package org.apereo.cas.authentication.handler.support;

import java.security.GeneralSecurityException;
import java.util.HashMap;
import java.util.Map;
import javax.annotation.PostConstruct;
import javax.security.auth.login.AccountLockedException;
import javax.security.auth.login.CredentialExpiredException;
import javax.security.auth.login.FailedLoginException;
import org.apereo.cas.authentication.AccountDisabledException;
import org.apereo.cas.authentication.AuthenticationHandler;
import org.apereo.cas.authentication.BasicCredentialMetaData;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.DefaultHandlerResult;
import org.apereo.cas.authentication.HandlerResult;
import org.apereo.cas.authentication.InvalidLoginLocationException;
import org.apereo.cas.authentication.InvalidLoginTimeException;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.authentication.UsernamePasswordCredential;
import org.apereo.cas.authentication.principal.DefaultPrincipalFactory;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

@Component("simpleTestUsernamePasswordAuthenticationHandler")
/* loaded from: input_file:org/apereo/cas/authentication/handler/support/SimpleTestUsernamePasswordAuthenticationHandler.class */
public class SimpleTestUsernamePasswordAuthenticationHandler implements AuthenticationHandler {
    private static final Map<String, Exception> DEFAULT_USERNAME_ERROR_MAP = new HashMap();
    protected PrincipalFactory principalFactory = new DefaultPrincipalFactory();
    private transient Logger logger = LoggerFactory.getLogger(getClass());
    private Map<String, Exception> usernameErrorMap = DEFAULT_USERNAME_ERROR_MAP;

    @PostConstruct
    private void init() {
        this.logger.warn("{} is only to be used in a testing environment. NEVER enable this in a production environment.", getClass().getName());
    }

    public void setUsernameErrorMap(Map<String, Exception> map) {
        this.usernameErrorMap = map;
    }

    public HandlerResult authenticate(Credential credential) throws GeneralSecurityException, PreventedException {
        UsernamePasswordCredential usernamePasswordCredential = (UsernamePasswordCredential) credential;
        String username = usernamePasswordCredential.getUsername();
        String password = usernamePasswordCredential.getPassword();
        PreventedException preventedException = (Exception) this.usernameErrorMap.get(username);
        if (preventedException instanceof GeneralSecurityException) {
            throw ((GeneralSecurityException) preventedException);
        }
        if (preventedException instanceof PreventedException) {
            throw preventedException;
        }
        if (preventedException instanceof RuntimeException) {
            throw ((RuntimeException) preventedException);
        }
        if (preventedException != null) {
            this.logger.debug("Cannot throw checked exception {} since it is not declared by method signature.", preventedException.getClass().getName(), preventedException);
        }
        if (StringUtils.hasText(username) && StringUtils.hasText(password) && username.equals(password)) {
            this.logger.debug("User [{}] was successfully authenticated.", username);
            return new DefaultHandlerResult(this, new BasicCredentialMetaData(credential), this.principalFactory.createPrincipal(username));
        }
        this.logger.debug("User [{}] failed authentication", username);
        throw new FailedLoginException();
    }

    public boolean supports(Credential credential) {
        return credential instanceof UsernamePasswordCredential;
    }

    public String getName() {
        return getClass().getSimpleName();
    }

    static {
        DEFAULT_USERNAME_ERROR_MAP.put("accountDisabled", new AccountDisabledException("Account disabled"));
        DEFAULT_USERNAME_ERROR_MAP.put("accountLocked", new AccountLockedException("Account locked"));
        DEFAULT_USERNAME_ERROR_MAP.put("badHours", new InvalidLoginTimeException("Invalid logon hours"));
        DEFAULT_USERNAME_ERROR_MAP.put("badWorkstation", new InvalidLoginLocationException("Invalid workstation"));
        DEFAULT_USERNAME_ERROR_MAP.put("passwordExpired", new CredentialExpiredException("Password expired"));
    }
}
