package com.mulesoft.modules.oauth2.provider.internal.security;

import com.mulesoft.modules.oauth2.provider.api.ResourceOwnerAuthentication;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.mule.runtime.api.security.Authentication;
import org.mule.runtime.api.security.SecurityException;
import org.mule.runtime.core.api.security.SecurityProvider;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.ldap.userdetails.LdapUserDetails;

/* loaded from: input_file:com/mulesoft/modules/oauth2/provider/internal/security/SpringAwareResourceOwnerSecurityProvider.class */
public class SpringAwareResourceOwnerSecurityProvider extends ResourceOwnerSecurityProvider {
    private List<UserDetailsService> userDetailsServices;

    public SpringAwareResourceOwnerSecurityProvider(SecurityProvider securityProvider, List<UserDetailsService> list) {
        super(securityProvider);
        this.userDetailsServices = list;
    }

    @Override // com.mulesoft.modules.oauth2.provider.internal.security.ResourceOwnerSecurityProvider, com.mulesoft.modules.oauth2.provider.internal.security.DelegateSecurityProvider
    public ResourceOwnerAuthentication authenticate(Authentication authentication) throws SecurityException {
        ResourceOwnerAuthentication authenticate = super.authenticate(authentication);
        String username = getUsername(authenticate);
        return new ResourceOwnerAuthentication.Builder().withPrincipal(authenticate.getPrincipal()).withUsername(username).withCredentials((Object) null).withRoles(getRoles(username)).withProperties(authenticate.getProperties()).build();
    }

    private String getUsername(Authentication authentication) {
        Object principal = authentication.getPrincipal();
        return principal instanceof User ? ((User) principal).getUsername() : principal instanceof LdapUserDetails ? ((LdapUserDetails) principal).getUsername() : (String) principal;
    }

    private Set<String> getRoles(String str) {
        HashSet hashSet = new HashSet();
        UserDetails userDetails = null;
        Iterator<UserDetailsService> it = this.userDetailsServices.iterator();
        while (it.hasNext()) {
            try {
                userDetails = it.next().loadUserByUsername(str);
            } catch (UsernameNotFoundException e) {
            }
            if (userDetails != null) {
                Iterator it2 = userDetails.getAuthorities().iterator();
                while (it2.hasNext()) {
                    hashSet.add(((GrantedAuthority) it2.next()).getAuthority());
                }
            }
        }
        return hashSet;
    }
}
