package org.graylog2.security;

import java.security.Principal;
import javax.ws.rs.core.MultivaluedMap;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ThreadContext;
import org.graylog2.jersey.container.netty.HeaderAwareSecurityContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/graylog2/security/ShiroSecurityContext.class */
public class ShiroSecurityContext implements HeaderAwareSecurityContext {
    private static final Logger log = LoggerFactory.getLogger(ShiroSecurityContext.class);
    private Subject subject;
    private final AuthenticationToken token;
    private final boolean secure;
    private final String authcScheme;
    private MultivaluedMap<String, String> headers;

    /* loaded from: input_file:org/graylog2/security/ShiroSecurityContext$ShiroPrincipal.class */
    public class ShiroPrincipal implements Principal {
        public ShiroPrincipal() {
        }

        @Override // java.security.Principal
        public String getName() {
            return ShiroSecurityContext.this.subject.getPrincipal().toString();
        }

        public Subject getSubject() {
            return ShiroSecurityContext.this.subject;
        }
    }

    public ShiroSecurityContext(Subject subject, AuthenticationToken authenticationToken, boolean z, String str) {
        this.subject = subject;
        this.token = authenticationToken;
        this.secure = z;
        this.authcScheme = str;
    }

    public String getUsername() {
        if (this.token == null || this.token.getPrincipal() == null) {
            return null;
        }
        return this.token.getPrincipal().toString();
    }

    public String getPassword() {
        if (this.token == null || this.token.getCredentials() == null) {
            return null;
        }
        return this.token.getCredentials().toString();
    }

    public Subject getSubject() {
        return this.subject;
    }

    @Override // javax.ws.rs.core.SecurityContext
    public Principal getUserPrincipal() {
        return new ShiroPrincipal();
    }

    @Override // javax.ws.rs.core.SecurityContext
    public boolean isUserInRole(String str) {
        log.info("Checking role {} for user {}.", str, this.subject.getPrincipal());
        return this.subject.hasRole(str);
    }

    @Override // javax.ws.rs.core.SecurityContext
    public boolean isSecure() {
        return this.secure;
    }

    @Override // javax.ws.rs.core.SecurityContext
    public String getAuthenticationScheme() {
        return this.authcScheme;
    }

    public void loginSubject() throws AuthenticationException {
        ThreadContext.put("REQUEST_HEADERS", this.headers);
        this.subject.login(this.token);
        Subject subject = ThreadContext.getSubject();
        if (subject != null) {
            this.subject = subject;
        }
        ThreadContext.remove("REQUEST_HEADERS");
    }

    @Override // org.graylog2.jersey.container.netty.HeaderAwareSecurityContext
    public void setHeaders(MultivaluedMap<String, String> multivaluedMap) {
        this.headers = multivaluedMap;
    }

    public MultivaluedMap<String, String> getHeaders() {
        return this.headers;
    }
}
