package cat.gencat.ctti.canigo.arch.security.provider.sace;

import cat.gencat.ctti.canigo.arch.security.provider.sace.authentication.dao.SACEPasswordAuthenticationDao;
import org.springframework.dao.DataAccessException;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.authentication.dao.SaltSource;
import org.springframework.security.authentication.encoding.PasswordEncoder;
import org.springframework.security.authentication.encoding.PlaintextPasswordEncoder;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/* loaded from: input_file:cat/gencat/ctti/canigo/arch/security/provider/sace/SACEAuthenticationProvider.class */
public class SACEAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
    private PasswordEncoder passwordEncoder = new PlaintextPasswordEncoder();
    private SaltSource saltSource;
    private SACEPasswordAuthenticationDao authenticationDao;

    public void setAuthenticationDao(SACEPasswordAuthenticationDao sACEPasswordAuthenticationDao) {
        this.authenticationDao = sACEPasswordAuthenticationDao;
    }

    public SACEPasswordAuthenticationDao getAuthenticationDao() {
        return this.authenticationDao;
    }

    public boolean supports(Class<? extends Object> cls) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }

    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }

    public PasswordEncoder getPasswordEncoder() {
        return this.passwordEncoder;
    }

    public void setSaltSource(SaltSource saltSource) {
        this.saltSource = saltSource;
    }

    public SaltSource getSaltSource() {
        return this.saltSource;
    }

    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        Object obj = null;
        if (getSaltSource() != null) {
            obj = getSaltSource().getSalt(userDetails);
        }
        if (!getPasswordEncoder().isPasswordValid(userDetails.getPassword(), usernamePasswordAuthenticationToken.getCredentials().toString(), obj)) {
            throw new BadCredentialsException("Bad credentials", userDetails);
        }
    }

    protected UserDetails retrieveUser(String str, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        try {
            UserDetails loadUserByUsernameAndPassword = this.authenticationDao.loadUserByUsernameAndPassword(str, usernamePasswordAuthenticationToken.getCredentials().toString());
            if (loadUserByUsernameAndPassword == null) {
                throw new AuthenticationServiceException("AuthenticationDao returned null, which is an interface contract violation");
            }
            return loadUserByUsernameAndPassword;
        } catch (UsernameNotFoundException e) {
            if (this.hideUserNotFoundExceptions) {
                throw new BadCredentialsException("Bad credentials presented");
            }
            throw e;
        } catch (DataAccessException e2) {
            throw new AuthenticationServiceException(e2.getMessage(), e2);
        }
    }
}
