package org.springframework.security.web.servletapi;

import java.security.Principal;
import java.util.Collection;
import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/spring-security-web-5.3.4.RELEASE.jar:org/springframework/security/web/servletapi/SecurityContextHolderAwareRequestWrapper.class */
public class SecurityContextHolderAwareRequestWrapper extends HttpServletRequestWrapper {
    private final AuthenticationTrustResolver trustResolver;
    private final String rolePrefix;

    public SecurityContextHolderAwareRequestWrapper(HttpServletRequest httpServletRequest, String str) {
        this(httpServletRequest, new AuthenticationTrustResolverImpl(), str);
    }

    public SecurityContextHolderAwareRequestWrapper(HttpServletRequest httpServletRequest, AuthenticationTrustResolver authenticationTrustResolver, String str) {
        super(httpServletRequest);
        Assert.notNull(authenticationTrustResolver, "trustResolver cannot be null");
        this.rolePrefix = str;
        this.trustResolver = authenticationTrustResolver;
    }

    private Authentication getAuthentication() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (this.trustResolver.isAnonymous(authentication)) {
            return null;
        }
        return authentication;
    }

    @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
    public String getRemoteUser() {
        Authentication authentication = getAuthentication();
        if (authentication == null || authentication.getPrincipal() == null) {
            return null;
        }
        return authentication.getPrincipal() instanceof UserDetails ? ((UserDetails) authentication.getPrincipal()).getUsername() : authentication.getPrincipal().toString();
    }

    @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
    public Principal getUserPrincipal() {
        Authentication authentication = getAuthentication();
        if (authentication == null || authentication.getPrincipal() == null) {
            return null;
        }
        return authentication;
    }

    private boolean isGranted(String str) {
        Collection<? extends GrantedAuthority> authorities;
        Authentication authentication = getAuthentication();
        if (this.rolePrefix != null && str != null && !str.startsWith(this.rolePrefix)) {
            str = this.rolePrefix + str;
        }
        if (authentication == null || authentication.getPrincipal() == null || (authorities = authentication.getAuthorities()) == null) {
            return false;
        }
        Iterator<? extends GrantedAuthority> it = authorities.iterator();
        while (it.hasNext()) {
            if (str.equals(it.next().getAuthority())) {
                return true;
            }
        }
        return false;
    }

    @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
    public boolean isUserInRole(String str) {
        return isGranted(str);
    }

    public String toString() {
        return "SecurityContextHolderAwareRequestWrapper[ " + getRequest() + "]";
    }
}
