package com.cpi.framework.web.service.admin;

import com.cpi.framework.web.common.ShiroUser;
import com.cpi.framework.web.entity.admin.FwPermissons;
import com.cpi.framework.web.entity.admin.FwRoles;
import com.cpi.framework.web.entity.admin.FwUser;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cas.CasAuthenticationException;
import org.apache.shiro.cas.CasRealm;
import org.apache.shiro.cas.CasToken;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.apache.shiro.util.StringUtils;
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.jasig.cas.client.validation.TicketValidationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cpi/framework/web/service/admin/ShiroCasRealm.class */
public class ShiroCasRealm extends CasRealm {
    private static Logger log = LoggerFactory.getLogger(ShiroCasRealm.class);
    protected AccountService accountService;

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        CasToken casToken = (CasToken) authenticationToken;
        if (authenticationToken == null) {
            return null;
        }
        String str = (String) casToken.getCredentials();
        if (!StringUtils.hasText(str)) {
            return null;
        }
        try {
            AttributePrincipal principal = ensureTicketValidator().validate(str, getCasService()).getPrincipal();
            String name = principal.getName();
            log.debug("Validate ticket : {} in CAS server : {} to retrieve user : {}", new Object[]{str, getCasServerUrlPrefix(), name});
            Map attributes = principal.getAttributes();
            casToken.setUserId(name);
            String str2 = (String) attributes.get(getRememberMeAttributeName());
            if (str2 != null && Boolean.parseBoolean(str2)) {
                casToken.setRememberMe(true);
            }
            FwUser findUserByLoginCode = this.accountService.findUserByLoginCode(name);
            if (findUserByLoginCode != null) {
                return new SimpleAuthenticationInfo(new SimplePrincipalCollection(new ShiroUser(findUserByLoginCode.getId(), findUserByLoginCode.getOrgId(), findUserByLoginCode.getLogincode(), findUserByLoginCode.getUsername(), findUserByLoginCode.getOrgName(), findUserByLoginCode.getStId()), getName()), str);
            }
            return null;
        } catch (TicketValidationException e) {
            throw new CasAuthenticationException("Unable to validate ticket [" + str + "]", e);
        }
    }

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        FwUser findUserByLoginCode = this.accountService.findUserByLoginCode(((ShiroUser) principalCollection.getPrimaryPrincipal()).getLoginName());
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        HashSet hashSet = new HashSet();
        for (FwRoles fwRoles : findUserByLoginCode.getRoleList()) {
            simpleAuthorizationInfo.addRole(fwRoles.getRoleName());
            Iterator<FwPermissons> it = fwRoles.getPermissonList().iterator();
            while (it.hasNext()) {
                hashSet.add(it.next().getPermissonCode());
            }
        }
        return simpleAuthorizationInfo;
    }

    public void setAccountService(AccountService accountService) {
        this.accountService = accountService;
    }
}
