package de.muenchen.oss.digiwf.cockpit.security.camunda;

import de.muenchen.oss.digiwf.spring.security.PrincipalUtil;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.security.Principal;
import java.util.Collections;
import org.camunda.bpm.engine.ProcessEngine;
import org.camunda.bpm.engine.rest.security.auth.AuthenticationProvider;
import org.camunda.bpm.engine.rest.security.auth.AuthenticationResult;

/* loaded from: input_file:BOOT-INF/lib/digiwf-engine-cockpit-1.5.4.jar:de/muenchen/oss/digiwf/cockpit/security/camunda/OAuthContainerBasedAuthenticationProvider.class */
public class OAuthContainerBasedAuthenticationProvider implements AuthenticationProvider {
    @Override // org.camunda.bpm.engine.rest.security.auth.AuthenticationProvider
    public AuthenticationResult extractAuthenticatedUser(HttpServletRequest httpServletRequest, ProcessEngine processEngine) {
        Principal userPrincipal = httpServletRequest.getUserPrincipal();
        if (userPrincipal == null) {
            return AuthenticationResult.unsuccessful();
        }
        String name = userPrincipal.getName();
        if (name == null || name.isEmpty()) {
            return AuthenticationResult.unsuccessful();
        }
        AuthenticationResult successful = AuthenticationResult.successful(name);
        successful.setGroups(PrincipalUtil.extractRoles(userPrincipal));
        successful.setTenants(Collections.emptyList());
        return successful;
    }

    @Override // org.camunda.bpm.engine.rest.security.auth.AuthenticationProvider
    public void augmentResponseByAuthenticationChallenge(HttpServletResponse httpServletResponse, ProcessEngine processEngine) {
    }
}
