package org.wso2.carbon.identity.sample.local.authenticator;

import java.io.IOException;
import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.LocalApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException;
import org.wso2.carbon.identity.application.authentication.framework.exception.InvalidCredentialsException;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.identity.application.common.model.User;
import org.wso2.carbon.identity.base.IdentityRuntimeException;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.sample.local.authenticator.internal.SampleLocalAuthenticatorServiceComponent;
import org.wso2.carbon.user.api.UserRealm;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.user.core.common.AuthenticationResult;

/* loaded from: input_file:org/wso2/carbon/identity/sample/local/authenticator/SampleLocalAuthenticator.class */
public class SampleLocalAuthenticator extends AbstractApplicationAuthenticator implements LocalApplicationAuthenticator {
    private static final Log log = LogFactory.getLog(SampleLocalAuthenticator.class);
    private static final String TELEPHONE_CLAIM_URL = "http://wso2.org/claims/telephone";
    private static final String USERNAME = "username";
    private static final String PASSWORD = "password";

    public boolean canHandle(HttpServletRequest httpServletRequest) {
        return (httpServletRequest.getParameter(USERNAME) == null || httpServletRequest.getParameter(PASSWORD) == null) ? false : true;
    }

    protected void initiateAuthenticationRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws AuthenticationFailedException {
        try {
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(ConfigurationFacade.getInstance().getAuthenticationEndpointURL() + "?" + FrameworkUtils.getQueryStringWithFrameworkContextId(authenticationContext.getQueryParams(), authenticationContext.getCallerSessionKey(), authenticationContext.getContextIdentifier())) + "&authenticators=BasicAuthenticator:LOCAL" + (authenticationContext.isRetrying() ? "&authFailure=true&authFailureMsg=login.fail.message" : ""));
        } catch (IOException e) {
            throw new AuthenticationFailedException(e.getMessage(), e);
        }
    }

    protected void processAuthenticationResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws AuthenticationFailedException {
        String parameter = httpServletRequest.getParameter(USERNAME);
        String parameter2 = httpServletRequest.getParameter(PASSWORD);
        Optional empty = Optional.empty();
        boolean z = false;
        try {
            int tenantIdOfUser = IdentityTenantUtil.getTenantIdOfUser(parameter);
            UserRealm tenantUserRealm = SampleLocalAuthenticatorServiceComponent.getRealmService().getTenantUserRealm(tenantIdOfUser);
            if (tenantUserRealm == null) {
                if (log.isDebugEnabled()) {
                    log.debug("Custom authentication failed since the user realm for the given tenant, " + tenantIdOfUser + " is null.");
                }
                throw new AuthenticationFailedException("Cannot find the user realm for the given tenant: " + tenantIdOfUser, User.getUserFromUserName(parameter));
            }
            AuthenticationResult authenticateWithID = tenantUserRealm.getUserStoreManager().authenticateWithID(TELEPHONE_CLAIM_URL, parameter, parameter2, "default");
            if (AuthenticationResult.AuthenticationStatus.SUCCESS == authenticateWithID.getAuthenticationStatus()) {
                empty = authenticateWithID.getAuthenticatedUser();
                z = true;
            }
            if (!z) {
                if (log.isDebugEnabled()) {
                    log.debug("User authentication failed due to invalid credentials");
                }
                throw new InvalidCredentialsException("User authentication failed due to invalid credentials", User.getUserFromUserName(parameter));
            }
            if (empty != null) {
                authenticationContext.setSubject(AuthenticatedUser.createLocalAuthenticatedUserFromSubjectIdentifier(((org.wso2.carbon.user.core.common.User) empty.get()).getUsername()));
            }
        } catch (UserStoreException e) {
            if (log.isDebugEnabled()) {
                log.debug("Custom authentication failed while trying to authenticate the user " + parameter, e);
            }
            throw new AuthenticationFailedException(e.getMessage(), e);
        } catch (IdentityRuntimeException e2) {
            if (log.isDebugEnabled()) {
                log.debug("Custom authentication failed while trying to get the tenant ID of the user " + parameter, e2);
            }
            throw new AuthenticationFailedException(e2.getMessage(), e2);
        }
    }

    public String getContextIdentifier(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter("sessionDataKey");
    }

    public String getName() {
        return "SampleLocalAuthenticator";
    }

    public String getFriendlyName() {
        return "sample-local-authenticator";
    }
}
