package eu.dariah.de.dariahsp.authentication;

import eu.dariah.de.dariahsp.config.rest.SystemToken;
import java.util.HashSet;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.context.session.SessionStore;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.credentials.UsernamePasswordCredentials;
import org.pac4j.core.credentials.authenticator.Authenticator;
import org.pac4j.core.exception.CredentialsException;
import org.pac4j.core.profile.CommonProfile;
import org.pac4j.core.util.CommonHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/dariahsp-core-4.1.1-SNAPSHOT.jar:eu/dariah/de/dariahsp/authentication/SystemTokenAuthenticator.class */
public class SystemTokenAuthenticator implements Authenticator {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) SystemTokenAuthenticator.class);
    private SystemToken[] systemTokenConfigurations;

    @Override // org.pac4j.core.credentials.authenticator.Authenticator
    public void validate(Credentials credentials, WebContext webContext, SessionStore sessionStore) {
        if (credentials != null) {
            try {
                if (UsernamePasswordCredentials.class.isAssignableFrom(credentials.getClass())) {
                    String username = ((UsernamePasswordCredentials) credentials).getUsername();
                    String password = ((UsernamePasswordCredentials) credentials).getPassword();
                    if (CommonHelper.isBlank(username)) {
                        throw new CredentialsException("System cannot be blank");
                    }
                    if (CommonHelper.isBlank(password)) {
                        throw new CredentialsException("Password cannot be blank");
                    }
                    CommonProfile profile = getProfile(username, password);
                    if (profile != null) {
                        credentials.setUserProfile(profile);
                    }
                    throw new CredentialsException("Invalid system/token combination");
                }
            } catch (CredentialsException e) {
                log.info("System/token authentication failed: {}", e.getMessage());
                throw e;
            }
        }
        throw new CredentialsException("No or invalid type of credential");
    }

    private CommonProfile getProfile(String str, String str2) {
        for (SystemToken systemToken : this.systemTokenConfigurations) {
            if (systemToken.getSystem().equals(str)) {
                if (!systemToken.getToken().equals(str2)) {
                    throw new CredentialsException("Invalid system/token combination");
                }
                CommonProfile commonProfile = new CommonProfile();
                commonProfile.setId(str);
                commonProfile.addAttribute("username", str);
                if (systemToken.getRoles() == null) {
                    commonProfile.setRoles(new HashSet(0));
                } else {
                    commonProfile.setRoles(systemToken.getRoles());
                }
                log.info("System/token authentication succeeded [{}]", commonProfile.toString());
                return commonProfile;
            }
        }
        return null;
    }

    public SystemToken[] getSystemTokenConfigurations() {
        return this.systemTokenConfigurations;
    }

    public void setSystemTokenConfigurations(SystemToken[] systemTokenArr) {
        this.systemTokenConfigurations = systemTokenArr;
    }
}
