package com.supwisdom.institute.cas.site.authentication;

import com.supwisdom.institute.cas.site.account.Account;
import com.supwisdom.institute.cas.site.account.service.AccountService;
import com.supwisdom.institute.cas.site.authentication.exceptions.AccountNonActivatedException;
import com.supwisdom.institute.cas.site.lock.service.LockValidator;
import com.supwisdom.institute.cas.site.passwordencoder.CasPasswordEncoder;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import javax.security.auth.login.AccountExpiredException;
import javax.security.auth.login.AccountLockedException;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.FailedLoginException;
import org.apereo.cas.authentication.AuthenticationHandlerExecutionResult;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.authentication.RememberMeUsernamePasswordCredential;
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.authentication.exceptions.AccountDisabledException;
import org.apereo.cas.authentication.exceptions.AccountPasswordMustChangeException;
import org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.services.ServicesManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:com/supwisdom/institute/cas/site/authentication/CasServerAuthenticationHandler.class */
public class CasServerAuthenticationHandler extends AbstractUsernamePasswordAuthenticationHandler {
    private static final Logger log = LoggerFactory.getLogger(CasServerAuthenticationHandler.class);

    @Autowired
    private LockValidator lockValidator;

    @Autowired
    private AccountService accountService;

    @Autowired
    private CasPasswordEncoder casPasswordEncoder;

    public CasServerAuthenticationHandler(String str, ServicesManager servicesManager, PrincipalFactory principalFactory, Integer num) {
        super(str, servicesManager, principalFactory, num);
    }

    protected AuthenticationHandlerExecutionResult doAuthentication(Credential credential) throws GeneralSecurityException, PreventedException {
        UsernamePasswordCredential usernamePasswordCredential = (UsernamePasswordCredential) credential;
        if (CasServerAccountCredential.class.isInstance(credential)) {
            return authenticateUsernamePasswordInternal((CasServerAccountCredential) credential, usernamePasswordCredential.getPassword());
        }
        if (RememberMeUsernamePasswordCredential.class.isInstance(credential)) {
            boolean isRememberMe = ((RememberMeUsernamePasswordCredential) credential).isRememberMe();
            String username = usernamePasswordCredential.getUsername();
            return authenticateUsernamePasswordInternal(new CasServerAccountCredential(username, usernamePasswordCredential.getPassword(), isRememberMe, this.accountService.loadAccountByUsername(username), null), usernamePasswordCredential.getPassword());
        }
        if (!UsernamePasswordCredential.class.isInstance(credential)) {
            return super.doAuthentication(credential);
        }
        String username2 = usernamePasswordCredential.getUsername();
        return authenticateUsernamePasswordInternal(new CasServerAccountCredential(username2, usernamePasswordCredential.getPassword(), false, this.accountService.loadAccountByUsername(username2), null), usernamePasswordCredential.getPassword());
    }

    protected AuthenticationHandlerExecutionResult authenticateUsernamePasswordInternal(UsernamePasswordCredential usernamePasswordCredential, String str) throws GeneralSecurityException, PreventedException {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        String username = usernamePasswordCredential.getUsername();
        try {
            Account account = usernamePasswordCredential instanceof CasServerAccountCredential ? ((CasServerAccountCredential) usernamePasswordCredential).getAccount() : this.accountService.loadAccountByUsername(username);
            if (account == null) {
                throw new AccountNotFoundException("Account not found");
            }
            if (!account.getActivation().booleanValue()) {
                throw new AccountNonActivatedException("Account not activated");
            }
            if (!account.getEnabled().booleanValue()) {
                throw new AccountDisabledException("Account has been disabled");
            }
            if (!account.getAccountNonExpired().booleanValue()) {
                throw new AccountExpiredException("Account has expired");
            }
            if (!account.getAccountNonLocked().booleanValue() && this.lockValidator.isAccountLock(account.getUsername())) {
                throw new AccountLockedException("Account has locked");
            }
            if (!account.getCredentialsNonExpired().booleanValue()) {
                throw new AccountPasswordMustChangeException("Password has expired");
            }
            if (!this.casPasswordEncoder.matches(str, account) && !matches(str, account.getPassword())) {
                throw new FailedLoginException("Password does not match value on record.");
            }
            linkedHashMap.put("account", account);
            return createHandlerResult(usernamePasswordCredential, this.principalFactory.createPrincipal(account.getUsername(), linkedHashMap), new ArrayList(0));
        } catch (GeneralSecurityException e) {
            log.error(e.getMessage(), e);
            throw e;
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
            throw new AccountNotFoundException(username + " not found from [" + this.accountService.getClass().getName() + "]");
        }
    }
}
