package eu.dariah.de.dariahsp.spring.authentication;

import eu.dariah.de.dariahsp.config.local.LocalUser;
import java.util.HashSet;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.context.session.SessionStore;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.credentials.UsernamePasswordCredentials;
import org.pac4j.core.credentials.authenticator.Authenticator;
import org.pac4j.core.exception.CredentialsException;
import org.pac4j.core.profile.CommonProfile;
import org.pac4j.core.util.CommonHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.crypto.password.PasswordEncoder;

/* loaded from: input_file:eu/dariah/de/dariahsp/spring/authentication/LocalUsernamePasswordAuthenticator.class */
public class LocalUsernamePasswordAuthenticator implements Authenticator {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) LocalUsernamePasswordAuthenticator.class);
    private LocalUser[] localUserConfigurations;
    private PasswordEncoder encoder;

    @Override // org.pac4j.core.credentials.authenticator.Authenticator
    public void validate(Credentials credentials, WebContext webContext, SessionStore sessionStore) {
        if (credentials != null) {
            try {
                if (UsernamePasswordCredentials.class.isAssignableFrom(credentials.getClass())) {
                    String username = ((UsernamePasswordCredentials) credentials).getUsername();
                    String password = ((UsernamePasswordCredentials) credentials).getPassword();
                    if (CommonHelper.isBlank(username)) {
                        throw new CredentialsException("Username cannot be blank");
                    }
                    if (CommonHelper.isBlank(password)) {
                        throw new CredentialsException("Password cannot be blank");
                    }
                    for (LocalUser localUser : this.localUserConfigurations) {
                        if (localUser.getUsername().equals(username)) {
                            if (!this.encoder.matches(password, localUser.getPasshash())) {
                                throw new CredentialsException("Invalid username/password combination");
                            }
                            CommonProfile commonProfile = new CommonProfile();
                            commonProfile.setId(username);
                            commonProfile.addAttribute("username", username);
                            if (localUser.getRoles() == null) {
                                commonProfile.setRoles(new HashSet(0));
                            } else {
                                commonProfile.setRoles(localUser.getRoles());
                            }
                            credentials.setUserProfile(commonProfile);
                            log.info("Local authentication succeeded [{}]", commonProfile.toString());
                            return;
                        }
                    }
                    throw new CredentialsException("Invalid username/password combination");
                }
            } catch (CredentialsException e) {
                log.info("Local authentication failed: {}", e.getMessage());
                throw e;
            }
        }
        throw new CredentialsException("No or invalid type of credential");
    }

    public LocalUser[] getLocalUserConfigurations() {
        return this.localUserConfigurations;
    }

    public PasswordEncoder getEncoder() {
        return this.encoder;
    }

    public void setLocalUserConfigurations(LocalUser[] localUserArr) {
        this.localUserConfigurations = localUserArr;
    }

    public void setEncoder(PasswordEncoder passwordEncoder) {
        this.encoder = passwordEncoder;
    }
}
