package com.payneteasy.superfly.security;

import com.payneteasy.superfly.api.OTPType;
import com.payneteasy.superfly.api.SSOService;
import com.payneteasy.superfly.api.SSOUser;
import com.payneteasy.superfly.security.authentication.OtpUsernamePasswordCheckedToken;
import com.payneteasy.superfly.security.authentication.UsernamePasswordAuthRequestInfoAuthenticationToken;
import com.payneteasy.superfly.security.authentication.UsernamePasswordCheckedToken;
import com.payneteasy.superfly.security.exception.BadOTPValueException;
import org.springframework.beans.factory.annotation.Required;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

/* loaded from: input_file:com/payneteasy/superfly/security/SuperflyUsernamePasswordAuthenticationProvider.class */
public class SuperflyUsernamePasswordAuthenticationProvider implements AuthenticationProvider {
    private SSOService ssoService;

    @Required
    public void setSsoService(SSOService sSOService) {
        this.ssoService = sSOService;
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (!(authentication instanceof UsernamePasswordAuthRequestInfoAuthenticationToken)) {
            return null;
        }
        UsernamePasswordAuthRequestInfoAuthenticationToken usernamePasswordAuthRequestInfoAuthenticationToken = (UsernamePasswordAuthRequestInfoAuthenticationToken) authentication;
        if (usernamePasswordAuthRequestInfoAuthenticationToken.getCredentials() == null) {
            throw new BadCredentialsException("Null credentials");
        }
        SSOUser authenticate = this.ssoService.authenticate(usernamePasswordAuthRequestInfoAuthenticationToken.getName(), usernamePasswordAuthRequestInfoAuthenticationToken.getCredentials().toString(), usernamePasswordAuthRequestInfoAuthenticationToken.getAuthRequestInfo());
        if (authenticate == null) {
            throw new BadCredentialsException("Bad credentials");
        }
        if (authenticate.getActionsMap().isEmpty()) {
            throw new BadCredentialsException("No roles");
        }
        if (authenticate.getOtpType() == null || authenticate.getOtpType() == OTPType.NONE) {
            return createAuthentication(authenticate);
        }
        if (!authenticate.isOtpOptional() && usernamePasswordAuthRequestInfoAuthenticationToken.secondFactory() == null) {
            return createOtpAuthentication(authenticate);
        }
        if (this.ssoService.checkOtp(authenticate, usernamePasswordAuthRequestInfoAuthenticationToken.secondFactory())) {
            return createAuthentication(authenticate);
        }
        throw new BadOTPValueException("Otp check failed!");
    }

    public boolean supports(Class<?> cls) {
        return UsernamePasswordAuthRequestInfoAuthenticationToken.class.isAssignableFrom(cls);
    }

    protected Authentication createAuthentication(SSOUser sSOUser) {
        return new UsernamePasswordCheckedToken(sSOUser);
    }

    protected Authentication createOtpAuthentication(SSOUser sSOUser) {
        return new OtpUsernamePasswordCheckedToken(sSOUser);
    }
}
