package cn.kduck.security.configuration;

import cn.kduck.security.authentication.KduckWebAuthenticationDetails;
import cn.kduck.tenant.application.TenantAppService;
import cn.kduck.tenant.domain.exception.TenantNotFoundException;
import java.util.LinkedHashMap;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
import org.springframework.util.ObjectUtils;

/* loaded from: input_file:cn/kduck/security/configuration/CustomAuthenticationProvider.class */
public abstract class CustomAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
    private PasswordEncoder passwordEncoder;
    private AuthenticationAction authenticationAction;
    private TenantAppService tenantAppService;

    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        if (usernamePasswordAuthenticationToken.getCredentials() == null) {
            this.logger.debug("Failed to authenticate since no credentials provided");
            throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
        }
        if (this.passwordEncoder.matches(usernamePasswordAuthenticationToken.getCredentials().toString(), userDetails.getPassword())) {
            return;
        }
        this.logger.debug("Failed to authenticate since password does not match stored value");
        throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
    }

    protected abstract UserDetails loadUserByUsernameAndTenant(String str, String str2) throws UsernameNotFoundException;

    protected UserDetails retrieveUser(String str, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        try {
            String str2 = "";
            String str3 = "";
            Object details = usernamePasswordAuthenticationToken.getDetails();
            if (details instanceof LinkedHashMap) {
                str3 = (String) ((LinkedHashMap) details).get("tenant_domain");
            } else if (details instanceof WebAuthenticationDetails) {
                str3 = ((KduckWebAuthenticationDetails) usernamePasswordAuthenticationToken.getDetails()).getTenantUrl();
            }
            if (!ObjectUtils.isEmpty(str3)) {
                try {
                    str2 = this.tenantAppService.getTenantByUrl(str3).getTenantCode();
                } catch (TenantNotFoundException e) {
                    this.logger.info(e.getMessage());
                }
            }
            UserDetails loadUserByUsernameAndTenant = loadUserByUsernameAndTenant(str, str2);
            if (loadUserByUsernameAndTenant == null) {
                throw new InternalAuthenticationServiceException("UserDetailsService returned null, which is an interface contract violation");
            }
            return loadUserByUsernameAndTenant;
        } catch (Exception e2) {
            throw new InternalAuthenticationServiceException(e2.getMessage(), e2);
        } catch (InternalAuthenticationServiceException e3) {
            throw e3;
        } catch (UsernameNotFoundException e4) {
            throw e4;
        }
    }

    public boolean supports(Class<?> cls) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }

    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }

    protected PasswordEncoder getPasswordEncoder() {
        return this.passwordEncoder;
    }

    public TenantAppService getTenantAppService() {
        return this.tenantAppService;
    }

    public void setTenantAppService(TenantAppService tenantAppService) {
        this.tenantAppService = tenantAppService;
    }
}
