package pl.edu.icm.sedno.service.user.authentication;

import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import pl.edu.icm.sedno.common.dao.DataObjectDAO;
import pl.edu.icm.sedno.common.util.Md5Generator;
import pl.edu.icm.sedno.dto.AuthenticationSedno;
import pl.edu.icm.sedno.model.users.SednoUser;
import pl.edu.icm.sedno.services.UserService;

/* loaded from: input_file:WEB-INF/lib/sedno-backend-1.1.5.jar:pl/edu/icm/sedno/service/user/authentication/SednoUserManagerImpl.class */
public class SednoUserManagerImpl implements AuthenticationProvider {
    private static final String CODE_ACCOUNT_INACTIVE = "user_account.inactive";
    private static final String CODE_ACCOUNT_NOT_FOUND = "user_account.notfound";
    private static final String CODE_ACCOUNT_NOT_CONFIRMED = "user_account.notconfirmed";
    private static final String CODE_ACCOUNT_DISABLED = "user_account.disabled";
    private static final String CODE_ACCOUNT_LOCKED = "user_account.locked";
    private static final String CODE_BAD_CREDENTIALS = "user_account.badcredentials";
    Logger logger = LoggerFactory.getLogger(SednoUserManagerImpl.class);

    @Autowired
    private UserService userService;

    @Autowired
    private DataObjectDAO dataObjectDAO;

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        this.logger.info("authenticate() : " + authentication.getName() + " passwd: ******");
        if (authentication.getPrincipal() != null && (authentication.getPrincipal() instanceof SednoUser)) {
            String login = ((SednoUser) authentication.getPrincipal()).getLogin();
            SednoUser byLogin = this.userService.getByLogin(login);
            if (!byLogin.isActive()) {
                throw new SednoDisabledException(CODE_ACCOUNT_INACTIVE, login);
            }
            Authentication createAuthenticationSedno = createAuthenticationSedno(byLogin);
            this.logger.info(".. refreshing previously authenticated user {}, roles : {} ", login, byLogin.getRoleNames());
            return createAuthenticationSedno;
        }
        String name = authentication.getName();
        SednoUser byLogin2 = this.userService.getByLogin(name);
        if (byLogin2 == null) {
            authentication.setAuthenticated(false);
            throw new SednoUsernameNotFoundException(CODE_ACCOUNT_NOT_FOUND, name);
        }
        if (!byLogin2.isLive()) {
            authentication.setAuthenticated(false);
            throw new SednoUserAccountNotConfirmed(CODE_ACCOUNT_NOT_CONFIRMED, name);
        }
        if (byLogin2.isAccountDisabled()) {
            authentication.setAuthenticated(false);
            throw new SednoDisabledException(CODE_ACCOUNT_DISABLED, name);
        }
        if (byLogin2.isAccountLocked()) {
            authentication.setAuthenticated(false);
            throw new SednoLockedException(CODE_ACCOUNT_LOCKED, name);
        }
        String doMd5 = Md5Generator.doMd5(authentication.getCredentials().toString());
        if (!StringUtils.isNotEmpty(byLogin2.getPasswdHash()) || !byLogin2.getPasswdHash().equals(doMd5)) {
            authentication.setAuthenticated(false);
            if (this.userService.registerBadPasswdEntered(byLogin2)) {
                throw new SednoLockedException(CODE_ACCOUNT_LOCKED, name);
            }
            throw new SednoBadCredentialsException(CODE_BAD_CREDENTIALS, byLogin2.getAttemptsLeft());
        }
        Authentication createAuthenticationSedno2 = createAuthenticationSedno(byLogin2);
        if (this.dataObjectDAO.isDetached(byLogin2)) {
            this.logger.error(this.dataObjectDAO.getObjectShortDesc(byLogin2));
            throw new RuntimeException("sednoUser is detached, bad transactions configuration");
        }
        this.userService.registerSuccesfulLogin(byLogin2);
        this.logger.info(".. user {} authenticated, roles : {} ", name, byLogin2.getRoleNames());
        return createAuthenticationSedno2;
    }

    private Authentication createAuthenticationSedno(SednoUser sednoUser) {
        AuthenticationSedno authenticationSedno = new AuthenticationSedno();
        authenticationSedno.setAuthenticated(true);
        authenticationSedno.setPrincipal(sednoUser);
        return authenticationSedno;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<? extends Object> cls) {
        return true;
    }
}
