package com.supwisdom.platform.module.security.secimpl;

import com.supwisdom.platform.module.domain.security.sys.SecurityUser;
import com.supwisdom.platform.module.interfaces.manager.security.sys.ISecurityLogManager;
import com.supwisdom.platform.module.security.exception.LoginAuthenticationException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.authentication.dao.SaltSource;
import org.springframework.security.authentication.encoding.PasswordEncoder;
import org.springframework.security.authentication.encoding.PlaintextPasswordEncoder;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.util.Assert;

/* loaded from: input_file:com/supwisdom/platform/module/security/secimpl/MyAuthenticationProvider.class */
public class MyAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
    private static final String USER_NOT_FOUND_PASSWORD = "userNotFoundPassword";
    private PasswordEncoder passwordEncoder;
    private String userNotFoundEncodedPassword;
    private SaltSource saltSource;
    private UserDetailsService userDetailsService;

    @Autowired
    private ISecurityLogManager securityLogManager;

    public MyAuthenticationProvider() {
        setPasswordEncoder(new PlaintextPasswordEncoder());
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        Assert.isInstanceOf(UsernamePasswordAuthenticationToken.class, authentication, this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports", "只支持UsernamePasswordAuthenticationToken类型"));
        String name = authentication.getPrincipal() == null ? "NONE_PROVIDED" : authentication.getName();
        boolean z = true;
        UserDetails userFromCache = getUserCache().getUserFromCache(name);
        if (userFromCache == null) {
            z = false;
            try {
                userFromCache = retrieveUser(name, (UsernamePasswordAuthenticationToken) authentication);
                Assert.notNull(userFromCache, "提取用户信息为空");
            } catch (UsernameNotFoundException | LoginAuthenticationException e) {
                if (this.logger.isDebugEnabled()) {
                    this.logger.debug("用户提取出现异常");
                }
                if (this.hideUserNotFoundExceptions) {
                    throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "无效的用户名"));
                }
                throw e;
            }
        }
        try {
            additionalAuthenticationChecks(userFromCache, (UsernamePasswordAuthenticationToken) authentication);
        } catch (AuthenticationException e2) {
            if (!z) {
                throw e2;
            }
            z = false;
            userFromCache = retrieveUser(name, (UsernamePasswordAuthenticationToken) authentication);
            additionalAuthenticationChecks(userFromCache, (UsernamePasswordAuthenticationToken) authentication);
        }
        if (!z) {
            getUserCache().putUserInCache(userFromCache);
        }
        UserDetails userDetails = userFromCache;
        if (isForcePrincipalAsString()) {
            userDetails = userFromCache.getUsername();
        }
        if (userFromCache instanceof SecurityUser) {
            this.securityLogManager.insertLoginLog(((SecurityUser) userFromCache).getUsername(), ((SecurityUser) userFromCache).getId());
        }
        return createSuccessAuthentication(userDetails, authentication, userFromCache);
    }

    public void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        Object obj = null;
        if (this.saltSource != null) {
            obj = this.saltSource.getSalt(userDetails);
        }
        if (usernamePasswordAuthenticationToken.getCredentials() == null) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("验证信息中用户名为空");
            }
            throw new LoginAuthenticationException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "无效的用户"));
        }
        if (this.passwordEncoder.isPasswordValid(userDetails.getPassword(), usernamePasswordAuthenticationToken.getCredentials().toString(), obj)) {
            return;
        }
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("密码验证错误");
        }
        throw new LoginAuthenticationException(this.messages.getMessage("CustomValidate.PwdErr", "密码输入不正确"));
    }

    public UserDetails retrieveUser(String str, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        try {
            UserDetails loadUserByUsername = getUserDetailsService().loadUserByUsername(str);
            if (loadUserByUsername == null) {
                throw new UsernameNotFoundException(this.messages.getMessage("CustomValidate.UserNameNotFound", "用户不存在"));
            }
            return loadUserByUsername;
        } catch (AuthenticationException e) {
            throw e;
        } catch (Exception e2) {
            throw new InternalAuthenticationServiceException(e2.getMessage(), e2);
        }
    }

    protected void doAfterPropertiesSet() throws Exception {
        Assert.notNull(this.userDetailsService, "userDetailsService不能为空");
    }

    public PasswordEncoder getPasswordEncoder() {
        return this.passwordEncoder;
    }

    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        Assert.notNull(passwordEncoder, "密码加密不能为空");
        this.userNotFoundEncodedPassword = passwordEncoder.encodePassword(USER_NOT_FOUND_PASSWORD, (Object) null);
        this.passwordEncoder = passwordEncoder;
    }

    public String getUserNotFoundEncodedPassword() {
        return this.userNotFoundEncodedPassword;
    }

    public void setUserNotFoundEncodedPassword(String str) {
        this.userNotFoundEncodedPassword = str;
    }

    public SaltSource getSaltSource() {
        return this.saltSource;
    }

    public void setSaltSource(SaltSource saltSource) {
        this.saltSource = saltSource;
    }

    public UserDetailsService getUserDetailsService() {
        return this.userDetailsService;
    }

    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }
}
