package org.zowe.apiml.zaas.security.config;

import ch.qos.logback.classic.ClassicConstants;
import java.util.Arrays;
import java.util.Map;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.env.Environment;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;
import org.zowe.apiml.message.log.ApimlLogger;
import org.zowe.apiml.message.yaml.YamlMessageServiceInstance;
import org.zowe.apiml.zaas.security.login.LoginProvider;

@Component
/* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/zaas/security/config/CompoundAuthProvider.class */
public class CompoundAuthProvider implements AuthenticationProvider {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) CompoundAuthProvider.class);
    public static final String ORG_ZOWE_APIML_SECURITY_INVALID_AUTHENTICATION_PROVIDER = "org.zowe.apiml.security.invalidAuthenticationProvider";
    public static final String ORG_ZOWE_APIML_SECURITY_LOGIN_ENDPOINT_IN_DUMMY_MODE = "org.zowe.apiml.security.loginEndpointInDummyMode";
    public static final String DUMMY = "dummy";
    private final ApimlLogger apimlLog = ApimlLogger.of(CompoundAuthProvider.class, YamlMessageServiceInstance.getInstance());
    private final Map<String, AuthenticationProvider> authProvidersMap;
    private final Environment environment;
    private final LoginProvider defaultProvider;
    private LoginProvider loginProvider;

    public CompoundAuthProvider(Map<String, AuthenticationProvider> map, Environment environment, @Value("${apiml.security.auth.provider:zosmf}") String str) {
        this.authProvidersMap = map;
        this.environment = environment;
        warnForDummyProvider(str);
        LoginProvider loginProvider = LoginProvider.getLoginProvider(str);
        this.loginProvider = loginProvider;
        this.defaultProvider = loginProvider;
        if (this.loginProvider == null) {
            this.apimlLog.log(ORG_ZOWE_APIML_SECURITY_INVALID_AUTHENTICATION_PROVIDER, str);
        }
    }

    private void warnForDummyProvider(String str) {
        if (str.equalsIgnoreCase(DUMMY)) {
            this.apimlLog.log(ORG_ZOWE_APIML_SECURITY_LOGIN_ENDPOINT_IN_DUMMY_MODE, ClassicConstants.USER_MDC_KEY, ClassicConstants.USER_MDC_KEY);
        }
    }

    private AuthenticationProvider getConfiguredLoginAuthProvider() {
        String authProviderBeanName = this.loginProvider.getAuthProviderBeanName();
        AuthenticationProvider authenticationProvider = this.authProvidersMap.get(authProviderBeanName);
        if (authenticationProvider == null) {
            log.warn("Login provider {} is not available.", authProviderBeanName);
        }
        return authenticationProvider;
    }

    public synchronized String getLoginAuthProviderName() {
        return this.loginProvider.getValue();
    }

    public synchronized void setLoginAuthProvider(String str) {
        if (this.environment == null || !Arrays.asList(this.environment.getActiveProfiles()).contains("diag")) {
            log.warn("Login Authentication provider can't be changed at runtime in the current profile.");
            return;
        }
        LoginProvider loginProvider = LoginProvider.getLoginProvider(str);
        if (loginProvider == null) {
            loginProvider = this.defaultProvider;
        }
        this.loginProvider = loginProvider;
        warnForDummyProvider(loginProvider.getValue());
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) {
        AuthenticationProvider configuredLoginAuthProvider = getConfiguredLoginAuthProvider();
        if (configuredLoginAuthProvider != null) {
            return configuredLoginAuthProvider.authenticate(authentication);
        }
        return null;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        AuthenticationProvider configuredLoginAuthProvider = getConfiguredLoginAuthProvider();
        if (configuredLoginAuthProvider != null) {
            return configuredLoginAuthProvider.supports(cls);
        }
        return false;
    }
}
