package com.evolveum.midpoint.authentication.impl.provider;

import com.evolveum.midpoint.authentication.api.AuthenticationChannel;
import com.evolveum.midpoint.authentication.api.evaluator.AuthenticationEvaluator;
import com.evolveum.midpoint.authentication.api.evaluator.context.PreAuthenticationContext;
import com.evolveum.midpoint.security.api.MidPointPrincipal;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType;
import java.util.Collection;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;

/* loaded from: input_file:BOOT-INF/lib/authentication-impl-4.9.3.jar:com/evolveum/midpoint/authentication/impl/provider/PreAuthenticatedProvider.class */
public class PreAuthenticatedProvider extends MidpointAbstractAuthenticationProvider {
    private static final Trace LOGGER = TraceManager.getTrace((Class<?>) PreAuthenticatedProvider.class);

    @Autowired
    private AuthenticationEvaluator<PreAuthenticationContext, PreAuthenticatedAuthenticationToken> preAuthenticatedEvaluator;

    @Override // com.evolveum.midpoint.authentication.impl.provider.AbstractAuthenticationProvider
    protected Authentication createNewAuthenticationToken(Authentication authentication, Collection<? extends GrantedAuthority> collection) {
        return authentication instanceof PreAuthenticatedAuthenticationToken ? new PreAuthenticatedAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), collection) : authentication;
    }

    @Override // com.evolveum.midpoint.authentication.impl.provider.MidpointAbstractAuthenticationProvider
    protected Authentication doAuthenticate(Authentication authentication, String str, List<ObjectReferenceType> list, AuthenticationChannel authenticationChannel, Class<? extends FocusType> cls) {
        LOGGER.trace("Authenticating username '{}'", str);
        PreAuthenticatedAuthenticationToken authenticate = this.preAuthenticatedEvaluator.authenticate(createEnvironment(authenticationChannel), new PreAuthenticationContext(str, cls, list, authenticationChannel));
        LOGGER.debug("User '{}' authenticated ({}), authorities: {}", authentication.getPrincipal(), authentication.getClass().getSimpleName(), ((MidPointPrincipal) authenticate.getPrincipal()).getAuthorities());
        return authenticate;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return PreAuthenticatedAuthenticationToken.class.equals(cls);
    }
}
