package com.hazelcast.webmonitor.security.spi.impl.builtin;

import com.hazelcast.webmonitor.model.sql.UserCredentialsModel;
import com.hazelcast.webmonitor.repositories.sql.UserCredentialsDAO;
import com.hazelcast.webmonitor.service.AuthTokenManager;
import java.util.ArrayList;
import java.util.Optional;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.SimpleGrantedAuthority;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/classes/com/hazelcast/webmonitor/security/spi/impl/builtin/DefaultAuthenticationProvider.class
 */
/* loaded from: input_file:com/hazelcast/webmonitor/security/spi/impl/builtin/DefaultAuthenticationProvider.class */
public class DefaultAuthenticationProvider implements AuthenticationProvider {
    private final UserCredentialsDAO userDAO;
    private final AuthTokenManager authTokenManager;

    public DefaultAuthenticationProvider(UserCredentialsDAO userCredentialsDAO, AuthTokenManager authTokenManager) {
        this.userDAO = userCredentialsDAO;
        this.authTokenManager = authTokenManager;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        Optional<UserCredentialsModel> login;
        String str = (String) authentication.getPrincipal();
        if (!(authentication instanceof TokenBasedAuthenticationToken)) {
            login = this.userDAO.login(str, (String) authentication.getCredentials());
        } else {
            if (this.authTokenManager == null) {
                throw new BadCredentialsException("Runtime configuration does not support tokens.");
            }
            if (!this.authTokenManager.validate((String) authentication.getCredentials())) {
                throw new BadCredentialsException("Wrong token!");
            }
            login = this.userDAO.findByUsername(str);
        }
        if (!login.isPresent()) {
            throw new BadCredentialsException("Wrong username/password!");
        }
        UserCredentialsModel userCredentialsModel = login.get();
        ArrayList arrayList = new ArrayList();
        if (!"".equals(userCredentialsModel.getRole())) {
            arrayList.add(new SimpleGrantedAuthority(userCredentialsModel.getRole()));
        }
        return new UsernamePasswordAuthenticationToken(userCredentialsModel.getUsername(), null, arrayList);
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return true;
    }
}
