package com.evolveum.midpoint.web.security.provider;

import com.evolveum.midpoint.model.api.AuthenticationEvaluator;
import com.evolveum.midpoint.model.api.authentication.AuthenticationChannel;
import com.evolveum.midpoint.model.api.authentication.GuiProfiledPrincipal;
import com.evolveum.midpoint.model.api.authentication.MidpointAuthentication;
import com.evolveum.midpoint.model.api.authentication.ModuleAuthentication;
import com.evolveum.midpoint.model.api.authentication.NodeAuthenticationEvaluator;
import com.evolveum.midpoint.model.api.context.PasswordAuthenticationContext;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.web.security.module.authentication.ClusterAuthenticationToken;
import java.util.Collection;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:com/evolveum/midpoint/web/security/provider/ClusterProvider.class */
public class ClusterProvider extends MidPointAbstractAuthenticationProvider {
    private static final Trace LOGGER = TraceManager.getTrace(ClusterProvider.class);

    @Autowired
    private NodeAuthenticationEvaluator nodeAuthenticator;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.evolveum.midpoint.web.security.provider.MidPointAbstractAuthenticationProvider
    public AuthenticationEvaluator<PasswordAuthenticationContext> getEvaluator() {
        return null;
    }

    @Override // com.evolveum.midpoint.web.security.provider.MidPointAbstractAuthenticationProvider
    protected Authentication internalAuthentication(Authentication authentication, List list, AuthenticationChannel authenticationChannel, Class cls) throws AuthenticationException {
        if (authentication.isAuthenticated() && (authentication.getPrincipal() instanceof GuiProfiledPrincipal)) {
            return authentication;
        }
        String str = (String) authentication.getPrincipal();
        LOGGER.trace("Authenticating username '{}'", str);
        createEnvironment(authenticationChannel);
        try {
            if (!(authentication instanceof ClusterAuthenticationToken)) {
                LOGGER.error("Unsupported authentication {}", authentication);
                throw new AuthenticationServiceException("web.security.provider.unavailable");
            }
            if (!this.nodeAuthenticator.authenticate((String) null, str, (String) authentication.getCredentials(), "node authentication")) {
                throw new AuthenticationServiceException("web.security.flexAuth.cluster.auth.null");
            }
            Authentication authentication2 = SecurityContextHolder.getContext().getAuthentication();
            LOGGER.debug("Node '{}' authenticated}", authentication.getPrincipal());
            authentication2.setAuthenticated(true);
            return authentication2;
        } catch (AuthenticationException e) {
            LOGGER.info("Authentication failed for {}: {}", str, e.getMessage());
            throw e;
        }
    }

    @Override // com.evolveum.midpoint.web.security.provider.MidPointAbstractAuthenticationProvider
    protected Authentication createNewAuthenticationToken(Authentication authentication, Collection collection) {
        return authentication instanceof ClusterAuthenticationToken ? new ClusterAuthenticationToken(authentication.getPrincipal(), authentication.getCredentials(), collection) : authentication;
    }

    @Override // com.evolveum.midpoint.web.security.provider.MidPointAbstractAuthenticationProvider
    protected void writeAutentication(Authentication authentication, MidpointAuthentication midpointAuthentication, ModuleAuthentication moduleAuthentication, Authentication authentication2) {
        midpointAuthentication.setPrincipal(authentication2.getPrincipal());
        midpointAuthentication.setCredential(authentication2.getCredentials());
        moduleAuthentication.setAuthentication(authentication2);
    }

    public boolean supports(Class<?> cls) {
        return ClusterAuthenticationToken.class.equals(cls);
    }

    @Override // com.evolveum.midpoint.web.security.provider.MidPointAbstractAuthenticationProvider
    public int hashCode() {
        return (31 * 1) + (this.nodeAuthenticator == null ? 0 : this.nodeAuthenticator.hashCode());
    }

    @Override // com.evolveum.midpoint.web.security.provider.MidPointAbstractAuthenticationProvider
    public boolean equals(Object obj) {
        return super.equals(obj);
    }
}
