package io.camunda.operate.webapp.security.oauth2;

import io.camunda.identity.sdk.Identity;
import io.camunda.operate.property.OperateProperties;
import io.camunda.operate.util.SpringContextHolder;
import io.camunda.operate.webapp.security.tenant.OperateTenant;
import io.camunda.operate.webapp.security.tenant.TenantAwareAuthentication;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;

/* loaded from: input_file:io/camunda/operate/webapp/security/oauth2/IdentityTenantAwareJwtAuthenticationToken.class */
public class IdentityTenantAwareJwtAuthenticationToken extends JwtAuthenticationToken implements TenantAwareAuthentication {
    private static final long serialVersionUID = 1;
    private List<OperateTenant> tenants;

    public IdentityTenantAwareJwtAuthenticationToken(Jwt jwt, Collection<? extends GrantedAuthority> collection, String str) {
        super(jwt, collection, str);
    }

    @Override // io.camunda.operate.webapp.security.tenant.TenantAwareAuthentication
    public List<OperateTenant> getTenants() {
        if (this.tenants == null && isMultiTenancyEnabled()) {
            this.tenants = retrieveTenants();
        }
        return this.tenants;
    }

    private List<OperateTenant> retrieveTenants() {
        try {
            List forToken = getIdentity().tenants().forToken(getToken().getTokenValue());
            return forToken != null ? (List) forToken.stream().map(tenant -> {
                return new OperateTenant(tenant.getTenantId(), tenant.getName());
            }).collect(Collectors.toList()) : new ArrayList();
        } catch (Exception e) {
            throw new InsufficientAuthenticationException(e.getMessage(), e);
        }
    }

    private Identity getIdentity() {
        return (Identity) SpringContextHolder.getBean(Identity.class);
    }

    private OperateProperties getOperateProperties() {
        return (OperateProperties) SpringContextHolder.getBean(OperateProperties.class);
    }

    private boolean isMultiTenancyEnabled() {
        return getOperateProperties().getMultiTenancy().isEnabled();
    }
}
