package de.tudarmstadt.ukp.clarin.webanno.security;

import java.util.Iterator;
import org.apache.wicket.authroles.authentication.AuthenticatedWebSession;
import org.apache.wicket.authroles.authorization.strategies.role.Roles;
import org.apache.wicket.injection.Injector;
import org.apache.wicket.request.Request;
import org.apache.wicket.request.cycle.RequestCycle;
import org.apache.wicket.spring.injection.annot.SpringBean;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.MDC;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;

/* loaded from: input_file:de/tudarmstadt/ukp/clarin/webanno/security/SpringAuthenticatedWebSession.class */
public class SpringAuthenticatedWebSession extends AuthenticatedWebSession {
    private static final long serialVersionUID = 1;
    private final Logger log;

    @SpringBean(name = "org.springframework.security.authenticationManager")
    private AuthenticationManager authenticationManager;

    public SpringAuthenticatedWebSession(Request request) {
        super(request);
        this.log = LoggerFactory.getLogger(getClass());
        injectDependencies();
        ensureDependenciesNotNull();
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null && authentication.isAuthenticated() && (authentication instanceof PreAuthenticatedAuthenticationToken)) {
            signIn(true);
        }
    }

    private void ensureDependenciesNotNull() {
        if (this.authenticationManager == null) {
            throw new IllegalStateException("AdminSession requires an authenticationManager.");
        }
    }

    private void injectDependencies() {
        Injector.get().inject(this);
    }

    public boolean authenticate(String str, String str2) {
        try {
            Authentication authenticate = this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(str, str2));
            MDC.put("username", str);
            SecurityContextHolder.getContext().setAuthentication(authenticate);
            this.log.debug("Stored authentication for user [{}] in security context", authenticate.getName());
            RequestCycle.get().getRequest().getContainerRequest().getSession().setAttribute("SPRING_SECURITY_CONTEXT", SecurityContextHolder.getContext());
            this.log.debug("Stored security context in session");
            return true;
        } catch (AuthenticationException e) {
            this.log.warn("User [{}] failed to login. Reason: {}", str, e.getMessage());
            return false;
        }
    }

    public void signOut() {
        this.log.debug("Logging out");
        super.signOut();
        SecurityContextHolder.clearContext();
    }

    public Roles getRoles() {
        Roles roles = new Roles();
        if (isSignedIn()) {
            Iterator it = SecurityContextHolder.getContext().getAuthentication().getAuthorities().iterator();
            while (it.hasNext()) {
                roles.add(((GrantedAuthority) it.next()).getAuthority());
            }
        }
        return roles;
    }
}
