package io.gardenerframework.camellia.authentication.server.main.spring;

import io.gardenerframework.camellia.authentication.common.client.schema.OAuth2RequestingClient;
import io.gardenerframework.camellia.authentication.server.common.annotation.AuthenticationServerEngineComponent;
import io.gardenerframework.camellia.authentication.server.main.UserAuthenticationService;
import io.gardenerframework.camellia.authentication.server.main.annotation.AuthenticationType;
import io.gardenerframework.camellia.authentication.server.main.event.schema.AuthenticationFailedEvent;
import io.gardenerframework.camellia.authentication.server.main.event.schema.AuthenticationSuccessEvent;
import io.gardenerframework.camellia.authentication.server.main.event.schema.ClientAuthenticatedEvent;
import io.gardenerframework.camellia.authentication.server.main.event.schema.UserAboutToLoadEvent;
import io.gardenerframework.camellia.authentication.server.main.event.schema.UserAuthenticatedEvent;
import io.gardenerframework.camellia.authentication.server.main.event.schema.UserLoadedEvent;
import io.gardenerframework.camellia.authentication.server.main.event.support.AuthenticationEventBuilder;
import io.gardenerframework.camellia.authentication.server.main.exception.client.UserNotFoundException;
import io.gardenerframework.camellia.authentication.server.main.schema.LoginAuthenticationRequestToken;
import io.gardenerframework.camellia.authentication.server.main.schema.OAuth2ClientUserAuthenticationToken;
import io.gardenerframework.camellia.authentication.server.main.schema.UserAuthenticatedAuthentication;
import io.gardenerframework.camellia.authentication.server.main.schema.UserAuthenticationRequestToken;
import io.gardenerframework.camellia.authentication.server.main.schema.subject.credentials.PasswordCredentials;
import io.gardenerframework.camellia.authentication.server.main.schema.subject.principal.Principal;
import io.gardenerframework.camellia.authentication.server.main.user.UserServiceDelegate;
import io.gardenerframework.camellia.authentication.server.main.user.schema.User;
import io.gardenerframework.fragrans.log.GenericBasicLogger;
import io.gardenerframework.fragrans.log.GenericOperationLogger;
import io.gardenerframework.fragrans.log.common.schema.reason.ExceptionCaught;
import io.gardenerframework.fragrans.log.common.schema.state.Failed;
import io.gardenerframework.fragrans.log.common.schema.verb.Process;
import io.gardenerframework.fragrans.log.common.schema.verb.Update;
import io.gardenerframework.fragrans.log.schema.content.GenericBasicLogContent;
import io.gardenerframework.fragrans.log.schema.content.GenericOperationLogContent;
import java.util.Collection;
import java.util.Map;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.ApplicationEventPublisherAware;
import org.springframework.core.annotation.AnnotationUtils;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.util.ClassUtils;

@AuthenticationServerEngineComponent
/* loaded from: input_file:io/gardenerframework/camellia/authentication/server/main/spring/LoginAuthenticationRequestAuthenticator.class */
public class LoginAuthenticationRequestAuthenticator implements AuthenticationProvider, ApplicationEventPublisherAware, AuthenticationEventBuilder {
    private static final Logger log = LoggerFactory.getLogger(LoginAuthenticationRequestAuthenticator.class);
    private final UserServiceDelegate userService;
    private final AuthenticationEndpointExceptionAdapter authenticationEndpointExceptionAdapter;
    private final AuthenticationEndpointAuthenticatedAuthenticationAdapter authenticationEndpointAuthenticatedAuthenticationAdapter;
    private final GenericBasicLogger basicLogger;
    private final GenericOperationLogger operationLogger;
    private ApplicationEventPublisher eventPublisher;

