package eu.dariah.de.dariahsp.authentication;

import eu.dariah.de.dariahsp.config.local.LocalUsers;
import java.util.HashSet;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.credentials.UsernamePasswordCredentials;
import org.pac4j.core.credentials.authenticator.Authenticator;
import org.pac4j.core.exception.CredentialsException;
import org.pac4j.core.profile.CommonProfile;
import org.pac4j.core.util.CommonHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.crypto.password.PasswordEncoder;

/* loaded from: input_file:BOOT-INF/lib/dariahsp-core-2.2.0-SNAPSHOT.jar:eu/dariah/de/dariahsp/authentication/LocalUsernamePasswordAuthenticator.class */
public class LocalUsernamePasswordAuthenticator implements Authenticator<UsernamePasswordCredentials> {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) LocalUsernamePasswordAuthenticator.class);
    private LocalUsers[] localUserConfigurations;
    private PasswordEncoder encoder;

    @Override // org.pac4j.core.credentials.authenticator.Authenticator
    public void validate(UsernamePasswordCredentials usernamePasswordCredentials, WebContext webContext) {
        try {
            if (usernamePasswordCredentials == null) {
                throw new CredentialsException("No credential");
            }
            String username = usernamePasswordCredentials.getUsername();
            String password = usernamePasswordCredentials.getPassword();
            if (CommonHelper.isBlank(username)) {
                throw new CredentialsException("Username cannot be blank");
            }
            if (CommonHelper.isBlank(password)) {
                throw new CredentialsException("Password cannot be blank");
            }
            for (LocalUsers localUsers : this.localUserConfigurations) {
                if (localUsers.getUsername().equals(username)) {
                    if (!this.encoder.matches(password, localUsers.getPasshash())) {
                        throw new CredentialsException("Invalid username/password combination");
                    }
                    CommonProfile commonProfile = new CommonProfile();
                    commonProfile.setId(username);
                    commonProfile.addAttribute("username", username);
                    if (localUsers.getRoles() == null) {
                        commonProfile.setRoles(new HashSet(0));
                    } else {
                        commonProfile.setRoles(localUsers.getRoles());
                    }
                    usernamePasswordCredentials.setUserProfile(commonProfile);
                    log.info("Local authentication succeeded [{}]", commonProfile.toString());
                    return;
                }
            }
            throw new CredentialsException("Invalid username/password combination");
        } catch (CredentialsException e) {
            log.info("Local authentication failed{}: {}", usernamePasswordCredentials != null ? "for user" + usernamePasswordCredentials.getUsername() : "", e.getMessage());
            throw e;
        }
    }

    public LocalUsers[] getLocalUserConfigurations() {
        return this.localUserConfigurations;
    }

    public PasswordEncoder getEncoder() {
        return this.encoder;
    }

    public void setLocalUserConfigurations(LocalUsers[] localUsersArr) {
        this.localUserConfigurations = localUsersArr;
    }

    public void setEncoder(PasswordEncoder passwordEncoder) {
        this.encoder = passwordEncoder;
    }
}
