package org.georchestra.gateway.security.ldap.extended;

import java.util.function.Supplier;
import org.georchestra.ds.DataServiceException;
import org.georchestra.ds.users.Account;
import org.georchestra.ds.users.AccountDao;
import org.springframework.ldap.NameNotFoundException;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
import org.springframework.security.ldap.authentication.LdapAuthenticator;
import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:BOOT-INF/classes/org/georchestra/gateway/security/ldap/extended/ExtendedLdapAuthenticationProvider.class */
public class ExtendedLdapAuthenticationProvider extends LdapAuthenticationProvider {
    private AccountDao accountDao;

    public ExtendedLdapAuthenticationProvider(LdapAuthenticator ldapAuthenticator, LdapAuthoritiesPopulator ldapAuthoritiesPopulator) {
        super(ldapAuthenticator, ldapAuthoritiesPopulator);
    }

    public void setAccountDao(AccountDao accountDao) {
        this.accountDao = accountDao;
    }

    @Override // org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider, org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        Assert.isInstanceOf((Class<?>) UsernamePasswordAuthenticationToken.class, authentication, (Supplier<String>) () -> {
            return this.messages.getMessage("LdapAuthenticationProvider.onlySupports", "Only UsernamePasswordAuthenticationToken is supported");
        });
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = (UsernamePasswordAuthenticationToken) authentication;
        Account account = null;
        try {
            account = this.accountDao.findByEmail(usernamePasswordAuthenticationToken.getName());
        } catch (DataServiceException e) {
        } catch (NameNotFoundException e2) {
        }
        if (account != null) {
            usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(account.getUid(), usernamePasswordAuthenticationToken.getCredentials());
        }
        String name = usernamePasswordAuthenticationToken.getName();
        String str = (String) authentication.getCredentials();
        if (!StringUtils.hasLength(name)) {
            throw new BadCredentialsException(this.messages.getMessage("LdapAuthenticationProvider.emptyUsername", "Empty Username"));
        }
        if (!StringUtils.hasLength(str)) {
            throw new BadCredentialsException(this.messages.getMessage("AbstractLdapAuthenticationProvider.emptyPassword", "Empty Password"));
        }
        Assert.notNull(str, "Null password was supplied in authentication token");
        DirContextOperations doAuthentication = doAuthentication(usernamePasswordAuthenticationToken);
        return createSuccessfulAuthentication(usernamePasswordAuthenticationToken, this.userDetailsContextMapper.mapUserFromContext(doAuthentication, authentication.getName(), loadUserAuthorities(doAuthentication, authentication.getName(), (String) authentication.getCredentials())));
    }
}
