package io.gardenerframework.camellia.authentication.server.main.mfa.user;

import io.gardenerframework.camellia.authentication.infra.challenge.core.exception.ChallengeResponseServiceException;
import io.gardenerframework.camellia.authentication.server.common.annotation.AuthenticationServerEngineComponent;
import io.gardenerframework.camellia.authentication.server.common.annotation.AuthenticationServerEnginePreserved;
import io.gardenerframework.camellia.authentication.server.main.exception.NestedAuthenticationException;
import io.gardenerframework.camellia.authentication.server.main.mfa.challenge.AuthenticationServerMfaChallengeResponseService;
import io.gardenerframework.camellia.authentication.server.main.mfa.challenge.schema.AuthenticationServerMfaChallengeContext;
import io.gardenerframework.camellia.authentication.server.main.mfa.exception.client.BadMfaRequestException;
import io.gardenerframework.camellia.authentication.server.main.mfa.schema.principal.MfaPrincipal;
import io.gardenerframework.camellia.authentication.server.main.schema.subject.credentials.PasswordCredentials;
import io.gardenerframework.camellia.authentication.server.main.schema.subject.principal.Principal;
import io.gardenerframework.camellia.authentication.server.main.user.UserService;
import io.gardenerframework.camellia.authentication.server.main.user.schema.User;
import io.gardenerframework.camellia.authentication.server.main.utils.RequestingClientHolder;
import java.util.Map;
import java.util.Objects;
import lombok.NonNull;
import org.springframework.lang.Nullable;
import org.springframework.security.core.AuthenticationException;

@AuthenticationServerEnginePreserved
@AuthenticationServerEngineComponent
/* loaded from: input_file:io/gardenerframework/camellia/authentication/server/main/mfa/user/MfaAuthenticationUserService.class */
public class MfaAuthenticationUserService implements UserService {
    private final AuthenticationServerMfaChallengeResponseService authenticationServerMfaChallengeResponseService;

    @Nullable
    public User authenticate(@NonNull Principal principal, @NonNull PasswordCredentials passwordCredentials, @Nullable Map<String, Object> map) throws AuthenticationException {
        if (principal == null) {
            throw new NullPointerException("principal is marked non-null but is null");
        }
        if (passwordCredentials == null) {
            throw new NullPointerException("credentials is marked non-null but is null");
        }
        return load(principal, map);
    }

    @Nullable
    public User load(@NonNull Principal principal, @Nullable Map<String, Object> map) throws AuthenticationException {
        if (principal == null) {
            throw new NullPointerException("principal is marked non-null but is null");
        }
        if (!(principal instanceof MfaPrincipal)) {
            return null;
        }
        String name = principal.getName();
        try {
            AuthenticationServerMfaChallengeContext authenticationServerMfaChallengeContext = (AuthenticationServerMfaChallengeContext) this.authenticationServerMfaChallengeResponseService.getContext(RequestingClientHolder.getClient(), this.authenticationServerMfaChallengeResponseService.getClass(), name);
            ((Map) Objects.requireNonNull(map)).put(AuthenticationServerMfaChallengeContext.class.getName(), authenticationServerMfaChallengeContext);
            if (authenticationServerMfaChallengeContext == null) {
                throw new BadMfaRequestException(name);
            }
            return authenticationServerMfaChallengeContext.getUser();
        } catch (ChallengeResponseServiceException e) {
            throw new NestedAuthenticationException(e);
        }
    }

    public MfaAuthenticationUserService(AuthenticationServerMfaChallengeResponseService authenticationServerMfaChallengeResponseService) {
        this.authenticationServerMfaChallengeResponseService = authenticationServerMfaChallengeResponseService;
    }
}
