package org.glassfish.soteria.identitystores;

import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import javax.security.enterprise.CallerPrincipal;
import javax.security.enterprise.credential.Credential;
import javax.security.enterprise.credential.UsernamePasswordCredential;
import javax.security.enterprise.identitystore.CredentialValidationResult;
import javax.security.enterprise.identitystore.IdentityStore;
import org.glassfish.soteria.identitystores.annotation.Credentials;
import org.glassfish.soteria.identitystores.annotation.EmbeddedIdentityStoreDefinition;

/* loaded from: input_file:org/glassfish/soteria/identitystores/EmbeddedIdentityStore.class */
public class EmbeddedIdentityStore implements IdentityStore {
    private final EmbeddedIdentityStoreDefinition embeddedIdentityStoreDefinition;
    private final Map<String, Credentials> callerToCredentials;
    private final Set<IdentityStore.ValidationType> validationType;

    public EmbeddedIdentityStore(EmbeddedIdentityStoreDefinition embeddedIdentityStoreDefinition) {
        this.embeddedIdentityStoreDefinition = embeddedIdentityStoreDefinition;
        this.callerToCredentials = (Map) Arrays.stream(embeddedIdentityStoreDefinition.value()).collect(Collectors.toMap(credentials -> {
            return credentials.callerName();
        }, credentials2 -> {
            return credentials2;
        }));
        this.validationType = Collections.unmodifiableSet(new HashSet(Arrays.asList(embeddedIdentityStoreDefinition.useFor())));
    }

    public CredentialValidationResult validate(Credential credential) {
        return credential instanceof UsernamePasswordCredential ? validate((UsernamePasswordCredential) credential) : CredentialValidationResult.NOT_VALIDATED_RESULT;
    }

    public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) {
        Credentials credentials = this.callerToCredentials.get(usernamePasswordCredential.getCaller());
        return (credentials == null || !usernamePasswordCredential.getPassword().compareTo(credentials.password())) ? CredentialValidationResult.INVALID_RESULT : new CredentialValidationResult(new CallerPrincipal(credentials.callerName()), new HashSet(Arrays.asList(credentials.groups())));
    }

    public Set<String> getCallerGroups(CredentialValidationResult credentialValidationResult) {
        Credentials credentials = this.callerToCredentials.get(credentialValidationResult.getCallerPrincipal().getName());
        return credentials != null ? new HashSet(Arrays.asList(credentials.groups())) : Collections.emptySet();
    }

    public int priority() {
        return this.embeddedIdentityStoreDefinition.priority();
    }

    public Set<IdentityStore.ValidationType> validationTypes() {
        return this.validationType;
    }
}
