package org.ikasan.security.service.authentication;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.Set;
import org.apache.log4j.Logger;
import org.ikasan.security.model.IkasanPrincipal;
import org.ikasan.security.model.Policy;
import org.ikasan.security.model.Role;
import org.ikasan.security.model.User;
import org.ikasan.security.service.SecurityService;
import org.ikasan.security.service.UserService;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.ldap.authentication.BindAuthenticator;
import org.springframework.security.ldap.authentication.LdapAuthenticator;

/* loaded from: input_file:WEB-INF/lib/ikasan-security-1.1.1.jar:org/ikasan/security/service/authentication/LdapAuthenticationProvider.class */
public class LdapAuthenticationProvider implements AuthenticationProvider {
    private static Logger logger = Logger.getLogger(LdapAuthenticationProvider.class);
    private LdapAuthenticator authenticator;
    private SecurityService securityService;
    private UserService userService;

    public LdapAuthenticationProvider(BindAuthenticator bindAuthenticator, SecurityService securityService, UserService userService) {
        this.authenticator = bindAuthenticator;
        if (this.authenticator == null) {
            throw new IllegalArgumentException("authenticator cannot be null!");
        }
        this.securityService = securityService;
        if (this.securityService == null) {
            throw new IllegalArgumentException("securityService cannot be null!");
        }
        this.userService = userService;
        if (this.userService == null) {
            throw new IllegalArgumentException("userService cannot be null!");
        }
    }

    public LdapAuthenticator getAuthenticator() {
        return this.authenticator;
    }

    public void setAuthenticator(LdapAuthenticator ldapAuthenticator) {
        this.authenticator = ldapAuthenticator;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) {
        this.authenticator.authenticate(authentication);
        User loadUserByUsername = this.userService.loadUserByUsername(authentication.getName());
        Set<IkasanPrincipal> principals = loadUserByUsername.getPrincipals();
        ArrayList arrayList = new ArrayList();
        Iterator<IkasanPrincipal> it = principals.iterator();
        while (it.hasNext()) {
            Iterator<Role> it2 = it.next().getRoles().iterator();
            while (it2.hasNext()) {
                for (Policy policy : it2.next().getPolicies()) {
                    if (!arrayList.contains(policy)) {
                        arrayList.add(policy);
                    }
                }
            }
        }
        IkasanAuthentication ikasanAuthentication = new IkasanAuthentication(true, loadUserByUsername, arrayList, (String) authentication.getCredentials(), loadUserByUsername.getPreviousAccessTimestamp());
        logger.debug("Returning authentication: " + ikasanAuthentication);
        return ikasanAuthentication;
    }
}
