package com.goldgov.kduck.security.principal.filter.extractor;

import com.goldgov.kduck.security.principal.AuthUser;
import com.goldgov.kduck.security.principal.filter.AuthUserExtractor;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;

/* loaded from: input_file:com/goldgov/kduck/security/principal/filter/extractor/SessionUserExtractorImpl.class */
public class SessionUserExtractorImpl implements AuthUserExtractor {
    @Override // com.goldgov.kduck.security.principal.filter.AuthUserExtractor
    public AuthUser extract(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        AuthUser authUser = null;
        if (authentication instanceof UsernamePasswordAuthenticationToken) {
            Object principal = authentication.getPrincipal();
            if (principal instanceof AuthUser) {
                authUser = (AuthUser) principal;
            } else {
                if (!(principal instanceof UserDetails)) {
                    throw new IllegalArgumentException("无法识别的认证对象：" + principal);
                }
                UserDetails userDetails = (UserDetails) principal;
                Collection authorities = userDetails.getAuthorities();
                ArrayList arrayList = new ArrayList(authorities.size());
                if (authorities != null) {
                    Iterator it = authorities.iterator();
                    while (it.hasNext()) {
                        arrayList.add(((GrantedAuthority) it.next()).getAuthority());
                    }
                }
                authUser = new AuthUser(userDetails.getUsername(), userDetails.isEnabled(), userDetails.isAccountNonExpired(), userDetails.isCredentialsNonExpired(), userDetails.isAccountNonLocked(), arrayList);
            }
        } else if (authentication != null && !(authentication instanceof AnonymousAuthenticationToken)) {
            throw new IllegalArgumentException("无法识别的认证对象类型：" + authentication);
        }
        return authUser;
    }
}
