package org.springframework.ws.soap.security.wss4j.callback;

import java.io.IOException;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.ws.security.WSPasswordCallback;
import org.apache.ws.security.WSUsernameTokenPrincipal;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.dao.DataAccessException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserCache;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.core.userdetails.cache.NullUserCache;
import org.springframework.util.Assert;
import org.springframework.ws.soap.security.callback.CleanupCallback;
import org.springframework.ws.soap.security.support.SpringSecurityUtils;

/* loaded from: input_file:WEB-INF/lib/spring-ws-security-2.1.0.RELEASE.jar:org/springframework/ws/soap/security/wss4j/callback/SpringSecurityPasswordValidationCallbackHandler.class */
public class SpringSecurityPasswordValidationCallbackHandler extends AbstractWsPasswordCallbackHandler implements InitializingBean {
    private UserCache userCache = new NullUserCache();
    private UserDetailsService userDetailsService;

    public void setUserCache(UserCache userCache) {
        this.userCache = userCache;
    }

    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.userDetailsService, "userDetailsService is required");
    }

    @Override // org.springframework.ws.soap.security.wss4j.callback.AbstractWsPasswordCallbackHandler
    protected void handleUsernameToken(WSPasswordCallback wSPasswordCallback) throws IOException, UnsupportedCallbackException {
        UserDetails loadUserDetails = loadUserDetails(wSPasswordCallback.getIdentifier());
        if (loadUserDetails != null) {
            SpringSecurityUtils.checkUserValidity(loadUserDetails);
            wSPasswordCallback.setPassword(loadUserDetails.getPassword());
        }
    }

    @Override // org.springframework.ws.soap.security.wss4j.callback.AbstractWsPasswordCallbackHandler
    protected void handleUsernameTokenPrincipal(UsernameTokenPrincipalCallback usernameTokenPrincipalCallback) throws IOException, UnsupportedCallbackException {
        UserDetails loadUserDetails = loadUserDetails(usernameTokenPrincipalCallback.getPrincipal().getName());
        WSUsernameTokenPrincipal principal = usernameTokenPrincipalCallback.getPrincipal();
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(principal, principal.getPassword(), loadUserDetails.getAuthorities());
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Authentication success: " + usernamePasswordAuthenticationToken.toString());
        }
        SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
    }

    @Override // org.springframework.ws.soap.security.wss4j.callback.AbstractWsPasswordCallbackHandler
    protected void handleCleanup(CleanupCallback cleanupCallback) throws IOException, UnsupportedCallbackException {
        SecurityContextHolder.clearContext();
    }

    private UserDetails loadUserDetails(String str) throws DataAccessException {
        UserDetails userFromCache = this.userCache.getUserFromCache(str);
        if (userFromCache == null) {
            try {
                userFromCache = this.userDetailsService.loadUserByUsername(str);
                this.userCache.putUserInCache(userFromCache);
            } catch (UsernameNotFoundException e) {
                if (!this.logger.isDebugEnabled()) {
                    return null;
                }
                this.logger.debug("Username '" + str + "' not found");
                return null;
            }
        }
        return userFromCache;
    }
}
