package ee.bitweb.springframework.security.estonianid.authentication;

import ee.bitweb.springframework.security.estonianid.SmartIdAuthenticationException;
import ee.bitweb.springframework.security.estonianid.SmartIdAuthenticationPendingException;
import ee.bitweb.springframework.security.estonianid.userdetails.EstonianIdUserDetails;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.util.Assert;
import org.springframework.util.ObjectUtils;

/* loaded from: input_file:ee/bitweb/springframework/security/estonianid/authentication/SmartIdAuthenticationProvider.class */
public class SmartIdAuthenticationProvider implements AuthenticationProvider, InitializingBean {
    private SmartIdAuthenticationService authenticationService;
    protected UserDetailsService userDetailsService;

    public void afterPropertiesSet() {
        Assert.notNull(this.authenticationService, "authenticationService must be set");
        Assert.notNull(this.userDetailsService, "userDetailsService must be set");
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        SmartIdAuthenticationToken smartIdAuthenticationToken = (SmartIdAuthenticationToken) authentication;
        if (ObjectUtils.isEmpty(smartIdAuthenticationToken.getAuthSession())) {
            smartIdAuthenticationToken.setAuthSession(this.authenticationService.beginAuthentication(smartIdAuthenticationToken.getUserIdCode(), smartIdAuthenticationToken.getCountryCode()));
            if (!smartIdAuthenticationToken.getAuthSession().isAuthenticated()) {
                if (smartIdAuthenticationToken.getAuthSession().isPending()) {
                    throw new SmartIdAuthenticationPendingException("Smart-ID authentication pending", smartIdAuthenticationToken);
                }
                throw new SmartIdAuthenticationException("Smart-ID authentication failed", smartIdAuthenticationToken);
            }
        } else if (!smartIdAuthenticationToken.getAuthSession().isAuthenticated()) {
            if (!smartIdAuthenticationToken.getAuthSession().isPending()) {
                throw new SmartIdAuthenticationException("Smart-ID authentication failed", smartIdAuthenticationToken);
            }
            try {
                this.authenticationService.validate(smartIdAuthenticationToken.getAuthSession());
                if (!smartIdAuthenticationToken.getAuthSession().isAuthenticated()) {
                    if (smartIdAuthenticationToken.getAuthSession().isPending()) {
                        throw new SmartIdAuthenticationPendingException("Smart-ID authentication pending", smartIdAuthenticationToken);
                    }
                    throw new SmartIdAuthenticationException("Smart-ID authentication failed", smartIdAuthenticationToken);
                }
            } catch (Exception e) {
                throw new SmartIdAuthenticationException("Smart-ID authentication failed", smartIdAuthenticationToken, e);
            }
        }
        smartIdAuthenticationToken.setUserIdCode(smartIdAuthenticationToken.getAuthSession().getUserIdCode());
        smartIdAuthenticationToken.setUserGivenName(smartIdAuthenticationToken.getAuthSession().getGivenName());
        smartIdAuthenticationToken.setUserSurname(smartIdAuthenticationToken.getAuthSession().getSurName());
        smartIdAuthenticationToken.setAuthenticated(true);
        EstonianIdUserDetails retrieveUser = retrieveUser(smartIdAuthenticationToken);
        if (!ObjectUtils.isEmpty(retrieveUser)) {
            smartIdAuthenticationToken = new SmartIdAuthenticationToken(retrieveUser.m7getAuthorities(), smartIdAuthenticationToken.getUserIdCode(), smartIdAuthenticationToken.getCountryCode(), smartIdAuthenticationToken.getAuthSession());
            smartIdAuthenticationToken.setUserIdCode(smartIdAuthenticationToken.getAuthSession().getUserIdCode());
            smartIdAuthenticationToken.setAuthenticated(true);
            smartIdAuthenticationToken.setDetails(null);
            smartIdAuthenticationToken.setPrincipal(retrieveUser);
        }
        return smartIdAuthenticationToken;
    }

    protected EstonianIdUserDetails retrieveUser(SmartIdAuthenticationToken smartIdAuthenticationToken) throws AuthenticationException {
        try {
            return (EstonianIdUserDetails) this.userDetailsService.loadUserByUsername(smartIdAuthenticationToken.getUserIdCode());
        } catch (UsernameNotFoundException e) {
            throw new SmartIdAuthenticationException(e.getMessage(), smartIdAuthenticationToken, e);
        }
    }

    public boolean supports(Class<?> cls) {
        return SmartIdAuthenticationToken.class.isAssignableFrom(cls);
    }

    public void setAuthenticationService(SmartIdAuthenticationService smartIdAuthenticationService) {
        this.authenticationService = smartIdAuthenticationService;
    }

    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }
}
