package com.xdja.pki.ca.security.realm;

import com.xdja.pki.ca.security.bean.Operator;
import com.xdja.pki.ca.security.service.SecurityService;
import com.xdja.pki.ca.security.util.OperatorUtil;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

/* loaded from: input_file:com/xdja/pki/ca/security/realm/CustomShiroRealm.class */
public class CustomShiroRealm extends AuthorizingRealm {
    private SecurityService securityService;

    public CustomShiroRealm(SecurityService securityService) {
        this.securityService = securityService;
    }

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        Operator operator = OperatorUtil.getOperator();
        if (null != operator && !operator.getPermissions().isEmpty()) {
            simpleAuthorizationInfo.addStringPermissions(operator.getPermissions());
        }
        return simpleAuthorizationInfo;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        com.xdja.pki.ca.security.bean.AuthenticationInfo doAuthen = this.securityService.doAuthen(authenticationToken);
        if (null == doAuthen) {
            throw new AuthenticationException("未返回认证信息");
        }
        if (doAuthen.isLocked()) {
            throw new LockedAccountException("账号被锁定");
        }
        return new SimpleAuthenticationInfo(doAuthen.getUserName(), doAuthen.getPassword(), getName());
    }
}
