package pl.edu.icm.sedno.service.user.authentication;

import org.jasig.cas.client.authentication.AttributePrincipal;
import org.jasig.cas.client.validation.Cas20ProxyTicketValidator;
import org.jasig.cas.client.validation.TicketValidationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import pl.edu.icm.sedno.dto.AuthenticationSedno;
import pl.edu.icm.sedno.exception.SednoBusinessException;
import pl.edu.icm.sedno.model.users.SednoUser;
import pl.edu.icm.sedno.services.UserRepository;

/* loaded from: input_file:WEB-INF/lib/sedno-backend-1.1.7.jar:pl/edu/icm/sedno/service/user/authentication/SednoCASAuthenticationProviderImpl.class */
public class SednoCASAuthenticationProviderImpl implements AuthenticationProvider {

    @Autowired
    private UserRepository userRepository;
    private Logger logger = LoggerFactory.getLogger(SednoCASAuthenticationProviderImpl.class);
    private String casServerUrl = "https://cardano.gpa.net.icm.edu.pl/cas";
    private String legacyServerServiceUrl = "http://localhost:8080/sedno-webapp/j_spring_cas_security_check";

    public void setCasServerUrl(String str) {
        this.casServerUrl = str;
    }

    public void setLegacyServerServiceUrl(String str) {
        this.legacyServerServiceUrl = str;
    }

    public String getCasServerUrl() {
        return this.casServerUrl;
    }

    public String getLegacyServerServiceUrl() {
        return this.legacyServerServiceUrl;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        AttributePrincipal checkTicket = checkTicket(authentication.getCredentials().toString());
        if (checkTicket == null) {
            authentication.setAuthenticated(false);
            throw new UsernameNotFoundException("Username [] not found");
        }
        String name = checkTicket.getName();
        AuthenticationSedno authenticationSedno = new AuthenticationSedno();
        SednoUser byLogin = this.userRepository.getByLogin(name);
        if (byLogin == null) {
            authentication.setAuthenticated(false);
            throw new UsernameNotFoundException("Username [" + name + "] not found");
        }
        if (!byLogin.isLive()) {
            authentication.setAuthenticated(false);
            throw new UsernameNotFoundException("Account [" + name + "] is not confirmed");
        }
        if (byLogin.isAccountDisabled()) {
            authentication.setAuthenticated(false);
            throw new DisabledException("Account [" + name + "] is disabled");
        }
        if (byLogin.isAccountLocked()) {
            authentication.setAuthenticated(false);
            throw new LockedException("Account [" + name + "] is locked");
        }
        authenticationSedno.setPrincipal(byLogin);
        authenticationSedno.setAuthenticated(true);
        this.logger.info("Principal in from database: " + authenticationSedno.getPrincipal().toString());
        return authenticationSedno;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<? extends Object> cls) {
        return true;
    }

    public AttributePrincipal checkTicket(String str) {
        AttributePrincipal attributePrincipal;
        Cas20ProxyTicketValidator cas20ProxyTicketValidator = new Cas20ProxyTicketValidator(this.casServerUrl);
        cas20ProxyTicketValidator.setAcceptAnyProxy(true);
        try {
            attributePrincipal = cas20ProxyTicketValidator.validate(str, this.legacyServerServiceUrl).getPrincipal();
            this.logger.info("user name:" + attributePrincipal.getName());
        } catch (TicketValidationException e) {
            attributePrincipal = null;
        }
        return attributePrincipal;
    }

    public SednoUser getDetails(String str) {
        this.logger.info("Detailslogin: " + str);
        SednoUser byLogin = this.userRepository.getByLogin(str);
        this.logger.debug("sedno user: " + byLogin);
        if (byLogin != null) {
            return byLogin;
        }
        throw new SednoBusinessException("user: " + str + "not found");
    }
}
