package pl.edu.icm.sedno.web.security.authentication.provider;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import pl.edu.icm.sedno.model.users.FederativeIdentity;
import pl.edu.icm.sedno.model.users.SednoUser;
import pl.edu.icm.sedno.services.FederativeIdentityRepository;
import pl.edu.icm.sedno.web.security.UserSecurityService;
import pl.edu.icm.sedno.web.security.authentication.token.ExternalAuthentication;
import pl.edu.icm.sedno.web.security.authentication.token.SednoAuthentication;
import pl.edu.icm.sedno.web.security.authentication.token.ServerUsernamePasswordAuthenticationToken;

/* loaded from: input_file:WEB-INF/classes/pl/edu/icm/sedno/web/security/authentication/provider/AbstractExternalAuthenticationProvider.class */
public abstract class AbstractExternalAuthenticationProvider implements AuthenticationProvider {
    private Logger logger = LoggerFactory.getLogger(AbstractExternalAuthenticationProvider.class);
    protected UserSecurityService userSecurityService;
    protected FederativeIdentityRepository federativeIdentityRepository;

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public final Authentication authenticate(Authentication authentication) throws AuthenticationException {
        ExternalAuthentication authenticateExternal = authenticateExternal(authentication);
        FederativeIdentity federativeIdentity = authenticateExternal.getPrincipal().getFederativeIdentity();
        this.logger.info("in db: https://www.google.com/accounts/o8/id?id=AItOawmFJ3pg_Pe2lPWu8gS-KqvkumyAfFV3bUs");
        this.logger.info("got  : " + federativeIdentity.getValue());
        FederativeIdentity federativeIdentity2 = this.federativeIdentityRepository.get(federativeIdentity.getType(), federativeIdentity.getValue());
        if (federativeIdentity2 == null) {
            if (authenticateExternal.getPrincipal().getFederativeIdentity().getSednoUser() != null) {
                throw new IllegalStateException("sedno user must not be set by external authentication system");
            }
            return authenticateExternal;
        }
        if (!federativeIdentity2.isActivated()) {
            return ExternalAuthentication.createInstance(federativeIdentity2);
        }
        SednoUser sednoUser = federativeIdentity2.getSednoUser();
        this.logger.debug("found sedno user [" + sednoUser.getLogin() + "] with federativeId: " + federativeIdentity);
        this.userSecurityService.checkSednoUser(sednoUser, sednoUser.getLogin());
        SednoAuthentication createInstance = SednoAuthentication.createInstance(sednoUser, federativeIdentity, authenticateExternal.getExternallyManagedRoles());
        createInstance.setAuthenticated(true);
        this.logger.debug("Principal from database: " + createInstance.getPrincipal().toString());
        this.logger.debug("Authorites: " + createInstance.getAuthorities());
        return createInstance;
    }

    protected abstract ExternalAuthentication authenticateExternal(Authentication authentication) throws AuthenticationException;

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<? extends Object> cls) {
        return cls.equals(ServerUsernamePasswordAuthenticationToken.class);
    }

    @Autowired
    public void setUserSecurityService(UserSecurityService userSecurityService) {
        this.userSecurityService = userSecurityService;
    }

    @Autowired
    public void setFederativeIdentityRepository(FederativeIdentityRepository federativeIdentityRepository) {
        this.federativeIdentityRepository = federativeIdentityRepository;
    }
}
