package org.apereo.cas.web.flow;

import java.util.Optional;
import lombok.Generated;
import org.apereo.cas.api.PasswordlessTokenRepository;
import org.apereo.cas.api.PasswordlessUserAccount;
import org.apereo.cas.api.PasswordlessUserAccountStore;
import org.apereo.cas.authentication.AuthenticationException;
import org.apereo.cas.authentication.AuthenticationResult;
import org.apereo.cas.authentication.AuthenticationSystemSupport;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.adaptive.AdaptiveAuthenticationPolicy;
import org.apereo.cas.authentication.credential.OneTimePasswordCredential;
import org.apereo.cas.web.flow.actions.AbstractAuthenticationAction;
import org.apereo.cas.web.flow.resolver.CasDelegatingWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.CasWebflowEventResolver;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.action.EventFactorySupport;
import org.springframework.webflow.core.collection.LocalAttributeMap;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:org/apereo/cas/web/flow/AcceptPasswordlessAuthenticationAction.class */
public class AcceptPasswordlessAuthenticationAction extends AbstractAuthenticationAction {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(AcceptPasswordlessAuthenticationAction.class);
    private final PasswordlessTokenRepository passwordlessTokenRepository;
    private final PasswordlessUserAccountStore passwordlessUserAccountStore;
    private final AuthenticationSystemSupport authenticationSystemSupport;

    public AcceptPasswordlessAuthenticationAction(CasDelegatingWebflowEventResolver casDelegatingWebflowEventResolver, CasWebflowEventResolver casWebflowEventResolver, AdaptiveAuthenticationPolicy adaptiveAuthenticationPolicy, PasswordlessTokenRepository passwordlessTokenRepository, AuthenticationSystemSupport authenticationSystemSupport, PasswordlessUserAccountStore passwordlessUserAccountStore) {
        super(casDelegatingWebflowEventResolver, casWebflowEventResolver, adaptiveAuthenticationPolicy);
        this.passwordlessTokenRepository = passwordlessTokenRepository;
        this.authenticationSystemSupport = authenticationSystemSupport;
        this.passwordlessUserAccountStore = passwordlessUserAccountStore;
    }

    protected Event doExecute(RequestContext requestContext) {
        String str = requestContext.getRequestParameters().get("password");
        String str2 = requestContext.getRequestParameters().get("username");
        try {
            Optional<String> findToken = this.passwordlessTokenRepository.findToken(str2);
            if (findToken.isPresent()) {
                Credential oneTimePasswordCredential = new OneTimePasswordCredential(str2, str);
                AuthenticationResult handleAndFinalizeSingleAuthenticationTransaction = this.authenticationSystemSupport.handleAndFinalizeSingleAuthenticationTransaction(WebUtils.getService(requestContext), new Credential[]{oneTimePasswordCredential});
                WebUtils.putAuthenticationResult(handleAndFinalizeSingleAuthenticationTransaction, requestContext);
                WebUtils.putAuthentication(handleAndFinalizeSingleAuthenticationTransaction.getAuthentication(), requestContext);
                WebUtils.putCredential(requestContext, oneTimePasswordCredential);
                String str3 = findToken.get();
                Event doExecute = super.doExecute(requestContext);
                this.passwordlessTokenRepository.deleteToken(str2, str3);
                return doExecute;
            }
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), e);
            LocalAttributeMap localAttributeMap = new LocalAttributeMap();
            localAttributeMap.put("error", e);
            Optional<PasswordlessUserAccount> findUser = this.passwordlessUserAccountStore.findUser(str2);
            if (findUser.isPresent()) {
                localAttributeMap.put("passwordlessAccount", findUser.get());
                return new EventFactorySupport().event(this, "authenticationFailure", localAttributeMap);
            }
        }
        LOGGER.error("Unable to locate token for user [{}]", str2);
        LocalAttributeMap localAttributeMap2 = new LocalAttributeMap();
        localAttributeMap2.put("error", new AuthenticationException("Invalid token"));
        return new EventFactorySupport().event(this, "authenticationFailure", localAttributeMap2);
    }
}
