package org.pac4j.stormpath.credentials.authenticator;

import com.stormpath.sdk.account.Account;
import com.stormpath.sdk.application.Application;
import com.stormpath.sdk.authc.UsernamePasswordRequest;
import com.stormpath.sdk.client.Client;
import com.stormpath.sdk.client.DefaultApiKey;
import com.stormpath.sdk.resource.ResourceException;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.credentials.UsernamePasswordCredentials;
import org.pac4j.core.credentials.authenticator.Authenticator;
import org.pac4j.core.exception.BadCredentialsException;
import org.pac4j.core.exception.CredentialsException;
import org.pac4j.core.exception.HttpAction;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.profile.definition.CommonProfileDefinition;
import org.pac4j.core.profile.definition.ProfileDefinitionAware;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.stormpath.profile.StormpathProfile;
import org.pac4j.stormpath.profile.StormpathProfileDefinition;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/pac4j-stormpath-2.0.0-RC2-SNAPSHOT.jar:org/pac4j/stormpath/credentials/authenticator/StormpathAuthenticator.class */
public class StormpathAuthenticator extends ProfileDefinitionAware<StormpathProfile> implements Authenticator<UsernamePasswordCredentials> {
    protected final Logger logger = LoggerFactory.getLogger(getClass());
    private Application application;
    private String accessId;
    private String secretKey;
    private String applicationId;

    public StormpathAuthenticator() {
    }

    public StormpathAuthenticator(String str, String str2, String str3) {
        this.accessId = str;
        this.secretKey = str2;
        this.applicationId = str3;
    }

    @Override // org.pac4j.core.util.InitializableWebObject
    protected void internalInit(WebContext webContext) {
        CommonHelper.assertNotBlank("accessId", this.accessId);
        CommonHelper.assertNotBlank("secretKey", this.secretKey);
        CommonHelper.assertNotBlank("applicationId", this.applicationId);
        try {
            this.application = (Application) new Client(new DefaultApiKey(this.accessId, this.secretKey)).getDataStore().getResource(String.format("/applications/%s", this.applicationId), Application.class);
            defaultProfileDefinition(new CommonProfileDefinition(objArr -> {
                return new StormpathProfile();
            }));
        } catch (Exception e) {
            throw new TechnicalException("An exception is caught trying to access Stormpath cloud. Please verify that your provided Stormpath <accessId>, <secretKey>, and <applicationId> are correct.", e);
        }
    }

    @Override // org.pac4j.core.credentials.authenticator.Authenticator
    public void validate(UsernamePasswordCredentials usernamePasswordCredentials, WebContext webContext) throws HttpAction, CredentialsException {
        init(webContext);
        try {
            this.logger.debug("Attempting to authenticate user [{}] against application [{}] in Stormpath cloud...", usernamePasswordCredentials.getUsername(), this.application.getName());
            Account authenticateAccount = authenticateAccount(usernamePasswordCredentials);
            this.logger.debug("Successfully authenticated user [{}]", authenticateAccount.getUsername());
            usernamePasswordCredentials.setUserProfile(createProfile(authenticateAccount));
        } catch (ResourceException e) {
            throw new BadCredentialsException("Bad credentials for: " + usernamePasswordCredentials.getUsername(), e);
        }
    }

    protected Account authenticateAccount(UsernamePasswordCredentials usernamePasswordCredentials) throws ResourceException {
        return this.application.authenticateAccount(new UsernamePasswordRequest(usernamePasswordCredentials.getUsername(), usernamePasswordCredentials.getPassword())).getAccount();
    }

    protected StormpathProfile createProfile(Account account) {
        StormpathProfile newProfile = getProfileDefinition().newProfile(new Object[0]);
        newProfile.setId(account.getUsername());
        getProfileDefinition().convertAndAdd(newProfile, StormpathProfileDefinition.FULL_NAME, account.getFullName());
        getProfileDefinition().convertAndAdd(newProfile, "email", account.getEmail());
        getProfileDefinition().convertAndAdd(newProfile, "givenName", account.getGivenName());
        getProfileDefinition().convertAndAdd(newProfile, StormpathProfileDefinition.MIDDLE_NAME, account.getMiddleName());
        getProfileDefinition().convertAndAdd(newProfile, StormpathProfileDefinition.SUR_NAME, account.getSurname());
        getProfileDefinition().convertAndAdd(newProfile, "groups", account.getGroups());
        getProfileDefinition().convertAndAdd(newProfile, StormpathProfileDefinition.GROUP_MEMBERSHIPS, account.getGroupMemberships());
        getProfileDefinition().convertAndAdd(newProfile, "status", account.getStatus());
        return newProfile;
    }

    public String getAccessId() {
        return this.accessId;
    }

    public void setAccessId(String str) {
        this.accessId = str;
    }

    public String getSecretKey() {
        return this.secretKey;
    }

    public void setSecretKey(String str) {
        this.secretKey = str;
    }

    public String getApplicationId() {
        return this.applicationId;
    }

    public void setApplicationId(String str) {
        this.applicationId = str;
    }
}
