package ee.bitweb.springframework.security.estonianid.authentication;

import ee.bitweb.springframework.security.estonianid.IdCardAuthenticationException;
import ee.bitweb.springframework.security.estonianid.userdetails.EstonianIdUserDetails;
import java.io.IOException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.util.Assert;
import org.springframework.util.ObjectUtils;
import sun.security.x509.X500Name;

/* loaded from: input_file:ee/bitweb/springframework/security/estonianid/authentication/IdCardAuthenticationProvider.class */
public class IdCardAuthenticationProvider implements AuthenticationProvider, InitializingBean {
    private IdCardAuthenticationService authenticationService;
    protected UserDetailsService userDetailsService;
    private final Log logger = LogFactory.getLog(getClass());

    public void afterPropertiesSet() {
        Assert.notNull(this.authenticationService, "authenticationService must be specified");
        Assert.notNull(this.userDetailsService, "userDetailsService must be specified");
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        this.logger.info("Trying to authenticate ID card");
        IdCardAuthenticationToken idCardAuthenticationToken = (IdCardAuthenticationToken) authentication;
        if (ObjectUtils.isEmpty(idCardAuthenticationToken.getUserCert())) {
            throw new IdCardAuthenticationException("Bad certificate", idCardAuthenticationToken);
        }
        String checkCertificate = this.authenticationService.checkCertificate(idCardAuthenticationToken.getUserCert());
        if (ObjectUtils.isEmpty(checkCertificate)) {
            throw new IdCardAuthenticationException("Bad certificate", idCardAuthenticationToken);
        }
        idCardAuthenticationToken.setAuthenticated(true);
        idCardAuthenticationToken.setUserIdCode(checkCertificate);
        X500Name subjectDN = idCardAuthenticationToken.getUserCert().getSubjectDN();
        if (subjectDN instanceof X500Name) {
            try {
                idCardAuthenticationToken.setUserGivenName(subjectDN.getGivenName());
                idCardAuthenticationToken.setUserSurname(subjectDN.getSurname());
            } catch (IOException e) {
                this.logger.error("Unexpected error reading name from cert: " + e);
                return authentication;
            }
        }
        EstonianIdUserDetails retrieveUser = retrieveUser(idCardAuthenticationToken);
        IdCardAuthenticationToken idCardAuthenticationToken2 = new IdCardAuthenticationToken(retrieveUser.m7getAuthorities(), idCardAuthenticationToken.getUserCert());
        idCardAuthenticationToken2.setUserIdCode(String.valueOf(idCardAuthenticationToken2.getUserCert().getSerialNumber()));
        idCardAuthenticationToken2.setAuthenticated(true);
        idCardAuthenticationToken2.setDetails(null);
        idCardAuthenticationToken2.setPrincipal(retrieveUser);
        return idCardAuthenticationToken2;
    }

    protected EstonianIdUserDetails retrieveUser(IdCardAuthenticationToken idCardAuthenticationToken) throws AuthenticationException {
        try {
            return (EstonianIdUserDetails) this.userDetailsService.loadUserByUsername(idCardAuthenticationToken.getUserIdCode());
        } catch (UsernameNotFoundException e) {
            throw new IdCardAuthenticationException(e.getMessage(), idCardAuthenticationToken, e);
        }
    }

    public boolean supports(Class<?> cls) {
        return IdCardAuthenticationToken.class.isAssignableFrom(cls);
    }

    public void setAuthenticationService(IdCardAuthenticationService idCardAuthenticationService) {
        this.authenticationService = idCardAuthenticationService;
    }

    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }
}
