package pl.edu.icm.crpd.webapp.security;

import com.google.common.collect.Lists;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import pl.edu.icm.crpd.persistence.model.Institution;
import pl.edu.icm.crpd.persistence.repository.InstitutionRepository;

/* loaded from: input_file:WEB-INF/classes/pl/edu/icm/crpd/webapp/security/InstitutionTokenAuthenticationProvider.class */
public class InstitutionTokenAuthenticationProvider implements AuthenticationProvider {
    public static final String AUTHENTICATION_FAILED_INVALID_USERNAME_MESSAGE = "authentication failed - no institution with the given code found";
    public static final String AUTHENTICATION_FAILED_INVALID_PASSWORD_MESSAGE = "authentication failed - invalid password";

    @Autowired
    private InstitutionTokenValidator institutionTokenValidator;

    @Autowired
    private InstitutionRepository institutionRepository;

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = (UsernamePasswordAuthenticationToken) authentication;
        String str = (String) usernamePasswordAuthenticationToken.getPrincipal();
        Institution findOneByCode = this.institutionRepository.findOneByCode(str);
        if (findOneByCode == null) {
            throw new BadCredentialsException("authentication failed - no institution with the given code found (" + str + ")");
        }
        if (this.institutionTokenValidator.validateInstitutionToken(findOneByCode, (String) usernamePasswordAuthenticationToken.getCredentials())) {
            return createInstitutionAuthentication(findOneByCode);
        }
        throw new BadCredentialsException(AUTHENTICATION_FAILED_INVALID_PASSWORD_MESSAGE);
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return cls.isAssignableFrom(UsernamePasswordAuthenticationToken.class);
    }

    private CrpdAuthentication createInstitutionAuthentication(Institution institution) {
        return new CrpdAuthentication(institution.getName(), Lists.newArrayList(new CrpdGrantedAuthority(Role.UNIVERSITY_REPOSITORY, institution)));
    }
}