    private Authentication authenticateInternally(Authentication authentication) throws Exception {
        LoginAuthenticationRequestToken loginAuthenticationRequestToken = (LoginAuthenticationRequestToken) authentication;
        UserAuthenticationRequestToken userAuthenticationRequestToken = loginAuthenticationRequestToken.getUserAuthenticationRequestToken();
        OAuth2ClientUserAuthenticationToken clientUserAuthenticationRequestToken = loginAuthenticationRequestToken.getClientUserAuthenticationRequestToken();
        String value = ((AuthenticationType) Objects.requireNonNull(AnnotationUtils.findAnnotation(ClassUtils.getUserClass(loginAuthenticationRequestToken.getContext().getUserAuthenticationService()), AuthenticationType.class))).value();
        Principal principal = userAuthenticationRequestToken.getPrincipal();
        PasswordCredentials credentials = userAuthenticationRequestToken.getCredentials();
        UserAuthenticationService userAuthenticationService = loginAuthenticationRequestToken.getContext().getUserAuthenticationService();
        HttpServletRequest httpServletRequest = loginAuthenticationRequestToken.getContext().getHttpServletRequest();
        OAuth2RequestingClient client = loginAuthenticationRequestToken.getContext().getClient();
        Map<String, Object> context = loginAuthenticationRequestToken.getContext().getContext();
        User user = null;
        if (clientUserAuthenticationRequestToken != null) {
            try {
                this.eventPublisher.publishEvent(buildAuthenticationEvent(ClientAuthenticatedEvent.builder(), httpServletRequest, value, principal, client, context).build());
                clientUserAuthenticationRequestToken.m16getPrincipal().setAuthenticated(true);
            } catch (AuthenticationException e) {
                if (0 == 0 && 0 == 0) {
                    try {
                        user = this.userService.load(principal, context);
                        if (user != null) {
                            user.eraseCredentials();
                        }
                    } catch (Exception e2) {
                        this.operationLogger.debug(log, GenericOperationLogContent.builder().what(User.class).operation(new Update()).state(new Failed()).build(), e2);
                        this.eventPublisher.publishEvent(buildAuthenticationEvent(AuthenticationFailedEvent.builder(), httpServletRequest, value, principal, client, context).user(user).exception(e).build());
                        throw e;
                    }
                }
                this.eventPublisher.publishEvent(buildAuthenticationEvent(AuthenticationFailedEvent.builder(), httpServletRequest, value, principal, client, context).user(user).exception(e).build());
                throw e;
            }
        }
        this.eventPublisher.publishEvent(buildAuthenticationEvent(UserAboutToLoadEvent.builder(), httpServletRequest, value, principal, client, context).build());
        User authenticate = credentials instanceof PasswordCredentials ? this.userService.authenticate(principal, credentials, context) : this.userService.load(principal, context);
        if (authenticate == null) {
            throw new UserNotFoundException(principal.getName());
        }
        Collection credentials2 = authenticate.getCredentials();
        authenticate.eraseCredentials();
        this.eventPublisher.publishEvent(buildAuthenticationEvent(UserLoadedEvent.builder(), httpServletRequest, value, principal, client, context).user(authenticate).build());
        authenticate.setCredentials(credentials2);
        userAuthenticationService.authenticate(userAuthenticationRequestToken, client, authenticate, context);
        authenticate.eraseCredentials();
        this.eventPublisher.publishEvent(buildAuthenticationEvent(UserAuthenticatedEvent.builder(), httpServletRequest, value, principal, client, context).user(authenticate).build());
        try {
            this.eventPublisher.publishEvent(buildAuthenticationEvent(AuthenticationSuccessEvent.builder(), httpServletRequest, value, principal, client, context).user(authenticate).build());
        } catch (AuthenticationException e3) {
            this.basicLogger.debug(log, GenericBasicLogContent.builder().what(LoginAuthenticationRequestAuthenticator.class).how(new ExceptionCaught()).build(), e3);
        }
        return this.authenticationEndpointAuthenticatedAuthenticationAdapter.adapt(httpServletRequest, new UserAuthenticatedAuthentication(authenticate), clientUserAuthenticationRequestToken);
    }

    private void onAuthenticationFailed(HttpServletRequest httpServletRequest, LoginAuthenticationRequestToken loginAuthenticationRequestToken, AuthenticationException authenticationException) throws AuthenticationException {
        this.operationLogger.debug(log, GenericOperationLogContent.builder().what(LoginAuthenticationRequestToken.class).operation(new Process()).state(new Failed()).build(), authenticationException);
        throw this.authenticationEndpointExceptionAdapter.adapt(httpServletRequest, authenticationException);
    }

    private void onAuthenticationServiceFailed(HttpServletRequest httpServletRequest, LoginAuthenticationRequestToken loginAuthenticationRequestToken, Exception exc) {
        this.operationLogger.error(log, GenericOperationLogContent.builder().what(LoginAuthenticationRequestToken.class).operation(new Process()).state(new Failed()).build(), exc);
        throw this.authenticationEndpointExceptionAdapter.adapt(httpServletRequest, new InternalAuthenticationServiceException(exc.getMessage(), exc));
    }

    private void onAuthenticationSuccess(HttpServletRequest httpServletRequest, LoginAuthenticationRequestToken loginAuthenticationRequestToken, Authentication authentication) {
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        Authentication authentication2 = null;
        LoginAuthenticationRequestToken loginAuthenticationRequestToken = (LoginAuthenticationRequestToken) authentication;
        HttpServletRequest httpServletRequest = loginAuthenticationRequestToken.getContext().getHttpServletRequest();
        try {
            authentication2 = authenticateInternally(authentication);
            onAuthenticationSuccess(httpServletRequest, loginAuthenticationRequestToken, authentication2);
        } catch (Exception e) {
            onAuthenticationServiceFailed(httpServletRequest, loginAuthenticationRequestToken, e);
        } catch (AuthenticationException e2) {
            onAuthenticationFailed(httpServletRequest, loginAuthenticationRequestToken, e2);
        }
        return authentication2;
    }

    public boolean supports(Class<?> cls) {
        return LoginAuthenticationRequestToken.class.isAssignableFrom(cls);
    }

    public void setApplicationEventPublisher(ApplicationEventPublisher applicationEventPublisher) {
        this.eventPublisher = applicationEventPublisher;
    }

    public LoginAuthenticationRequestAuthenticator(UserServiceDelegate userServiceDelegate, AuthenticationEndpointExceptionAdapter authenticationEndpointExceptionAdapter, AuthenticationEndpointAuthenticatedAuthenticationAdapter authenticationEndpointAuthenticatedAuthenticationAdapter, GenericBasicLogger genericBasicLogger, GenericOperationLogger genericOperationLogger) {
        this.userService = userServiceDelegate;
        this.authenticationEndpointExceptionAdapter = authenticationEndpointExceptionAdapter;
        this.authenticationEndpointAuthenticatedAuthenticationAdapter = authenticationEndpointAuthenticatedAuthenticationAdapter;
        this.basicLogger = genericBasicLogger;
        this.operationLogger = genericOperationLogger;
    }
}
