package cn.home1.oss.lib.security.internal.preauth;

import cn.home1.oss.lib.security.api.GenericUser;
import cn.home1.oss.lib.security.internal.AuthenticationTokens;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;

/* loaded from: input_file:cn/home1/oss/lib/security/internal/preauth/PreAuthTokenAuthenticationProvider.class */
public class PreAuthTokenAuthenticationProvider implements AuthenticationProvider {
    private static final Logger log = LoggerFactory.getLogger(PreAuthTokenAuthenticationProvider.class);
    private final Boolean bypass;

    public PreAuthTokenAuthenticationProvider(Boolean bool) {
        this.bypass = bool;
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        PreAuthenticatedAuthenticationToken preAuthenticatedAuthenticationToken;
        if (authentication == null || !supports(authentication.getClass())) {
            preAuthenticatedAuthenticationToken = null;
        } else {
            PreAuthenticatedAuthenticationToken preAuthenticatedAuthenticationToken2 = (PreAuthenticatedAuthenticationToken) authentication;
            Object principal = preAuthenticatedAuthenticationToken2.getPrincipal();
            Object credentials = preAuthenticatedAuthenticationToken2.getCredentials();
            if (this.bypass.booleanValue() || PreAuthTokenFilter.PERMITED.equals(credentials)) {
                preAuthenticatedAuthenticationToken = AuthenticationTokens.authenticated(preAuthenticatedAuthenticationToken2);
            } else {
                if (!GenericUser.isGenericUser(principal)) {
                    if (log.isDebugEnabled()) {
                        log.debug("not containsUserInfo");
                    }
                    throw new BadCredentialsException("The presented AuthenticationToken does not contain the expected principal or credentials");
                }
                if (!GenericUser.isGenericUserLogin((GenericUser) principal)) {
                    if (log.isDebugEnabled()) {
                        log.debug("not login");
                    }
                    throw new BadCredentialsException("login needed");
                }
                preAuthenticatedAuthenticationToken = AuthenticationTokens.authenticated(preAuthenticatedAuthenticationToken2);
            }
        }
        return preAuthenticatedAuthenticationToken;
    }

    public boolean supports(Class<?> cls) {
        return PreAuthenticatedAuthenticationToken.class.isAssignableFrom(cls);
    }
}
