package ome.security.auth.providers;

import ome.conditions.ApiUsageException;
import ome.logic.LdapImpl;
import ome.security.auth.ConfigurablePasswordProvider;
import ome.security.auth.PasswordUtil;
import org.springframework.util.Assert;

/* loaded from: input_file:ome/security/auth/providers/LdapPasswordProvider431.class */
public class LdapPasswordProvider431 extends ConfigurablePasswordProvider {
    protected final LdapImpl ldapUtil;

    public LdapPasswordProvider431(PasswordUtil passwordUtil, LdapImpl ldapImpl) {
        super(passwordUtil);
        Assert.notNull(ldapImpl);
        this.ldapUtil = ldapImpl;
    }

    public LdapPasswordProvider431(PasswordUtil passwordUtil, LdapImpl ldapImpl, boolean z) {
        super(passwordUtil, z);
        Assert.notNull(ldapImpl);
        this.ldapUtil = ldapImpl;
    }

    @Override // ome.security.auth.ConfigurablePasswordProvider, ome.security.auth.PasswordProvider
    public boolean hasPassword(String str) {
        Long userId;
        return (!this.ldapUtil.getSetting() || (userId = this.util.userId(str)) == null || this.ldapUtil.lookupLdapAuthExperimenter(userId) == null) ? false : true;
    }

    @Override // ome.security.auth.ConfigurablePasswordProvider, ome.security.auth.PasswordProvider
    public Boolean checkPassword(String str, String str2, boolean z) {
        if (!this.ldapUtil.getSetting()) {
            return null;
        }
        Long userId = this.util.userId(str);
        if (null == userId) {
            try {
                if (z) {
                    throw new IllegalStateException("Cannot create user!");
                }
                if (this.ldapUtil.createUserFromLdap(str, str2)) {
                    loginAttempt(str, true);
                    return true;
                }
            } catch (ApiUsageException e) {
                this.log.info(String.format("Default choice on create user: %s (%s)", str, e));
            }
        } else {
            try {
                String lookupLdapAuthExperimenter = this.ldapUtil.lookupLdapAuthExperimenter(userId);
                if (lookupLdapAuthExperimenter != null) {
                    return loginAttempt(str, Boolean.valueOf(this.ldapUtil.validatePassword(lookupLdapAuthExperimenter, str2)));
                }
            } catch (ApiUsageException e2) {
                this.log.warn("Default choice on check ldap password: " + str, e2);
            }
        }
        return super.checkPassword(str, str2, z);
    }
}
