package org.apereo.cas.support.inwebo.authentication;

import java.security.GeneralSecurityException;
import javax.security.auth.login.FailedLoginException;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.AuthenticationHandlerExecutionResult;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.MultifactorAuthenticationHandler;
import org.apereo.cas.authentication.MultifactorAuthenticationProvider;
import org.apereo.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.configuration.model.support.mfa.InweboMultifactorAuthenticationProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.support.inwebo.service.InweboService;
import org.apereo.cas.support.inwebo.service.response.InweboDeviceNameResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.ObjectProvider;

/* loaded from: input_file:org/apereo/cas/support/inwebo/authentication/InweboAuthenticationHandler.class */
public class InweboAuthenticationHandler extends AbstractPreAndPostProcessingAuthenticationHandler implements MultifactorAuthenticationHandler {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(InweboAuthenticationHandler.class);
    private final InweboService service;
    private final ObjectProvider<MultifactorAuthenticationProvider> multifactorAuthenticationProvider;

    public InweboAuthenticationHandler(ServicesManager servicesManager, PrincipalFactory principalFactory, InweboMultifactorAuthenticationProperties inweboMultifactorAuthenticationProperties, InweboService inweboService, ObjectProvider<MultifactorAuthenticationProvider> objectProvider) {
        super(inweboMultifactorAuthenticationProperties.getName(), servicesManager, principalFactory, Integer.valueOf(inweboMultifactorAuthenticationProperties.getOrder()));
        this.service = inweboService;
        this.multifactorAuthenticationProvider = objectProvider;
    }

    protected AuthenticationHandlerExecutionResult doAuthentication(Credential credential, Service service) throws GeneralSecurityException {
        InweboCredential inweboCredential = (InweboCredential) credential;
        String login = inweboCredential.getLogin();
        LOGGER.trace("Inwebo credential login is [{}]", login);
        String otp = inweboCredential.getOtp();
        boolean isAlreadyAuthenticated = inweboCredential.isAlreadyAuthenticated();
        String deviceName = inweboCredential.getDeviceName();
        if (StringUtils.isNotBlank(otp)) {
            InweboDeviceNameResponse authenticateExtended = this.service.authenticateExtended(login, otp);
            if (authenticateExtended.isOk()) {
                isAlreadyAuthenticated = true;
                deviceName = authenticateExtended.getDeviceName();
            }
        }
        if (!isAlreadyAuthenticated) {
            throw new FailedLoginException("Cannot validate authentication for: " + login);
        }
        inweboCredential.setDeviceName(deviceName);
        LOGGER.info("Authenticated user: [{}] for device: [{}]", login, deviceName);
        return createHandlerResult(inweboCredential, this.principalFactory.createPrincipal(login));
    }

    public boolean supports(Class<? extends Credential> cls) {
        return InweboCredential.class.isAssignableFrom(cls);
    }

    public boolean supports(Credential credential) {
        return InweboCredential.class.isAssignableFrom(credential.getClass());
    }

    @Generated
    public InweboService getService() {
        return this.service;
    }

    @Generated
    public ObjectProvider<MultifactorAuthenticationProvider> getMultifactorAuthenticationProvider() {
        return this.multifactorAuthenticationProvider;
    }
}
