package waffle.spring;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import waffle.servlet.WindowsPrincipal;
import waffle.windows.auth.IWindowsAuthProvider;
import waffle.windows.auth.IWindowsIdentity;
import waffle.windows.auth.PrincipalFormat;

/* loaded from: input_file:waffle/spring/WindowsAuthenticationProvider.class */
public class WindowsAuthenticationProvider implements AuthenticationProvider {
    private Logger _log = LoggerFactory.getLogger(WindowsAuthenticationProvider.class);
    private PrincipalFormat _principalFormat = PrincipalFormat.fqn;
    private PrincipalFormat _roleFormat = PrincipalFormat.fqn;
    private boolean _allowGuestLogin = true;
    private IWindowsAuthProvider _authProvider = null;
    private GrantedAuthorityFactory _grantedAuthorityFactory = WindowsAuthenticationToken.DEFAULT_GRANTED_AUTHORITY_FACTORY;
    private GrantedAuthority _defaultGrantedAuthority = WindowsAuthenticationToken.DEFAULT_GRANTED_AUTHORITY;

    public WindowsAuthenticationProvider() {
        this._log.debug("[waffle.spring.WindowsAuthenticationProvider] loaded");
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        try {
            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = (UsernamePasswordAuthenticationToken) authentication;
            IWindowsIdentity logonUser = this._authProvider.logonUser(usernamePasswordAuthenticationToken.getName(), usernamePasswordAuthenticationToken.getCredentials().toString());
            this._log.debug("logged in user: " + logonUser.getFqn() + " (" + logonUser.getSidString() + ")");
            if (!this._allowGuestLogin && logonUser.isGuest()) {
                this._log.warn("guest login disabled: " + logonUser.getFqn());
                throw new GuestLoginDisabledAuthenticationException(logonUser.getFqn());
            }
            WindowsPrincipal windowsPrincipal = new WindowsPrincipal(logonUser, this._principalFormat, this._roleFormat);
            this._log.debug("roles: " + windowsPrincipal.getRolesString());
            WindowsAuthenticationToken windowsAuthenticationToken = new WindowsAuthenticationToken(windowsPrincipal, this._grantedAuthorityFactory, this._defaultGrantedAuthority);
            this._log.info("successfully logged in user: " + logonUser.getFqn());
            return windowsAuthenticationToken;
        } catch (Exception e) {
            throw new AuthenticationServiceException(e.getMessage(), e);
        }
    }

    public boolean supports(Class<? extends Object> cls) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }

    public PrincipalFormat getPrincipalFormat() {
        return this._principalFormat;
    }

    public void setPrincipalFormat(PrincipalFormat principalFormat) {
        this._principalFormat = principalFormat;
    }

    public PrincipalFormat getRoleFormat() {
        return this._roleFormat;
    }

    public void setRoleFormat(PrincipalFormat principalFormat) {
        this._roleFormat = principalFormat;
    }

    public boolean isAllowGuestLogin() {
        return this._allowGuestLogin;
    }

    public void setAllowGuestLogin(boolean z) {
        this._allowGuestLogin = z;
    }

    public IWindowsAuthProvider getAuthProvider() {
        return this._authProvider;
    }

    public void setAuthProvider(IWindowsAuthProvider iWindowsAuthProvider) {
        this._authProvider = iWindowsAuthProvider;
    }

    public GrantedAuthorityFactory getGrantedAuthorityFactory() {
        return this._grantedAuthorityFactory;
    }

    public void setGrantedAuthorityFactory(GrantedAuthorityFactory grantedAuthorityFactory) {
        this._grantedAuthorityFactory = grantedAuthorityFactory;
    }

    public GrantedAuthority getDefaultGrantedAuthority() {
        return this._defaultGrantedAuthority;
    }

    public void setDefaultGrantedAuthority(GrantedAuthority grantedAuthority) {
        this._defaultGrantedAuthority = grantedAuthority;
    }
}
