package org.apereo.cas.adaptors.radius.authentication.handler.support;

import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import javax.security.auth.login.FailedLoginException;
import org.apache.commons.lang3.tuple.Pair;
import org.apereo.cas.adaptors.radius.RadiusServer;
import org.apereo.cas.adaptors.radius.RadiusUtils;
import org.apereo.cas.authentication.HandlerResult;
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.services.ServicesManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apereo/cas/adaptors/radius/authentication/handler/support/RadiusAuthenticationHandler.class */
public class RadiusAuthenticationHandler extends AbstractUsernamePasswordAuthenticationHandler {
    private static final Logger LOGGER = LoggerFactory.getLogger(RadiusAuthenticationHandler.class);
    private final List<RadiusServer> servers;
    private final boolean failoverOnException;
    private final boolean failoverOnAuthenticationFailure;

    public RadiusAuthenticationHandler(String str, ServicesManager servicesManager, PrincipalFactory principalFactory, List<RadiusServer> list, boolean z, boolean z2) {
        super(str, servicesManager, principalFactory, (Integer) null);
        LOGGER.debug("Using [{}]", getClass().getSimpleName());
        this.servers = list;
        this.failoverOnException = z;
        this.failoverOnAuthenticationFailure = z2;
    }

    protected HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential usernamePasswordCredential, String str) throws GeneralSecurityException {
        try {
            String username = usernamePasswordCredential.getUsername();
            Pair authenticate = RadiusUtils.authenticate(username, usernamePasswordCredential.getPassword(), this.servers, this.failoverOnAuthenticationFailure, this.failoverOnException);
            if (((Boolean) authenticate.getKey()).booleanValue()) {
                return createHandlerResult(usernamePasswordCredential, this.principalFactory.createPrincipal(username, (Map) ((Optional) authenticate.getValue()).get()), new ArrayList());
            }
            throw new FailedLoginException("Radius authentication failed for user " + username);
        } catch (Exception e) {
            throw new FailedLoginException("Radius authentication failed " + e.getMessage());
        }
    }
}
