package org.pac4j.kerberos.credentials.authenticator;

import java.util.Optional;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.context.session.SessionStore;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.credentials.authenticator.Authenticator;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.kerberos.credentials.KerberosCredentials;
import org.pac4j.kerberos.profile.KerberosProfile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/pac4j/kerberos/credentials/authenticator/KerberosAuthenticator.class */
public class KerberosAuthenticator implements Authenticator {
    protected final Logger logger = LoggerFactory.getLogger(getClass());
    protected KerberosTicketValidator ticketValidator;

    public KerberosAuthenticator(KerberosTicketValidator kerberosTicketValidator) {
        CommonHelper.assertNotNull("ticketValidator", kerberosTicketValidator);
        this.ticketValidator = kerberosTicketValidator;
    }

    public Optional<Credentials> validate(Credentials credentials, WebContext webContext, SessionStore sessionStore) {
        KerberosCredentials kerberosCredentials = (KerberosCredentials) credentials;
        this.logger.trace("Try to validate Kerberos Token:" + kerberosCredentials.getKerberosTicketAsString());
        KerberosTicketValidation validateTicket = this.ticketValidator.validateTicket(kerberosCredentials.getKerberosTicket());
        this.logger.debug("Kerberos Token validated");
        String username = validateTicket.username();
        this.logger.debug("Succesfully validated " + username);
        KerberosProfile kerberosProfile = new KerberosProfile(validateTicket.getGssContext());
        kerberosProfile.setId(username);
        kerberosCredentials.setUserProfile(kerberosProfile);
        return Optional.of(kerberosCredentials);
    }
}
