package edu.harvard.catalyst.scheduler.service;

import edu.harvard.catalyst.scheduler.core.SchedulerRuntimeException;
import edu.harvard.catalyst.scheduler.security.SchedulerUserDetails;
import edu.harvard.catalyst.scheduler.util.OneWayPasswordEncoder;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.WebAuthenticationDetails;

/* loaded from: input_file:WEB-INF/lib/scheduler-core-2.17.1.jar:edu/harvard/catalyst/scheduler/service/SchedulerDbAuthenticationProvider.class */
public class SchedulerDbAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
    private final AuthService authService;

    public SchedulerDbAuthenticationProvider(AuthService authService) {
        this.authService = authService;
    }

    @Override // org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) {
        if (userDetails.getPassword().equals(encodePassword(usernamePasswordAuthenticationToken, (SchedulerUserDetails) userDetails))) {
            return;
        }
        SchedulerRuntimeException.logAndThrow("Credentials don't match");
    }

    @Override // org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
    protected UserDetails retrieveUser(String str, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) {
        WebAuthenticationDetails webAuthenticationDetails = (WebAuthenticationDetails) usernamePasswordAuthenticationToken.getDetails();
        SchedulerUserDetails authenticateUser = this.authService.authenticateUser(str, toPassword(usernamePasswordAuthenticationToken), webAuthenticationDetails.getSessionId(), webAuthenticationDetails.getRemoteAddress());
        if (authenticateUser == null) {
            SchedulerRuntimeException.logAndThrow("Unable to authenticate user");
        }
        return authenticateUser;
    }

    static String encodePassword(UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken, SchedulerUserDetails schedulerUserDetails) {
        return OneWayPasswordEncoder.getInstance().encode(toPassword(usernamePasswordAuthenticationToken), schedulerUserDetails.getSalt());
    }

    static String toPassword(UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) {
        return usernamePasswordAuthenticationToken.getCredentials().toString();
    }
}
