package org.flowable.app.security;

import java.util.ArrayList;
import java.util.Iterator;
import org.flowable.app.model.common.RemoteUser;
import org.flowable.app.service.idm.RemoteIdmService;
import org.flowable.engine.common.api.FlowableException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:WEB-INF/lib/flowable-ui-task-conf-6.0.0.jar:org/flowable/app/security/RemoteIdmAuthenticationProvider.class */
public class RemoteIdmAuthenticationProvider implements AuthenticationProvider {

    @Autowired
    protected RemoteIdmService remoteIdmService;

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        RemoteUser authenticateUser = this.remoteIdmService.authenticateUser(authentication.getPrincipal().toString(), authentication.getCredentials().toString());
        if (authenticateUser == null) {
            throw new FlowableException("user not found " + authentication.getPrincipal());
        }
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = authenticateUser.getPrivileges().iterator();
        while (it.hasNext()) {
            arrayList.add(new SimpleGrantedAuthority(it.next()));
        }
        org.flowable.engine.impl.identity.Authentication.setAuthenticatedUserId(authenticateUser.getId());
        return new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), arrayList);
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return true;
    }
}
