package cat.gencat.ctti.canigo.arch.security.provider.saml;

import cat.gencat.ctti.canigo.arch.security.saml.authentication.token.SAMLAuthenticationToken;
import cat.gencat.ctti.canigo.arch.security.saml.validation.SAMLValidatorResult;
import javax.inject.Named;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.MessageSource;
import org.springframework.context.annotation.Lazy;
import org.springframework.dao.DataAccessException;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.security.core.authority.mapping.NullAuthoritiesMapper;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.stereotype.Component;

@Component
@Named("samlAuthenticationProvider")
/* loaded from: input_file:cat/gencat/ctti/canigo/arch/security/provider/saml/SAMLAuthenticationProvider.class */
public class SAMLAuthenticationProvider extends SAMLAuthenticationBaseProvider {

    @Autowired
    @Lazy
    private UserDetailsService userDetailsService;
    private GrantedAuthoritiesMapper authoritiesMapper = new NullAuthoritiesMapper();

    public UserDetailsService getUserDetailsService() {
        return this.userDetailsService;
    }

    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }

    public Authentication authenticate(Authentication authentication) {
        SAMLValidatorResult validateSamlAssertion = validateSamlAssertion(authentication);
        return createSuccessAuthentication(validateSamlAssertion.getSubject(), authentication, retrieveUser(validateSamlAssertion));
    }

    protected Authentication createSuccessAuthentication(Object obj, Authentication authentication, UserDetails userDetails) {
        SAMLAuthenticationToken sAMLAuthenticationToken = new SAMLAuthenticationToken(this.authoritiesMapper.mapAuthorities(userDetails.getAuthorities()), obj, authentication.getCredentials());
        Object details = authentication.getDetails();
        SAMLUser sAMLUser = new SAMLUser(userDetails);
        if (details instanceof SAMLValidatorResult) {
            sAMLUser.setValidationData((SAMLValidatorResult) details);
        }
        sAMLAuthenticationToken.setDetails(sAMLUser);
        return sAMLAuthenticationToken;
    }

    protected final UserDetails retrieveUser(SAMLValidatorResult sAMLValidatorResult) {
        if (logger.isDebugEnabled()) {
            logger.debug("Obtenint username: {} authentication: {}", sAMLValidatorResult.getSubject(), sAMLValidatorResult);
        }
        try {
            UserDetails loadUserByUsername = getUserDetailsService().loadUserByUsername(sAMLValidatorResult.getSubject());
            if (loadUserByUsername != null && logger.isDebugEnabled()) {
                logger.debug("Usuari: {}", loadUserByUsername.getUsername());
            }
            if (loadUserByUsername == null) {
                throw new AuthenticationServiceException("UserDetailsService returned null, which is an interface contract violation");
            }
            return loadUserByUsername;
        } catch (DataAccessException e) {
            throw new AuthenticationServiceException(e.getMessage(), e);
        }
    }

    @Override // cat.gencat.ctti.canigo.arch.security.provider.saml.SAMLAuthenticationBaseProvider
    public /* bridge */ /* synthetic */ void setOrder(int i) {
        super.setOrder(i);
    }

    @Override // cat.gencat.ctti.canigo.arch.security.provider.saml.SAMLAuthenticationBaseProvider
    public /* bridge */ /* synthetic */ int getOrder() {
        return super.getOrder();
    }

    @Override // cat.gencat.ctti.canigo.arch.security.provider.saml.SAMLAuthenticationBaseProvider
    public /* bridge */ /* synthetic */ void afterPropertiesSet() {
        super.afterPropertiesSet();
    }

    @Override // cat.gencat.ctti.canigo.arch.security.provider.saml.SAMLAuthenticationBaseProvider
    public /* bridge */ /* synthetic */ void setMessageSource(MessageSource messageSource) {
        super.setMessageSource(messageSource);
    }

    @Override // cat.gencat.ctti.canigo.arch.security.provider.saml.SAMLAuthenticationBaseProvider
    public /* bridge */ /* synthetic */ boolean supports(Class cls) {
        return super.supports(cls);
    }
}
