package org.acegisecurity.providers.ldap;

import org.acegisecurity.AuthenticationException;
import org.acegisecurity.AuthenticationServiceException;
import org.acegisecurity.BadCredentialsException;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.ldap.LdapUserDetails;
import org.acegisecurity.userdetails.ldap.LdapUserDetailsImpl;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.dao.DataAccessException;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/acegisecurity/providers/ldap/LdapAuthenticationProvider.class */
public class LdapAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
    private static final Log logger;
    private LdapAuthenticator authenticator;
    private LdapAuthoritiesPopulator authoritiesPopulator;
    static Class class$org$acegisecurity$providers$ldap$LdapAuthenticationProvider;

    public LdapAuthenticationProvider(LdapAuthenticator ldapAuthenticator, LdapAuthoritiesPopulator ldapAuthoritiesPopulator) {
        setAuthenticator(ldapAuthenticator);
        setAuthoritiesPopulator(ldapAuthoritiesPopulator);
    }

    private void setAuthenticator(LdapAuthenticator ldapAuthenticator) {
        Assert.notNull(ldapAuthenticator, "An LdapAuthenticator must be supplied");
        this.authenticator = ldapAuthenticator;
    }

    private LdapAuthenticator getAuthenticator() {
        return this.authenticator;
    }

    private void setAuthoritiesPopulator(LdapAuthoritiesPopulator ldapAuthoritiesPopulator) {
        Assert.notNull(ldapAuthoritiesPopulator, "An LdapAuthoritiesPopulator must be supplied");
        this.authoritiesPopulator = ldapAuthoritiesPopulator;
    }

    protected LdapAuthoritiesPopulator getAuthoritiesPopulator() {
        return this.authoritiesPopulator;
    }

    @Override // org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider
    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        if (!userDetails.getPassword().equals(usernamePasswordAuthenticationToken.getCredentials().toString())) {
            throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"), userDetails);
        }
    }

    protected UserDetails createUserDetails(LdapUserDetails ldapUserDetails, String str, String str2) {
        LdapUserDetailsImpl.Essence essence = new LdapUserDetailsImpl.Essence(ldapUserDetails);
        essence.setUsername(str);
        essence.setPassword(str2);
        for (GrantedAuthority grantedAuthority : getAuthoritiesPopulator().getGrantedAuthorities(ldapUserDetails)) {
            essence.addAuthority(grantedAuthority);
        }
        return essence.createUserDetails();
    }

    @Override // org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider
    protected UserDetails retrieveUser(String str, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        if (!StringUtils.hasLength(str)) {
            throw new BadCredentialsException(this.messages.getMessage("LdapAuthenticationProvider.emptyUsername", "Empty Username"));
        }
        if (logger.isDebugEnabled()) {
            logger.debug(new StringBuffer().append("Retrieving user ").append(str).toString());
        }
        String str2 = (String) usernamePasswordAuthenticationToken.getCredentials();
        Assert.notNull(str2, "Null password was supplied in authentication token");
        if (str2.length() == 0) {
            logger.debug(new StringBuffer().append("Rejecting empty password for user ").append(str).toString());
            throw new BadCredentialsException(this.messages.getMessage("LdapAuthenticationProvider.emptyPassword", "Empty Password"));
        }
        try {
            return createUserDetails(getAuthenticator().authenticate(str, str2), str, str2);
        } catch (DataAccessException e) {
            throw new AuthenticationServiceException(e.getMessage(), e);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$acegisecurity$providers$ldap$LdapAuthenticationProvider == null) {
            cls = class$("org.acegisecurity.providers.ldap.LdapAuthenticationProvider");
            class$org$acegisecurity$providers$ldap$LdapAuthenticationProvider = cls;
        } else {
            cls = class$org$acegisecurity$providers$ldap$LdapAuthenticationProvider;
        }
        logger = LogFactory.getLog(cls);
    }
}
