package org.zowe.commons.zos.security.authentication;

import java.util.ArrayList;
import java.util.Arrays;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.env.Environment;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.zowe.commons.zos.security.platform.MockPlatformUser;
import org.zowe.commons.zos.security.platform.PlatformErrorType;
import org.zowe.commons.zos.security.platform.PlatformPwdErrno;
import org.zowe.commons.zos.security.platform.PlatformReturned;
import org.zowe.commons.zos.security.platform.PlatformUser;
import org.zowe.commons.zos.security.platform.SafPlatformClassFactory;
import org.zowe.commons.zos.security.platform.SafPlatformUser;
import org.zowe.commons.zos.security.platform.SafUtils;

@Component
/* loaded from: input_file:org/zowe/commons/zos/security/authentication/ZosAuthenticationProvider.class */
public class ZosAuthenticationProvider implements AuthenticationProvider, InitializingBean {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(ZosAuthenticationProvider.class);
    public static final String ZOWE_AUTHENTICATE_RETURNED = "zowe.authenticate.returned";
    private PlatformUser platformUser = null;

    @Autowired
    private Environment environment;

    @Value("${zowe.commons.security.saf.applid:}")
    private String applid;

    public Authentication authenticate(Authentication authentication) {
        String str;
        String name = authentication.getName();
        String obj = authentication.getCredentials().toString();
        SafUtils.setThreadApplid(this.applid);
        PlatformReturned authenticate = getPlatformUser().authenticate(name, obj);
        if (authenticate == null || authenticate.isSuccess()) {
            return new UsernamePasswordAuthenticationToken(name, (Object) null, new ArrayList());
        }
        RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        if (requestAttributes != null) {
            requestAttributes.setAttribute(ZOWE_AUTHENTICATE_RETURNED, authenticate, 0);
        }
        PlatformPwdErrno valueOfErrno = PlatformPwdErrno.valueOfErrno(authenticate.getErrno());
        if (valueOfErrno == null) {
            str = "Authentication error";
            log.debug("Platform authentication failed: {}", authenticate);
        } else {
            log.debug("Platform authentication failed: {} {} {}", new Object[]{valueOfErrno.shortErrorName, valueOfErrno.explanation, authenticate});
            str = valueOfErrno.errorType == PlatformErrorType.INTERNAL ? "Internal authentication error: " + valueOfErrno.explanation : valueOfErrno.errorType == PlatformErrorType.USER_EXPLAINED ? "Authentication error: " + valueOfErrno.explanation : "Authentication error";
        }
        throw new ZosAuthenticationException(str, authenticate);
    }

    private PlatformUser getPlatformUser() {
        return this.platformUser;
    }

    public boolean supports(Class<?> cls) {
        return cls.equals(UsernamePasswordAuthenticationToken.class);
    }

    public void afterPropertiesSet() throws Exception {
        if (this.platformUser == null) {
            if (this.environment == null || !Arrays.asList(this.environment.getActiveProfiles()).contains("zos")) {
                this.platformUser = new MockPlatformUser();
                log.warn("The mock authentication provider is used. This application should not be used in production");
            } else {
                this.platformUser = new SafPlatformUser(new SafPlatformClassFactory());
            }
        }
        if (this.applid == null || this.applid.isEmpty()) {
            log.info("APPLID is not set. PassTickets are not enabled");
        } else {
            log.info("APPLID is " + this.applid);
        }
    }
}
