package org.sakaiproject.rubrics.security;

import org.sakaiproject.rubrics.logic.AuthenticatedRequestContext;
import org.sakaiproject.rubrics.logic.JwtAuthenticationToken;
import org.sakaiproject.rubrics.security.exception.JwtTokenMalformedException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:WEB-INF/classes/org/sakaiproject/rubrics/security/JwtAuthenticationProvider.class */
public class JwtAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {

    @Autowired
    private JwtTokenUtil jwtTokenUtil;

    public boolean supports(Class<?> cls) {
        return JwtAuthenticationToken.class.isAssignableFrom(cls);
    }

    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
    }

    protected UserDetails retrieveUser(String str, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        String token = ((JwtAuthenticationToken) usernamePasswordAuthenticationToken).getToken();
        AuthenticatedRequestContext authenticatedUser = this.jwtTokenUtil.getAuthenticatedUser(token);
        if (authenticatedUser == null) {
            throw new JwtTokenMalformedException(String.format("JWT token is not valid: %s", token));
        }
        return authenticatedUser;
    }
}
