package cloud.piranha.security.soteria;

import cloud.piranha.webapp.api.AuthenticatedIdentity;
import cloud.piranha.webapp.api.SecurityManager;
import cloud.piranha.webapp.impl.DefaultAuthenticatedIdentity;
import jakarta.enterprise.inject.spi.CDI;
import jakarta.security.enterprise.credential.Password;
import jakarta.security.enterprise.credential.UsernamePasswordCredential;
import jakarta.security.enterprise.identitystore.CredentialValidationResult;
import jakarta.security.enterprise.identitystore.IdentityStoreHandler;
import jakarta.servlet.http.HttpServletRequest;
import java.lang.annotation.Annotation;

/* loaded from: input_file:cloud/piranha/security/soteria/IdentityStoreLoginHandler.class */
public class IdentityStoreLoginHandler implements SecurityManager.UsernamePasswordLoginHandler {
    public AuthenticatedIdentity login(HttpServletRequest httpServletRequest, String str, String str2) {
        CredentialValidationResult validate = ((IdentityStoreHandler) CDI.current().select(IdentityStoreHandler.class, new Annotation[0]).get()).validate(new UsernamePasswordCredential(str, new Password(str2)));
        if (validate.getStatus() == CredentialValidationResult.Status.VALID) {
            return new DefaultAuthenticatedIdentity(validate.getCallerPrincipal(), validate.getCallerGroups());
        }
        return null;
    }
}
