package org.craftercms.engine.security;

import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.craftercms.core.util.HttpServletUtils;
import org.craftercms.engine.controller.preview.rest.ProfileRestController;
import org.craftercms.security.api.RequestContext;
import org.craftercms.security.api.RequestSecurityProcessor;
import org.craftercms.security.api.RequestSecurityProcessorChain;
import org.craftercms.security.api.UserProfile;
import org.craftercms.security.authentication.AuthenticationToken;
import org.craftercms.security.utils.SecurityUtils;

/* loaded from: input_file:WEB-INF/classes/org/craftercms/engine/security/PreviewAuthenticationTokenResolvingProcessor.class */
public class PreviewAuthenticationTokenResolvingProcessor implements RequestSecurityProcessor {
    private static final Log logger = LogFactory.getLog(RequestSecurityProcessor.class);

    @Override // org.craftercms.security.api.RequestSecurityProcessor
    public void processRequest(RequestContext requestContext, RequestSecurityProcessorChain requestSecurityProcessorChain) throws Exception {
        UserProfile anonymousProfile;
        Map map = (Map) HttpServletUtils.getAttribute(ProfileRestController.PROFILE_SESSION_ATTRIBUTE, 1);
        if (map != null) {
            anonymousProfile = new UserProfile();
            anonymousProfile.setUserName((String) map.get("username"));
            anonymousProfile.setId((String) map.get("username"));
            anonymousProfile.setActive(true);
            HashMap hashMap = new HashMap(map);
            hashMap.remove("username");
            anonymousProfile.setAttributes(hashMap);
            String str = (String) map.get("roles");
            if (str != null) {
                anonymousProfile.getRoles().addAll(Arrays.asList(str.split(",")));
            }
        } else {
            anonymousProfile = SecurityUtils.getAnonymousProfile();
        }
        AuthenticationToken authenticationToken = new AuthenticationToken();
        authenticationToken.setProfile(anonymousProfile);
        requestContext.setAuthenticationToken(authenticationToken);
        if (logger.isDebugEnabled()) {
            logger.debug("Authentication token for request '" + requestContext.getRequestUri() + "': " + authenticationToken);
        }
        requestSecurityProcessorChain.processRequest(requestContext);
    }
}
