package io.camunda.operate.webapp.security.tenant;

import io.camunda.operate.exceptions.OperateRuntimeException;
import io.camunda.operate.property.OperateProperties;
import java.util.ArrayList;
import java.util.List;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:io/camunda/operate/webapp/security/tenant/TenantService.class */
public class TenantService {
    private static final Logger LOGGER = LoggerFactory.getLogger(TenantService.class);

    @Autowired
    private OperateProperties operateProperties;

    /* loaded from: input_file:io/camunda/operate/webapp/security/tenant/TenantService$AuthenticatedTenants.class */
    public static class AuthenticatedTenants {
        private final TenantAccessType tenantAccessType;
        private final List<String> ids;

        AuthenticatedTenants(TenantAccessType tenantAccessType, List<String> list) {
            this.tenantAccessType = tenantAccessType;
            this.ids = list;
        }

        public static AuthenticatedTenants allTenants() {
            return new AuthenticatedTenants(TenantAccessType.TENANT_ACCESS_ALL, null);
        }

        public static AuthenticatedTenants noTenantsAssigned() {
            return new AuthenticatedTenants(TenantAccessType.TENANT_ACCESS_NONE, null);
        }

        public static AuthenticatedTenants assignedTenants(List<String> list) {
            return new AuthenticatedTenants(TenantAccessType.TENANT_ACCESS_ASSIGNED, list);
        }

        public TenantAccessType getTenantAccessType() {
            return this.tenantAccessType;
        }

        public List<String> getTenantIds() {
            return this.ids;
        }
    }

    /* loaded from: input_file:io/camunda/operate/webapp/security/tenant/TenantService$TenantAccessType.class */
    public enum TenantAccessType {
        TENANT_ACCESS_ALL,
        TENANT_ACCESS_ASSIGNED,
        TENANT_ACCESS_NONE
    }

    public AuthenticatedTenants getAuthenticatedTenants() {
        if (!securityContextPresent()) {
            return AuthenticatedTenants.allTenants();
        }
        if (!isMultiTenancyEnabled()) {
            return AuthenticatedTenants.assignedTenants(List.of("<default>"));
        }
        List<String> tenantsFromAuthentication = getTenantsFromAuthentication(getCurrentTenantAwareAuthentication());
        return (tenantsFromAuthentication == null || tenantsFromAuthentication.isEmpty()) ? AuthenticatedTenants.noTenantsAssigned() : AuthenticatedTenants.assignedTenants(tenantsFromAuthentication);
    }

    private TenantAwareAuthentication getCurrentTenantAwareAuthentication() {
        TenantAwareAuthentication tenantAwareAuthentication;
        TenantAwareAuthentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication instanceof TenantAwareAuthentication) {
            tenantAwareAuthentication = authentication;
        } else {
            tenantAwareAuthentication = null;
            LOGGER.error(String.format("Multi Tenancy is not supported with current authentication type %s", authentication.getClass()), new OperateRuntimeException());
        }
        return tenantAwareAuthentication;
    }

    private List<String> getTenantsFromAuthentication(TenantAwareAuthentication tenantAwareAuthentication) {
        List<OperateTenant> tenants;
        ArrayList arrayList = new ArrayList();
        if (tenantAwareAuthentication != null && (tenants = tenantAwareAuthentication.getTenants()) != null && !tenants.isEmpty()) {
            tenants.stream().map((v0) -> {
                return v0.getTenantId();
            }).collect(Collectors.toCollection(() -> {
                return arrayList;
            }));
        }
        return arrayList;
    }

    private boolean isMultiTenancyEnabled() {
        return this.operateProperties.getMultiTenancy().isEnabled();
    }

    private boolean securityContextPresent() {
        return SecurityContextHolder.getContext().getAuthentication() != null;
    }
}
