package com.evolveum.midpoint.authentication.impl.provider;

import com.evolveum.midpoint.authentication.api.AuthenticationChannel;
import com.evolveum.midpoint.authentication.api.util.AuthUtil;
import com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal;
import com.evolveum.midpoint.security.api.MidPointPrincipal;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

/* loaded from: input_file:BOOT-INF/lib/authentication-impl-4.9.3.jar:com/evolveum/midpoint/authentication/impl/provider/MidpointAbstractAuthenticationProvider.class */
public abstract class MidpointAbstractAuthenticationProvider extends AbstractAuthenticationProvider {
    private static final Trace LOGGER = TraceManager.getTrace((Class<?>) MidpointAbstractAuthenticationProvider.class);

    @Override // com.evolveum.midpoint.authentication.impl.provider.AbstractAuthenticationProvider
    protected final Authentication internalAuthentication(Authentication authentication, List<ObjectReferenceType> list, AuthenticationChannel authenticationChannel, Class<? extends FocusType> cls) throws AuthenticationException {
        if (authentication.isAuthenticated() && (authentication.getPrincipal() instanceof GuiProfiledPrincipal)) {
            return authentication;
        }
        try {
            return doAuthenticate(authentication, getEnteredUsername(authentication), list, authenticationChannel, cls);
        } catch (AuthenticationException e) {
            LOGGER.debug("Authentication failed for {}: {}", authentication, e.getMessage());
            throw e;
        }
    }

    private String getEnteredUsername(Authentication authentication) {
        Object principal = authentication.getPrincipal();
        if (principal instanceof MidPointPrincipal) {
            MidPointPrincipal midPointPrincipal = (MidPointPrincipal) principal;
            LOGGER.trace("Found midPoint principal, returning principal username.");
            return midPointPrincipal.getUsername();
        }
        if (principal instanceof String) {
            String str = (String) principal;
            LOGGER.trace("No midPoint principal yet, returning authentication principal object");
            if (StringUtils.isNotBlank(str)) {
                return str;
            }
        }
        MidPointPrincipal midpointPrincipal = AuthUtil.getMidpointPrincipal();
        if (midpointPrincipal == null) {
            return null;
        }
        LOGGER.trace("Found pre-authenticated midPoint principal, returning principal username.");
        return midpointPrincipal.getUsername();
    }

    protected abstract Authentication doAuthenticate(Authentication authentication, String str, List<ObjectReferenceType> list, AuthenticationChannel authenticationChannel, Class<? extends FocusType> cls);
}
