package pl.edu.icm.yadda.repowebeditor.security;

import java.util.List;
import javax.annotation.Resource;
import org.opensaml.lite.xacml.ctx.DecisionType;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import pl.edu.icm.yadda.aas.client.LoginResult;
import pl.edu.icm.yadda.aas.client.authn.IAuthenticationManager;
import pl.edu.icm.yadda.service2.aas.AAError;
import pl.edu.icm.yadda.service2.user.token.LoginPasswordToken;

@Component
/* loaded from: input_file:pl/edu/icm/yadda/repowebeditor/security/YaddaAuthenticationService.class */
public class YaddaAuthenticationService implements RemoteAuthenticationService {
    private static Logger logger = LoggerFactory.getLogger(YaddaAuthenticationService.class);

    @Autowired
    private IAuthenticationManager authenticationManager;

    @Resource(name = "repository_domain")
    private String domain;

    @Resource(name = "yaddaUserDetailsService")
    private UserDetailsService detailsService;

    @Override // pl.edu.icm.yadda.repowebeditor.security.RemoteAuthenticationService
    public UserDetails authenticate(String str, String str2) throws AuthenticationException {
        if (badCredential(this.authenticationManager.login(new LoginPasswordToken(str, str2, this.domain)))) {
            logger.info("bad credential for login: {}", str);
            throw new BadCredentialsException("Bad credentials");
        }
        try {
            return this.detailsService.loadUserByUsername(str);
        } catch (UsernameNotFoundException e) {
            logger.warn("can't load user details d ", e);
            throw e;
        } catch (Exception e2) {
            logger.warn("can't load user details g", e2);
            throw new BadCredentialsException("Bad credentials", e2);
        }
    }

    private boolean badCredential(LoginResult loginResult) {
        return !correctCredential(loginResult);
    }

    private boolean correctCredential(LoginResult loginResult) {
        return isEmptyError(loginResult.getErrors()) && loginResult.getDecition().equals(DecisionType.DECISION.Permit);
    }

    private boolean isEmptyError(List<AAError> list) {
        return list == null || list.isEmpty();
    }
}
