package org.apereo.cas.authentication.handler.support;

import java.security.GeneralSecurityException;
import java.util.ArrayList;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.FailedLoginException;
import lombok.Generated;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.AuthenticationHandlerExecutionResult;
import org.apereo.cas.authentication.AuthenticationPasswordPolicyHandlingStrategy;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.authentication.handler.PrincipalNameTransformer;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.support.password.PasswordPolicyConfiguration;
import org.apereo.cas.services.ServicesManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

/* loaded from: input_file:BOOT-INF/lib/cas-server-core-authentication-api-5.3.4.jar:org/apereo/cas/authentication/handler/support/AbstractUsernamePasswordAuthenticationHandler.class */
public abstract class AbstractUsernamePasswordAuthenticationHandler extends AbstractPreAndPostProcessingAuthenticationHandler {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) AbstractUsernamePasswordAuthenticationHandler.class);
    protected AuthenticationPasswordPolicyHandlingStrategy passwordPolicyHandlingStrategy;
    private PasswordEncoder passwordEncoder;
    private PrincipalNameTransformer principalNameTransformer;
    private PasswordPolicyConfiguration passwordPolicyConfiguration;

    public AbstractUsernamePasswordAuthenticationHandler(String str, ServicesManager servicesManager, PrincipalFactory principalFactory, Integer num) {
        super(str, servicesManager, principalFactory, num);
        this.passwordPolicyHandlingStrategy = (obj, obj2) -> {
            return new ArrayList(0);
        };
        this.passwordEncoder = NoOpPasswordEncoder.getInstance();
        this.principalNameTransformer = str2 -> {
            return str2;
        };
    }

    @Override // org.apereo.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler
    protected AuthenticationHandlerExecutionResult doAuthentication(Credential credential) throws GeneralSecurityException, PreventedException {
        UsernamePasswordCredential usernamePasswordCredential = (UsernamePasswordCredential) credential;
        UsernamePasswordCredential usernamePasswordCredential2 = new UsernamePasswordCredential(usernamePasswordCredential.getUsername(), usernamePasswordCredential.getPassword());
        if (StringUtils.isBlank(usernamePasswordCredential2.getUsername())) {
            throw new AccountNotFoundException("Username is null.");
        }
        LOGGER.debug("Transforming credential username via [{}]", this.principalNameTransformer.getClass().getName());
        String transform = this.principalNameTransformer.transform(usernamePasswordCredential2.getUsername());
        if (StringUtils.isBlank(transform)) {
            throw new AccountNotFoundException("Transformed username is null.");
        }
        if (StringUtils.isBlank(usernamePasswordCredential2.getPassword())) {
            throw new FailedLoginException("Password is null.");
        }
        LOGGER.debug("Attempting to encode credential password via [{}] for [{}]", this.passwordEncoder.getClass().getName(), transform);
        String encode = this.passwordEncoder.encode(usernamePasswordCredential2.getPassword());
        if (StringUtils.isBlank(encode)) {
            throw new AccountNotFoundException("Encoded password is null.");
        }
        usernamePasswordCredential2.setUsername(transform);
        usernamePasswordCredential2.setPassword(encode);
        LOGGER.debug("Attempting authentication internally for transformed credential [{}]", usernamePasswordCredential2);
        return authenticateUsernamePasswordInternal(usernamePasswordCredential2, usernamePasswordCredential.getPassword());
    }

    protected abstract AuthenticationHandlerExecutionResult authenticateUsernamePasswordInternal(UsernamePasswordCredential usernamePasswordCredential, String str) throws GeneralSecurityException, PreventedException;

    @Override // org.apereo.cas.authentication.AuthenticationHandler
    public boolean supports(Credential credential) {
        if (!UsernamePasswordCredential.class.isInstance(credential)) {
            LOGGER.debug("Credential is not one of username/password and is not accepted by handler [{}]", getName());
            return false;
        }
        if (this.credentialSelectionPredicate == null) {
            LOGGER.debug("No credential selection criteria is defined for handler [{}]. Credential is accepted for further processing", getName());
            return true;
        }
        LOGGER.debug("Examining credential [{}] eligibility for authentication handler [{}]", credential, getName());
        boolean test = this.credentialSelectionPredicate.test(credential);
        LOGGER.debug("Credential [{}] eligibility is [{}] for authentication handler [{}]", credential, getName(), BooleanUtils.toStringTrueFalse(test));
        return test;
    }

    protected boolean matches(CharSequence charSequence, String str) {
        return this.passwordEncoder.matches(charSequence, str);
    }

    @Generated
    public void setPasswordPolicyHandlingStrategy(AuthenticationPasswordPolicyHandlingStrategy authenticationPasswordPolicyHandlingStrategy) {
        this.passwordPolicyHandlingStrategy = authenticationPasswordPolicyHandlingStrategy;
    }

    @Generated
    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }

    @Generated
    public void setPrincipalNameTransformer(PrincipalNameTransformer principalNameTransformer) {
        this.principalNameTransformer = principalNameTransformer;
    }

    @Generated
    public void setPasswordPolicyConfiguration(PasswordPolicyConfiguration passwordPolicyConfiguration) {
        this.passwordPolicyConfiguration = passwordPolicyConfiguration;
    }

    @Generated
    public AuthenticationPasswordPolicyHandlingStrategy getPasswordPolicyHandlingStrategy() {
        return this.passwordPolicyHandlingStrategy;
    }

    @Generated
    public PasswordEncoder getPasswordEncoder() {
        return this.passwordEncoder;
    }

    @Generated
    public PrincipalNameTransformer getPrincipalNameTransformer() {
        return this.principalNameTransformer;
    }

    @Generated
    public PasswordPolicyConfiguration getPasswordPolicyConfiguration() {
        return this.passwordPolicyConfiguration;
    }
}
