package com.payneteasy.superfly.security;

import com.payneteasy.superfly.api.SSOService;
import com.payneteasy.superfly.api.SSOUser;
import com.payneteasy.superfly.security.authentication.CheckOTPToken;
import com.payneteasy.superfly.security.authentication.OTPCheckedToken;
import com.payneteasy.superfly.security.exception.BadOTPValueException;
import org.springframework.beans.factory.annotation.Required;
import org.springframework.security.access.intercept.RunAsUserToken;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

/* loaded from: input_file:com/payneteasy/superfly/security/SuperflyOTPAuthenticationProvider.class */
public class SuperflyOTPAuthenticationProvider implements AuthenticationProvider {
    private SSOService ssoService;
    private Class<?> supportedAuthenticationClass = CheckOTPToken.class;

    @Required
    public void setSsoService(SSOService sSOService) {
        this.ssoService = sSOService;
    }

    public void setSupportedAuthenticationClass(Class<RunAsUserToken> cls) {
        this.supportedAuthenticationClass = cls;
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        Authentication authentication2 = null;
        if (authentication instanceof CheckOTPToken) {
            CheckOTPToken checkOTPToken = (CheckOTPToken) authentication;
            if (checkOTPToken.getCredentials() == null) {
                throw new BadOTPValueException("Null OTP secret");
            }
            if (!this.ssoService.checkOtp(checkOTPToken.getSsoUser(), checkOTPToken.getCredentials().toString())) {
                throw new BadOTPValueException("Invalid OTP secret");
            }
            authentication2 = createAuthentication(checkOTPToken.getSsoUser());
        }
        return authentication2;
    }

    public boolean supports(Class<?> cls) {
        return this.supportedAuthenticationClass.isAssignableFrom(cls);
    }

    protected Authentication createAuthentication(SSOUser sSOUser) {
        return new OTPCheckedToken(sSOUser);
    }
}
