package cronapp.framework.authentication.normal;

import com.google.gson.JsonObject;
import cronapi.AppConfig;
import cronapp.framework.LockedUserException;
import cronapp.framework.api.ApiManager;
import cronapp.framework.api.User;
import cronapp.framework.authentication.external.ExternalAuthenticationConfig;
import cronapp.framework.authentication.security.CronappUserDetails;
import cronapp.framework.authentication.social.SocialConfig;
import cronapp.framework.authentication.token.google.CaptchaVerify;
import cronapp.framework.i18n.Messages;
import cronapp.framework.tenant.TenantComponent;
import java.util.Collection;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.lang.Nullable;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import org.springframework.util.Assert;

@Component
/* loaded from: input_file:cronapp/framework/authentication/normal/AuthenticationConfigurer.class */
public class AuthenticationConfigurer implements AuthenticationProvider {
    private static final Logger log = LoggerFactory.getLogger(AuthenticationConfigurer.class);
    private HttpServletRequest request;
    private TenantComponent tenantComponent;
    private final CaptchaVerify captchaVerify = new CaptchaVerify();

    public AuthenticationConfigurer(HttpServletRequest httpServletRequest, @Nullable TenantComponent tenantComponent) {
        this.request = httpServletRequest;
        this.tenantComponent = tenantComponent;
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        try {
            Messages.set(this.request.getLocale());
            String name = authentication.getName();
            boolean contains = authentication.getAuthorities().contains(new SimpleGrantedAuthority("#OAUTH#"));
            String obj = authentication.getCredentials().toString();
            String str = null;
            boolean z = false;
            boolean z2 = false;
            if (contains) {
                str = obj;
                z = SocialConfig.isAutoSignUp();
            }
            if (name.equals("#OAUTH#") && this.request.getSession().getAttribute("#OAUTH#USER") != null) {
                name = (String) this.request.getSession().getAttribute("#OAUTH#USER");
                contains = true;
                this.request.getSession().removeAttribute("#OAUTH#USER");
            }
            CronappUserDetails cronappUserDetails = null;
            if (ExternalAuthenticationConfig.isExternalAuth()) {
                Authentication authenticateExternally = ExternalAuthenticationConfig.authenticateExternally(new UsernamePasswordAuthenticationToken(name, obj));
                str = ExternalAuthenticationConfig.getExternalAuthType();
                z2 = true;
                z = z || AppConfig.autoSignUp();
                if (authenticateExternally.getPrincipal() instanceof CronappUserDetails) {
                    cronappUserDetails = (CronappUserDetails) authenticateExternally.getPrincipal();
                }
            }
            ApiManager byUserAndPassword = ApiManager.byUserAndPassword(name, obj, str, z, authentication.getDetails() instanceof JsonObject ? (JsonObject) authentication.getDetails() : null);
            if (authentication instanceof UsernamePasswordAuthenticationToken) {
                ((UsernamePasswordAuthenticationToken) authentication).setDetails((Object) null);
            }
            try {
                User user = ApiManager.byUser(name).getUser();
                if (ApiManager.isUserLocked(user)) {
                    throw new LockedUserException(Messages.getString("UserLocked"));
                }
                verifyRecaptcha(name, this.request);
                User user2 = byUserAndPassword.getUser(cronappUserDetails);
                if (user2 == null) {
                    throw new UsernameNotFoundException(Messages.getString("UserNotFound"));
                }
                if (ExternalAuthenticationConfig.isExternalAuth() && !contains && !z2) {
                    throw new BadCredentialsException(Messages.getString("UserOrPassordInvalids"));
                }
                String password = user2.getPassword();
                if (!ExternalAuthenticationConfig.isExternalAuth() && !contains && !byUserAndPassword.passwordMatches(obj, password)) {
                    throw new BadCredentialsException(Messages.getString("UserOrPassordInvalids"));
                }
                Collection<? extends GrantedAuthority> authorities = cronappUserDetails == null ? byUserAndPassword.getAuthorities() : cronappUserDetails.getAuthorities();
                org.springframework.security.core.userdetails.User user3 = new org.springframework.security.core.userdetails.User(name, obj, false, false, false, false, authorities);
                UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(user3, password, authorities);
                usernamePasswordAuthenticationToken.setDetails(user3);
                String theme = user2.getTheme();
                if (theme == null) {
                    theme = "";
                }
                this.request.getSession().setAttribute("theme", theme);
                this.request.setAttribute("userDetails", user2);
                if (this.tenantComponent != null) {
                    this.tenantComponent.authenticationTenant(user2.getUsername());
                }
                ApiManager.unlockUser(user);
                Messages.remove();
                return usernamePasswordAuthenticationToken;
            } catch (Exception e) {
                ApiManager.attemptFailed(null);
                if (!ApiManager.isUserLocked(null) && ApiManager.getFailedAttempts(null) > AppConfig.getFailedAttempts().intValue()) {
                    ApiManager.lockUser(null);
                }
                log.error(Messages.getString("AuthError", e.getMessage()), e);
                throw new AuthenticationServiceException(Messages.getString("AuthError", e.getMessage()));
            }
        } catch (Throwable th) {
            Messages.remove();
            throw th;
        }
    }

    public boolean supports(Class<?> cls) {
        return cls.equals(UsernamePasswordAuthenticationToken.class);
    }

    private void verifyRecaptcha(String str, HttpServletRequest httpServletRequest) {
        try {
            Assert.isTrue(this.captchaVerify.processRequest(str, httpServletRequest), "");
        } catch (Exception e) {
            log.error(Messages.getString("AuthError", e.getMessage()), e);
            throw new AuthenticationServiceException(Messages.getString("AuthError", e.getMessage()));
        }
    }
}
