package org.egov.user.security.oauth2.custom.authproviders;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import org.egov.user.domain.exception.DuplicateUserNameException;
import org.egov.user.domain.exception.UserNotFoundException;
import org.egov.user.domain.model.SecureUser;
import org.egov.user.domain.model.User;
import org.egov.user.domain.model.enums.UserType;
import org.egov.user.domain.service.UserService;
import org.egov.user.web.contract.auth.Role;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

@Component
/* loaded from: input_file:BOOT-INF/classes/org/egov/user/security/oauth2/custom/authproviders/CustomPreAuthenticatedProvider.class */
public class CustomPreAuthenticatedProvider implements AuthenticationProvider {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) CustomPreAuthenticatedProvider.class);

    @Autowired
    private UserService userService;

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = (UsernamePasswordAuthenticationToken) authentication.getPrincipal();
        String username = ((SecureUser) usernamePasswordAuthenticationToken.getPrincipal()).getUsername();
        LinkedHashMap linkedHashMap = (LinkedHashMap) usernamePasswordAuthenticationToken.getDetails();
        String str = (String) linkedHashMap.get("tenantId");
        String str2 = (String) linkedHashMap.get("userType");
        if (StringUtils.isEmpty(str)) {
            throw new OAuth2Exception("TenantId is mandatory");
        }
        if (StringUtils.isEmpty(str2) || Objects.isNull(UserType.fromValue(str2))) {
            throw new OAuth2Exception("User Type is mandatory and has to be a valid type");
        }
        try {
            User uniqueUser = this.userService.getUniqueUser(username, str, UserType.fromValue(str2));
            if (uniqueUser.getAccountLocked() == null || uniqueUser.getAccountLocked().booleanValue()) {
                throw new OAuth2Exception("Account locked");
            }
            ArrayList arrayList = new ArrayList();
            arrayList.add(new SimpleGrantedAuthority("ROLE_" + uniqueUser.getType()));
            return new PreAuthenticatedAuthenticationToken(new SecureUser(getUser(uniqueUser)), null, arrayList);
        } catch (DuplicateUserNameException e) {
            log.error("Fatal error, user conflict, more than one user found", (Throwable) e);
            throw new OAuth2Exception("Incorrect username or password");
        } catch (UserNotFoundException e2) {
            log.error("User not found", (Throwable) e2);
            throw new OAuth2Exception("Incorrect username or password");
        }
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return PreAuthenticatedAuthenticationToken.class.isAssignableFrom(cls);
    }

    private org.egov.user.web.contract.auth.User getUser(User user) {
        return org.egov.user.web.contract.auth.User.builder().id(user.getId()).userName(user.getUsername()).uuid(user.getUuid()).name(user.getName()).mobileNumber(user.getMobileNumber()).emailId(user.getEmailId()).active(user.getActive().booleanValue()).type(user.getType().name()).roles(toAuthRole(user.getRoles())).tenantId(user.getTenantId()).build();
    }

    private Set<Role> toAuthRole(Set<org.egov.user.domain.model.Role> set) {
        return set == null ? new HashSet() : (Set) set.stream().map(Role::new).collect(Collectors.toSet());
    }
}
