package cn.herodotus.engine.oauth2.compliance.listener;

import cn.herodotus.engine.cache.core.exception.MaximumLimitExceededException;
import cn.herodotus.engine.oauth2.compliance.service.OAuth2AccountStatusService;
import cn.herodotus.engine.oauth2.compliance.stamp.SignInFailureLimitedStampManager;
import java.util.Map;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationListener;
import org.springframework.security.authentication.event.AbstractAuthenticationFailureEvent;
import org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationGrantAuthenticationToken;

/* loaded from: input_file:cn/herodotus/engine/oauth2/compliance/listener/AuthenticationFailureListener.class */
public class AuthenticationFailureListener implements ApplicationListener<AbstractAuthenticationFailureEvent> {
    private static final Logger log = LoggerFactory.getLogger(AuthenticationFailureListener.class);
    private final SignInFailureLimitedStampManager stampManager;
    private final OAuth2AccountStatusService accountLockService;

    public AuthenticationFailureListener(SignInFailureLimitedStampManager signInFailureLimitedStampManager, OAuth2AccountStatusService oAuth2AccountStatusService) {
        this.stampManager = signInFailureLimitedStampManager;
        this.accountLockService = oAuth2AccountStatusService;
    }

    public void onApplicationEvent(AbstractAuthenticationFailureEvent abstractAuthenticationFailureEvent) {
        log.debug("[Herodotus] |- Current Event [{}] items", abstractAuthenticationFailureEvent.getClass().getName());
        if (abstractAuthenticationFailureEvent instanceof AuthenticationFailureBadCredentialsEvent) {
            OAuth2AuthorizationGrantAuthenticationToken authentication = abstractAuthenticationFailureEvent.getAuthentication();
            if (authentication instanceof OAuth2AuthorizationGrantAuthenticationToken) {
                String principal = getPrincipal(authentication.getAdditionalParameters());
                if (StringUtils.isNotBlank(principal)) {
                    int intValue = this.stampManager.getComplianceProperties().getSignInFailureLimited().getMaxTimes().intValue();
                    try {
                        log.debug("[Herodotus] |- Sign in user input password error [{}] items", Integer.valueOf(this.stampManager.counting(principal, intValue, this.stampManager.getComplianceProperties().getSignInFailureLimited().getExpire(), true, "AuthenticationFailureListener")));
                    } catch (MaximumLimitExceededException e) {
                        log.warn("[Herodotus] |- User [{}] password error [{}] items, LOCK ACCOUNT!", principal, Integer.valueOf(intValue));
                        this.accountLockService.lock(principal);
                    }
                }
            }
        }
    }

    private String getPrincipal(Map<String, Object> map) {
        if (!MapUtils.isNotEmpty(map) || !map.containsKey("username")) {
            return null;
        }
        Object obj = map.get("username");
        if (ObjectUtils.isNotEmpty(obj)) {
            return (String) obj;
        }
        return null;
    }
}
