package net.cofcool.chaos.server.security.spring.authorization;

import net.cofcool.chaos.server.common.security.PasswordProcessor;
import net.cofcool.chaos.server.common.security.User;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.util.Assert;

/* loaded from: input_file:net/cofcool/chaos/server/security/spring/authorization/SpringDaoAuthenticationProvider.class */
public class SpringDaoAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
    private static final String USER_NOT_FOUND_PASSWORD = "userNotFoundPassword";
    private volatile String userNotFoundEncodedPassword;
    private PasswordProcessor passwordProcessor;
    private SpringUserAuthorizationService userAuthorizationService;

    public PasswordProcessor getPasswordProcessor() {
        return this.passwordProcessor;
    }

    public void setPasswordProcessor(PasswordProcessor passwordProcessor) {
        this.passwordProcessor = passwordProcessor;
    }

    public SpringUserAuthorizationService getUserAuthorizationService() {
        return this.userAuthorizationService;
    }

    public void setUserAuthorizationService(SpringUserAuthorizationService springUserAuthorizationService) {
        this.userAuthorizationService = springUserAuthorizationService;
    }

    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        if (usernamePasswordAuthenticationToken.getCredentials() == null) {
            this.logger.debug("Authentication failed: no credentials provided");
            throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
        }
        if (getPasswordProcessor().doMatch(usernamePasswordAuthenticationToken.getCredentials().toString(), userDetails.getPassword())) {
            getUserAuthorizationService().setupUserData((User) userDetails);
        } else {
            this.logger.debug("Authentication failed: password does not match stored value");
            throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
        }
    }

    protected void doAfterPropertiesSet() throws Exception {
        Assert.notNull(this.userAuthorizationService, "A userAuthorizationService must be set");
    }

    protected final UserDetails retrieveUser(String str, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        prepareTimingAttackProtection();
        try {
            SpringUserAuthorizationService userAuthorizationService = getUserAuthorizationService();
            UserDetails loadUserByUsername = usernamePasswordAuthenticationToken instanceof JsonAuthenticationToken ? userAuthorizationService.loadUserByUsername(((JsonAuthenticationToken) usernamePasswordAuthenticationToken).getLogin()) : userAuthorizationService.loadUserByUsername(str);
            if (loadUserByUsername == null) {
                throw new InternalAuthenticationServiceException("UserDetailsService returned null, which is an interface contract violation");
            }
            return loadUserByUsername;
        } catch (UsernameNotFoundException e) {
            mitigateAgainstTimingAttack(usernamePasswordAuthenticationToken);
            throw e;
        } catch (Exception e2) {
            throw new InternalAuthenticationServiceException(e2.getMessage(), e2);
        } catch (InternalAuthenticationServiceException e3) {
            throw e3;
        }
    }

    protected Authentication createSuccessAuthentication(Object obj, Authentication authentication, UserDetails userDetails) {
        return super.createSuccessAuthentication(obj, authentication, userDetails);
    }

    private void prepareTimingAttackProtection() {
        if (this.userNotFoundEncodedPassword == null) {
            this.userNotFoundEncodedPassword = this.passwordProcessor.process(USER_NOT_FOUND_PASSWORD);
        }
    }

    private void mitigateAgainstTimingAttack(UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) {
        if (usernamePasswordAuthenticationToken.getCredentials() != null) {
            this.passwordProcessor.doMatch(usernamePasswordAuthenticationToken.getCredentials().toString(), this.userNotFoundEncodedPassword);
        }
    }
}
