package net.smartcosmos.extension.stormpath.auth.provider;

import net.smartcosmos.extension.stormpath.auth.SmartCosmosServiceUser;
import net.smartcosmos.extension.stormpath.config.ServiceUserProperties;
import net.smartcosmos.security.user.SmartCosmosUser;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:net/smartcosmos/extension/stormpath/auth/provider/ServiceUserAccessAuthenticationProvider.class */
public class ServiceUserAccessAuthenticationProvider implements AuthenticationProvider {
    private static final Class SUPPORTED_AUTHENTICATION = UsernamePasswordAuthenticationToken.class;
    private SecurityProperties.User serviceUser;

    @Autowired
    public ServiceUserAccessAuthenticationProvider(ServiceUserProperties serviceUserProperties) {
        this.serviceUser = serviceUserProperties.getUser();
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (authentication == null) {
            throw new InsufficientAuthenticationException("authentication must not be null");
        }
        String name = authentication.getName();
        Object credentials = authentication.getCredentials();
        Object principal = authentication.getPrincipal();
        if (!(credentials instanceof String)) {
            return null;
        }
        String str = (String) credentials;
        if (!StringUtils.equals(name, this.serviceUser.getName()) || !StringUtils.equals(str, this.serviceUser.getPassword())) {
            throw new BadCredentialsException(String.format("Credentials for user '%s' do not match.", authentication.getName()));
        }
        SmartCosmosUser serviceUser = principal instanceof SmartCosmosUser ? (SmartCosmosUser) principal : SmartCosmosServiceUser.getServiceUser(name, str, null);
        return new UsernamePasswordAuthenticationToken(serviceUser, credentials, serviceUser.getAuthorities());
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return SUPPORTED_AUTHENTICATION.equals(cls);
    }
}
