package com.sonatype.nexus.plugins.nuget.security;

import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.realm.AuthenticatingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.eclipse.sisu.Description;
import org.sonatype.nexus.security.UserPrincipalsHelper;
import org.sonatype.nexus.security.filter.authc.NexusApiKeyAuthenticationToken;
import org.sonatype.security.usermanagement.UserNotFoundException;
import org.sonatype.security.usermanagement.UserStatus;

@Singleton
@Named(NugetApiKey.ROLE)
@Description("NuGet API-Key Realm")
/* loaded from: input_file:WEB-INF/plugin-repository/nexus-nuget-plugin-2.14.5-02/nexus-nuget-plugin-2.14.5-02.jar:com/sonatype/nexus/plugins/nuget/security/NugetApiKeyRealm.class */
public final class NugetApiKeyRealm extends AuthenticatingRealm {

    @Inject
    private NugetApiKeyStore keyStore;

    @Inject
    private UserPrincipalsHelper principalsHelper;

    @Override // org.apache.shiro.realm.CachingRealm, org.apache.shiro.realm.Realm
    public String getName() {
        return NugetApiKey.ROLE;
    }

    @Override // org.apache.shiro.realm.AuthenticatingRealm, org.apache.shiro.realm.Realm
    public boolean supports(AuthenticationToken authenticationToken) {
        return (authenticationToken instanceof NexusApiKeyAuthenticationToken) && NugetApiKey.ROLE.equals(authenticationToken.getPrincipal());
    }

    @Override // org.apache.shiro.realm.AuthenticatingRealm
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        PrincipalCollection principals = this.keyStore.getPrincipals((char[]) authenticationToken.getCredentials());
        if (null == principals) {
            return null;
        }
        try {
            if (!UserStatus.active.equals(this.principalsHelper.getUserStatus(principals))) {
                return null;
            }
            ((NexusApiKeyAuthenticationToken) authenticationToken).setPrincipal(principals.getPrimaryPrincipal());
            return new SimpleAuthenticationInfo(principals, authenticationToken.getCredentials());
        } catch (UserNotFoundException e) {
            this.keyStore.deleteApiKey(principals);
            return null;
        }
    }
}
