
    public interface RunAsWork<Result> {
        Result doWork() throws Exception;
    }

    private AuthenticationUtil() {
    }

    public static Authentication setCurrentUser(String str) {
        return setCurrentUser(str, getDefaultUserDetails(str));
    }

    public static Authentication setCurrentUser(String str, UserDetails userDetails) throws AuthenticationException {
        UserDetails userDetails2;
        if (str == null) {
            throw new AuthenticationException("Null user name");
        }
        try {
            if (str.equals(SYSTEM_USER_NAME)) {
                userDetails2 = new User(SYSTEM_USER_NAME, "", true, true, true, true, new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_SYSTEM")});
            } else if (str.equalsIgnoreCase(PermissionService.GUEST_AUTHORITY)) {
                userDetails2 = new User(PermissionService.GUEST_AUTHORITY.toLowerCase(), "", true, true, true, true, new GrantedAuthority[0]);
            } else {
                if (!userDetails.getUsername().equals(str)) {
                    throw new AuthenticationException("Provided user details do not match the user name");
                }
                userDetails2 = userDetails;
            }
            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(userDetails2, "", userDetails2.getAuthorities());
            usernamePasswordAuthenticationToken.setDetails(userDetails2);
            usernamePasswordAuthenticationToken.setAuthenticated(true);
            return setCurrentAuthentication(usernamePasswordAuthenticationToken);
        } catch (net.sf.acegisecurity.AuthenticationException e) {
            throw new AuthenticationException(e.getMessage(), e);
        }
    }

    private static UserDetails getDefaultUserDetails(String str) {
        return new User(str, "", true, true, true, true, new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_AUTHENTICATED")});
    }

    public static Authentication setCurrentAuthentication(Authentication authentication) {
        Context secureContextImpl;
        Context context = ContextHolder.getContext();
        if (context == null || !(context instanceof SecureContext)) {
            secureContextImpl = new SecureContextImpl();
            ContextHolder.setContext(secureContextImpl);
        } else {
            secureContextImpl = (SecureContext) context;
        }
        authentication.setAuthenticated(true);
        secureContextImpl.setAuthentication(authentication);
        return authentication;
    }

    public static Authentication getCurrentAuthentication() throws AuthenticationException {
        SecureContext context = ContextHolder.getContext();
        if (context == null || !(context instanceof SecureContext)) {
            return null;
        }
        return context.getAuthentication();
    }

    public static String getCurrentUserName() throws AuthenticationException {
        SecureContext context = ContextHolder.getContext();
        if (context == null || !(context instanceof SecureContext)) {
            return null;
        }
        return getUserName(context.getAuthentication());
    }

    private static String getUserName(Authentication authentication) {
        String obj = authentication.getPrincipal().toString();
        if (authentication.getPrincipal() instanceof UserDetails) {
            obj = ((UserDetails) authentication.getPrincipal()).getUsername();
        }
        return obj;
    }

    public static Authentication setSystemUserAsCurrentUser() {
        return setCurrentUser(SYSTEM_USER_NAME);
    }

    public static String getSystemUserName() {
        return SYSTEM_USER_NAME;
    }

    public static String getGuestUserName() {
        return PermissionService.GUEST_AUTHORITY.toLowerCase();
    }

    public static void clearCurrentSecurityContext() {
        ContextHolder.setContext((Context) null);
    }

    public static <R> R runAs(RunAsWork<R> runAsWork, String str) {
        String currentUserName = getCurrentUserName();
        try {
            try {
                setCurrentUser(str);
                R doWork = runAsWork.doWork();
                clearCurrentSecurityContext();
                if (currentUserName != null) {
                    setCurrentUser(currentUserName);
                }
                return doWork;
            } catch (Throwable th) {
                if (th instanceof RuntimeException) {
                    throw ((RuntimeException) th);
                }
                throw new RuntimeException("Error during run as.", th);
            }
        } catch (Throwable th2) {
            clearCurrentSecurityContext();
            if (currentUserName != null) {
                setCurrentUser(currentUserName);
            }
            throw th2;
        }
    }
}
