package cc.chensoul.rose.security.rest.provider;

import cc.chensoul.rose.security.rest.mfa.MfaAuthenticationToken;
import cc.chensoul.rose.security.rest.mfa.MfaProperties;
import cc.chensoul.rose.security.util.SecurityUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.util.Assert;

/* loaded from: input_file:cc/chensoul/rose/security/rest/provider/RestLoginAuthenticationProvider.class */
public class RestLoginAuthenticationProvider implements AuthenticationProvider {
    private static final Logger log = LoggerFactory.getLogger(RestLoginAuthenticationProvider.class);
    private final UserDetailsService userDetailsService;
    private final PasswordEncoder encoder;
    private final MfaProperties mfaProperties;

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        Assert.notNull(authentication, "No authentication data provided");
        SecurityUser authenticateByUsernameAndPassword = authenticateByUsernameAndPassword(authentication, (String) authentication.getPrincipal(), (String) authentication.getCredentials());
        return this.mfaProperties.isEnabled() ? new MfaAuthenticationToken(authenticateByUsernameAndPassword) : new UsernamePasswordAuthenticationToken(authenticateByUsernameAndPassword, (Object) null, authenticateByUsernameAndPassword.getAuthorities());
    }

    private SecurityUser authenticateByUsernameAndPassword(Authentication authentication, String str, String str2) {
        UserDetails loadUserByUsername = this.userDetailsService.loadUserByUsername(str);
        if (loadUserByUsername == null) {
            throw new UsernameNotFoundException("User not found: " + str);
        }
        if (this.encoder.matches(str2, loadUserByUsername.getPassword())) {
            return new SecurityUser(loadUserByUsername.getUsername(), loadUserByUsername.getPassword(), loadUserByUsername.getAuthorities());
        }
        throw new BadCredentialsException("Username or password not valid");
    }

    public boolean supports(Class<?> cls) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }

    public RestLoginAuthenticationProvider(UserDetailsService userDetailsService, PasswordEncoder passwordEncoder, MfaProperties mfaProperties) {
        this.userDetailsService = userDetailsService;
        this.encoder = passwordEncoder;
        this.mfaProperties = mfaProperties;
    }
}
