package org.flowable.app.security;

import org.flowable.idm.api.IdmIdentityService;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.SpringSecurityMessageSource;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.security.core.authority.mapping.NullAuthoritiesMapper;

/* loaded from: input_file:WEB-INF/lib/flowable-ui-idm-conf-6.2.0.jar:org/flowable/app/security/CustomLdapAuthenticationProvider.class */
public class CustomLdapAuthenticationProvider implements AuthenticationProvider {
    protected org.springframework.security.core.userdetails.UserDetailsService userDetailsService;
    protected IdmIdentityService identityService;
    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
    protected GrantedAuthoritiesMapper authoritiesMapper = new NullAuthoritiesMapper();

    public CustomLdapAuthenticationProvider(org.springframework.security.core.userdetails.UserDetailsService userDetailsService, IdmIdentityService idmIdentityService) {
        this.userDetailsService = userDetailsService;
        this.identityService = idmIdentityService;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = (UsernamePasswordAuthenticationToken) authentication;
        if (!this.identityService.checkPassword(usernamePasswordAuthenticationToken.getName(), usernamePasswordAuthenticationToken.getCredentials().toString())) {
            throw new BadCredentialsException(this.messages.getMessage("LdapAuthenticationProvider.badCredentials", "Bad credentials"));
        }
        FlowableAppUser flowableAppUser = (FlowableAppUser) this.userDetailsService.loadUserByUsername(usernamePasswordAuthenticationToken.getName());
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken2 = new UsernamePasswordAuthenticationToken(flowableAppUser, usernamePasswordAuthenticationToken.getCredentials(), this.authoritiesMapper.mapAuthorities(flowableAppUser.getAuthorities()));
        usernamePasswordAuthenticationToken2.setDetails(authentication.getDetails());
        return usernamePasswordAuthenticationToken2;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }
}
