package org.springframework.security.providers.x509;

import java.security.cert.X509Certificate;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.MessageSource;
import org.springframework.context.MessageSourceAware;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.SpringSecurityMessageSource;
import org.springframework.security.providers.AuthenticationProvider;
import org.springframework.security.providers.x509.cache.NullX509UserCache;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0.0-RC1.jar:org/springframework/security/providers/x509/X509AuthenticationProvider.class */
public class X509AuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware {
    private static final Log logger;
    private X509AuthoritiesPopulator x509AuthoritiesPopulator;
    static Class class$org$springframework$security$providers$x509$X509AuthenticationProvider;
    static Class class$org$springframework$security$providers$x509$X509AuthenticationToken;
    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
    private X509UserCache userCache = new NullX509UserCache();

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.userCache, "An x509UserCache must be set");
        Assert.notNull(this.x509AuthoritiesPopulator, "An X509AuthoritiesPopulator must be set");
        Assert.notNull(this.messages, "A message source must be set");
    }

    @Override // org.springframework.security.providers.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (!supports(authentication.getClass())) {
            return null;
        }
        if (logger.isDebugEnabled()) {
            logger.debug(new StringBuffer().append("X509 authentication request: ").append(authentication).toString());
        }
        X509Certificate x509Certificate = (X509Certificate) authentication.getCredentials();
        if (x509Certificate == null) {
            throw new BadCredentialsException(this.messages.getMessage("X509AuthenticationProvider.certificateNull", "Certificate is null"));
        }
        UserDetails userFromCache = this.userCache.getUserFromCache(x509Certificate);
        if (userFromCache == null) {
            logger.debug(new StringBuffer().append("Authenticating with certificate ").append(x509Certificate).toString());
            userFromCache = this.x509AuthoritiesPopulator.getUserDetails(x509Certificate);
            this.userCache.putUserInCache(x509Certificate, userFromCache);
        }
        X509AuthenticationToken x509AuthenticationToken = new X509AuthenticationToken(userFromCache, x509Certificate, userFromCache.getAuthorities());
        x509AuthenticationToken.setDetails(authentication.getDetails());
        return x509AuthenticationToken;
    }

    @Override // org.springframework.context.MessageSourceAware
    public void setMessageSource(MessageSource messageSource) {
        this.messages = new MessageSourceAccessor(messageSource);
    }

    public void setX509AuthoritiesPopulator(X509AuthoritiesPopulator x509AuthoritiesPopulator) {
        this.x509AuthoritiesPopulator = x509AuthoritiesPopulator;
    }

    public void setX509UserCache(X509UserCache x509UserCache) {
        this.userCache = x509UserCache;
    }

    @Override // org.springframework.security.providers.AuthenticationProvider
    public boolean supports(Class cls) {
        Class cls2;
        if (class$org$springframework$security$providers$x509$X509AuthenticationToken == null) {
            cls2 = class$("org.springframework.security.providers.x509.X509AuthenticationToken");
            class$org$springframework$security$providers$x509$X509AuthenticationToken = cls2;
        } else {
            cls2 = class$org$springframework$security$providers$x509$X509AuthenticationToken;
        }
        return cls2.isAssignableFrom(cls);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$springframework$security$providers$x509$X509AuthenticationProvider == null) {
            cls = class$("org.springframework.security.providers.x509.X509AuthenticationProvider");
            class$org$springframework$security$providers$x509$X509AuthenticationProvider = cls;
        } else {
            cls = class$org$springframework$security$providers$x509$X509AuthenticationProvider;
        }
        logger = LogFactory.getLog(cls);
    }
}
