package org.apache.shiro.nexus;

import com.google.common.base.Preconditions;
import java.util.Collections;
import java.util.Optional;
import java.util.Set;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Provider;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.session.mgt.eis.CachingSessionDAO;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.sonatype.goodies.common.Time;
import org.sonatype.nexus.cache.CacheHelper;
import org.sonatype.nexus.common.app.ManagedLifecycleManager;
import org.sonatype.nexus.common.event.EventManager;
import org.sonatype.nexus.security.UserIdMdcHelper;
import org.sonatype.nexus.security.anonymous.AnonymousConfiguration;
import org.sonatype.nexus.security.authc.AuthenticationEvent;
import org.sonatype.nexus.security.authc.AuthenticationFailureReason;
import org.sonatype.nexus.security.authc.LoginEvent;
import org.sonatype.nexus.security.authc.NexusAuthenticationException;

/* loaded from: input_file:org/apache/shiro/nexus/NexusWebSecurityManager.class */
public class NexusWebSecurityManager extends DefaultWebSecurityManager {
    private final Provider<EventManager> eventManager;

    @Inject
    public NexusWebSecurityManager(Provider<EventManager> provider, Provider<CacheHelper> provider2, @Named("${nexus.shiro.cache.defaultTimeToLive:-2m}") Provider<Time> provider3) {
        this.eventManager = (Provider) Preconditions.checkNotNull(provider);
        setCacheManager(new ShiroJCacheManagerAdapter(provider2, provider3));
        setRememberMeManager(null);
    }

    private void post(AuthenticationToken authenticationToken, boolean z, Set<AuthenticationFailureReason> set) {
        this.eventManager.get().post(new AuthenticationEvent(authenticationToken.getPrincipal().toString(), z, set));
    }

    /* JADX WARN: Type inference failed for: r8v1, types: [java.lang.Throwable, org.sonatype.nexus.security.authc.NexusAuthenticationException] */
    public Subject login(Subject subject, AuthenticationToken authenticationToken) {
        if (AnonymousConfiguration.DEFAULT_USER_ID.equals(authenticationToken.getPrincipal())) {
            throw new AuthenticationException("Cannot login with anonymous user");
        }
        try {
            Subject login = super.login(subject, authenticationToken);
            UserIdMdcHelper.set(login);
            post(authenticationToken, true, Collections.emptySet());
            Optional findFirst = login.getPrincipals().getRealmNames().stream().filter(str -> {
                return str.equals("SamlRealm");
            }).findFirst();
            String obj = login.getPrincipal().toString();
            findFirst.ifPresent(str2 -> {
                this.eventManager.get().post(new LoginEvent(obj, str2));
            });
            return login;
        } catch (NexusAuthenticationException e) {
            post(authenticationToken, false, e.getAuthenticationFailureReasons());
            throw e;
        } catch (AuthenticationException e2) {
            post(authenticationToken, false, Collections.emptySet());
            throw e2;
        }
    }

    public void logout(Subject subject) {
        super.logout(subject);
        UserIdMdcHelper.unset();
    }

    public void destroy() {
        if (ManagedLifecycleManager.isShuttingDown()) {
            super.destroy();
            return;
        }
        CachingSessionDAO sessionDAO = getSessionManager().getSessionDAO();
        if (sessionDAO instanceof CachingSessionDAO) {
            sessionDAO.setActiveSessionsCache((Cache) null);
        }
    }
}
