package org.apache.tomee.security.identitystore;

import java.util.Comparator;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import javax.annotation.PostConstruct;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
import javax.security.enterprise.credential.Credential;
import javax.security.enterprise.identitystore.CredentialValidationResult;
import javax.security.enterprise.identitystore.IdentityStore;
import javax.security.enterprise.identitystore.IdentityStoreHandler;

@ApplicationScoped
/* loaded from: input_file:org/apache/tomee/security/identitystore/TomEEIdentityStoreHandler.class */
public class TomEEIdentityStoreHandler implements IdentityStoreHandler {

    @Inject
    private Instance<IdentityStore> identityStores;
    private List<IdentityStore> authenticationStores;
    private List<IdentityStore> authorizationStores;

    @PostConstruct
    private void init() {
        this.authenticationStores = (List) this.identityStores.stream().filter(identityStore -> {
            return identityStore.validationTypes().contains(IdentityStore.ValidationType.VALIDATE);
        }).sorted(Comparator.comparing((v0) -> {
            return v0.priority();
        })).collect(Collectors.toList());
        this.authorizationStores = (List) this.identityStores.stream().filter(identityStore2 -> {
            return identityStore2.validationTypes().contains(IdentityStore.ValidationType.PROVIDE_GROUPS);
        }).filter(identityStore3 -> {
            return !identityStore3.validationTypes().contains(IdentityStore.ValidationType.VALIDATE);
        }).sorted(Comparator.comparing((v0) -> {
            return v0.priority();
        })).collect(Collectors.toList());
    }

    @Override // javax.security.enterprise.identitystore.IdentityStoreHandler
    public CredentialValidationResult validate(Credential credential) {
        if (this.authenticationStores.isEmpty()) {
            return CredentialValidationResult.NOT_VALIDATED_RESULT;
        }
        CredentialValidationResult credentialValidationResult = null;
        IdentityStore identityStore = null;
        Iterator it = this.identityStores.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            IdentityStore identityStore2 = (IdentityStore) it.next();
            credentialValidationResult = identityStore2.validate(credential);
            if (credentialValidationResult.getStatus().equals(CredentialValidationResult.Status.VALID)) {
                identityStore = identityStore2;
                break;
            }
        }
        if (identityStore == null) {
            return CredentialValidationResult.INVALID_RESULT;
        }
        HashSet hashSet = new HashSet();
        if (identityStore.validationTypes().contains(IdentityStore.ValidationType.PROVIDE_GROUPS)) {
            hashSet.addAll(identityStore.getCallerGroups(credentialValidationResult));
        }
        CredentialValidationResult credentialValidationResult2 = credentialValidationResult;
        hashSet.addAll((Set) this.authorizationStores.stream().map(identityStore3 -> {
            return identityStore3.getCallerGroups(credentialValidationResult2);
        }).flatMap((v0) -> {
            return v0.stream();
        }).collect(Collectors.toSet()));
        return new CredentialValidationResult(credentialValidationResult2.getIdentityStoreId(), credentialValidationResult2.getCallerPrincipal(), credentialValidationResult2.getCallerDn(), credentialValidationResult2.getCallerUniqueId(), hashSet);
    }
}
