package org.trails.security;

import java.util.Date;
import java.util.List;
import org.acegisecurity.Authentication;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.BadCredentialsException;
import org.acegisecurity.providers.AuthenticationProvider;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UserDetailsService;
import org.apache.log4j.Logger;
import org.hibernate.criterion.DetachedCriteria;
import org.hibernate.criterion.Restrictions;
import org.trails.persistence.HibernatePersistenceService;

/* loaded from: input_file:org/trails/security/ExpiringKeyAuthenticationProvider.class */
public class ExpiringKeyAuthenticationProvider implements AuthenticationProvider {
    private static final Logger log = Logger.getLogger(ExpiringKeyAuthenticationProvider.class);
    private HibernatePersistenceService persistenceService;
    private UserDetailsService userDetailsService;

    public void setPersistenceService(HibernatePersistenceService hibernatePersistenceService) {
        this.persistenceService = hibernatePersistenceService;
    }

    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (authentication.getAuthorities() == null && authentication.getPrincipal() != null) {
            DetachedCriteria forClass = DetachedCriteria.forClass(ExpiringKey.class);
            forClass.add(Restrictions.eq("name", authentication.getName()));
            forClass.add(Restrictions.gt("expiresAfter", new Date()));
            List<ExpiringKey> instances = this.persistenceService.getInstances(ExpiringKey.class, forClass);
            if (instances.size() <= 0) {
                throw new BadCredentialsException("No persistent credentials found");
            }
            String obj = authentication.getCredentials().toString();
            if (obj == null) {
                throw new BadCredentialsException("No remember me token provided");
            }
            for (ExpiringKey expiringKey : instances) {
                if (obj.equals(expiringKey.getValue())) {
                    UserDetails loadUserByUsername = this.userDetailsService.loadUserByUsername(expiringKey.getName());
                    if (loadUserByUsername == null) {
                        throw new BadCredentialsException("Token found, but user doesn't exist");
                    }
                    log.info("Successfully authenticated user " + authentication.getName() + " using expiring key");
                    return new UserKeyAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), loadUserByUsername.getAuthorities());
                }
            }
            throw new BadCredentialsException("No matching token available");
        }
        return authentication;
    }

    public boolean supports(Class cls) {
        return UserKeyAuthenticationToken.class.isAssignableFrom(cls);
    }
}
