package eu.dnetlib.simplesso;

import eu.dnetlib.simplesso.SimpleSSOAuthenticator;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Required;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

/* loaded from: input_file:eu/dnetlib/simplesso/SimpleSSOAuthenticationProvider.class */
public class SimpleSSOAuthenticationProvider implements AuthenticationProvider {
    private static final Log log = LogFactory.getLog(SimpleSSOAuthenticationProvider.class);
    private SimpleSSOAuthenticator authenticator;
    private SimpleSSOAuthenticationRoleBuilder rolesBuilder;

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        log.debug("SSO authenticating " + authentication);
        if (authentication.isAuthenticated()) {
            log.debug("already authenticated, trusting " + authentication);
            return authentication;
        }
        if (!(authentication instanceof SimpleSSOAuthenticationToken)) {
            log.warn("not handling " + authentication);
            return null;
        }
        SimpleSSOAuthenticationToken simpleSSOAuthenticationToken = (SimpleSSOAuthenticationToken) authentication;
        SimpleSSOAuthenticator.AuthPayload decodeToken = this.authenticator.decodeToken(simpleSSOAuthenticationToken.getToken());
        if (decodeToken == null) {
            return null;
        }
        SimpleSSOAuthenticationToken simpleSSOAuthenticationToken2 = new SimpleSSOAuthenticationToken(simpleSSOAuthenticationToken.getToken(), this.rolesBuilder.buildAuthorities(decodeToken.getRoles()));
        simpleSSOAuthenticationToken2.setUid(decodeToken.getUid());
        return simpleSSOAuthenticationToken2;
    }

    public boolean supports(Class cls) {
        return true;
    }

    @Required
    public void setAuthenticator(SimpleSSOAuthenticator simpleSSOAuthenticator) {
        this.authenticator = simpleSSOAuthenticator;
    }

    public SimpleSSOAuthenticationRoleBuilder getRolesBuilder() {
        return this.rolesBuilder;
    }

    public void setRolesBuilder(SimpleSSOAuthenticationRoleBuilder simpleSSOAuthenticationRoleBuilder) {
        this.rolesBuilder = simpleSSOAuthenticationRoleBuilder;
    }

    public SimpleSSOAuthenticator getAuthenticator() {
        return this.authenticator;
    }
}
