package org.opennms.web.springframework.security;

import org.opennms.netmgt.config.UserManager;
import org.opennms.netmgt.model.OnmsUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.util.Assert;

/* loaded from: input_file:org/opennms/web/springframework/security/HybridOpenNMSUserAuthenticationProvider.class */
public class HybridOpenNMSUserAuthenticationProvider implements AuthenticationProvider, InitializingBean {
    private static final Logger LOG = LoggerFactory.getLogger(HybridOpenNMSUserAuthenticationProvider.class);
    private UserManager m_userManager = null;
    private SpringSecurityUserDao m_userDao = null;

    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.m_userManager);
        Assert.notNull(this.m_userDao);
    }

    public UserManager getUserManager() {
        return this.m_userManager;
    }

    public void setUserManager(UserManager userManager) {
        this.m_userManager = userManager;
    }

    public SpringSecurityUserDao getUserDao() {
        return this.m_userDao;
    }

    public void setUserDao(SpringSecurityUserDao springSecurityUserDao) {
        this.m_userDao = springSecurityUserDao;
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        String obj = authentication.getPrincipal().toString();
        String obj2 = authentication.getCredentials().toString();
        OnmsUser byUsername = this.m_userDao.getByUsername(obj);
        if (byUsername == null) {
            throw new BadCredentialsException("Bad credentials");
        }
        try {
            checkUserPassword(obj, obj2, byUsername);
        } catch (AuthenticationException e) {
            try {
                this.m_userManager.reload();
            } catch (Exception e2) {
                LOG.debug("Failed to reload UserManager.", e2);
            }
            checkUserPassword(obj, obj2, byUsername);
        }
        if (byUsername.getAuthorities().size() == 0) {
            byUsername.addAuthority(SpringSecurityUserDao.ROLE_USER);
        }
        return new OnmsAuthenticationToken(byUsername);
    }

    protected void checkUserPassword(String str, String str2, OnmsUser onmsUser) throws AuthenticationException {
        String password = onmsUser.getPassword();
        try {
            if (this.m_userManager.hasUser(onmsUser.getUsername())) {
                if (!this.m_userManager.comparePasswords(str, str2)) {
                    throw new BadCredentialsException("Bad credentials");
                }
            } else if (!this.m_userManager.checkSaltedPassword(str2, password)) {
                throw new BadCredentialsException("Bad credentials");
            }
        } catch (Exception e) {
            throw new AuthenticationServiceException("An error occurred while checking for " + str + " in the UserManager", e);
        }
    }

    public boolean supports(Class<?> cls) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }
}
