package pl.edu.icm.yadda.ui.security;

import org.apache.commons.lang.StringUtils;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationServiceException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import pl.edu.icm.yadda.service2.user.UserCatalog;
import pl.edu.icm.yadda.service2.user.exception.TokenVerificationException;
import pl.edu.icm.yadda.service2.user.model.UserData;
import pl.edu.icm.yadda.service2.user.model.UserFlagsConstants;
import pl.edu.icm.yadda.service2.user.token.LoginPasswordToken;
import pl.edu.icm.yadda.ui.newmessaging.NotificationLevel;
import pl.edu.icm.yadda.ui.newmessaging.NotificationService;
import pl.edu.icm.yadda.ui.security.impl.DefaultUser;
import pl.edu.icm.yadda.ui.user.MessageConstants;

/* loaded from: input_file:WEB-INF/lib/yaddaweb-lite-core-1.11.2.jar:pl/edu/icm/yadda/ui/security/UserCatalogAuthenticationProvider.class */
public class UserCatalogAuthenticationProvider implements AuthenticationProvider {
    private UserCatalog userCatalog;
    private String domain;
    private SessionManager sessionManager;
    private NotificationService notificationService;

    @Override // org.springframework.security.providers.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        String name = authentication.getName();
        String str = (String) authentication.getCredentials();
        boolean z = true;
        if (StringUtils.isBlank(name)) {
            this.notificationService.publishLocalizedNotification(NotificationLevel.ERROR, MessageConstants.MESSAGE_NO_USER_LOGIN, new Object[0]);
            z = false;
        }
        if (StringUtils.isBlank(str)) {
            this.notificationService.publishLocalizedNotification(NotificationLevel.ERROR, MessageConstants.MESSAGE_NO_USER_PASSWORD, new Object[0]);
            z = false;
        }
        if (!z) {
            throw new BadCredentialsException("Bad Credentials");
        }
        LoginPasswordToken loginPasswordToken = new LoginPasswordToken();
        loginPasswordToken.setDomain(this.domain);
        loginPasswordToken.setLogin(name);
        loginPasswordToken.setPassword(str);
        try {
            UserData loadUser = this.userCatalog.loadUser(this.userCatalog.verifyToken(loginPasswordToken), this.domain, UserData.UserDataParts.EFFECTIVE_ROLES);
            if (loadUser == null) {
                this.notificationService.publishLocalizedNotification(NotificationLevel.ERROR, MessageConstants.MESSAGE_NO_SUCH_USER, name);
                throw new BadCredentialsException("Bad Credentials");
            }
            if (loadUser.getUser().getFlags() != null && loadUser.getUser().getFlags().contains(UserFlagsConstants.INACTIVE)) {
                this.notificationService.publishLocalizedNotification(NotificationLevel.ERROR, MessageConstants.MESSAGE_NO_SUCH_USER, name);
                throw new BadCredentialsException("Bad Credentials");
            }
            GrantedAuthorityImpl[] grantedAuthorityImplArr = new GrantedAuthorityImpl[loadUser.getEffectiveRoles() != null ? loadUser.getEffectiveRoles().size() : 0];
            if (grantedAuthorityImplArr.length > 0) {
                String[] strArr = (String[]) loadUser.getEffectiveRoles().toArray(new String[loadUser.getEffectiveRoles().size()]);
                for (int i = 0; i < strArr.length; i++) {
                    grantedAuthorityImplArr[i] = new GrantedAuthorityImpl(strArr[i]);
                }
            }
            this.sessionManager.init(new DefaultUser(DefaultUserHelper.buildUserLogin(loadUser), "", DefaultUserHelper.buildUserName(loadUser), loadUser.getUser().getAttributes().get("email"), loadUser.getUser().getAttributes()));
            this.notificationService.publishLocalizedNotification(NotificationLevel.INFO, MessageConstants.MESSAGE_USER_LOGGED_SUCCESFULLY, new Object[0]);
            return new UsernamePasswordAuthenticationToken(name, str, grantedAuthorityImplArr);
        } catch (TokenVerificationException e) {
            this.notificationService.publishLocalizedNotification(NotificationLevel.ERROR, MessageConstants.MESSAGE_NO_SUCH_USER, name);
            throw new BadCredentialsException("Bad Credentials");
        } catch (SessionManagerException e2) {
            this.notificationService.publishLocalizedNotification(NotificationLevel.ERROR, MessageConstants.MESSAGE_NOT_LOGGED_UNKNOWN_REASON, new Object[0]);
            throw new AuthenticationServiceException(e2.getMessage());
        } catch (UnknownUserException e3) {
            this.notificationService.publishLocalizedNotification(NotificationLevel.ERROR, MessageConstants.MESSAGE_NO_SUCH_USER, name);
            throw new BadCredentialsException("Bad Credentials");
        }
    }

    @Override // org.springframework.security.providers.AuthenticationProvider
    public boolean supports(Class cls) {
        return cls.equals(UsernamePasswordAuthenticationToken.class);
    }

    public void setUserCatalog(UserCatalog userCatalog) {
        this.userCatalog = userCatalog;
    }

    public void setDomain(String str) {
        this.domain = str;
    }

    public void setSessionManager(SessionManager sessionManager) {
        this.sessionManager = sessionManager;
    }

    public void setNotificationService(NotificationService notificationService) {
        this.notificationService = notificationService;
    }
}
