package org.squashtest.tm.plugin.security.ad.ldap;

import javax.inject.Inject;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.ldap.userdetails.LdapUserDetails;
import org.squashtest.tm.api.security.authentication.AuthenticationProviderFeatures;
import org.squashtest.tm.api.security.authentication.FeaturesAwareAuthentication;
import org.squashtest.tm.domain.users.User;
import org.squashtest.tm.service.user.UserManagerService;

/* loaded from: input_file:org/squashtest/tm/plugin/security/ad/ldap/SquashActiveDirectoryLdapAuthenticationProvider.class */
public class SquashActiveDirectoryLdapAuthenticationProvider extends ActiveDirectoryLdapAuthenticationProvider {

    @Inject
    private AbstractActiveDirectoryLdapAuthenticationProviderFeatures features;
    private UserManagerService userFinder;

    /* loaded from: input_file:org/squashtest/tm/plugin/security/ad/ldap/SquashActiveDirectoryLdapAuthenticationProvider$FeatureAwareActiveDirectoryLdapAuthenticationToken.class */
    public static final class FeatureAwareActiveDirectoryLdapAuthenticationToken extends UsernamePasswordAuthenticationToken implements FeaturesAwareAuthentication {
        private static final long serialVersionUID = 1;
        private AuthenticationProviderFeatures features;

        public FeatureAwareActiveDirectoryLdapAuthenticationToken(UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken, AuthenticationProviderFeatures authenticationProviderFeatures) {
            super(usernamePasswordAuthenticationToken.getPrincipal(), usernamePasswordAuthenticationToken.getCredentials(), usernamePasswordAuthenticationToken.getAuthorities());
            this.features = authenticationProviderFeatures;
        }

        public AuthenticationProviderFeatures getFeatures() {
            return this.features;
        }
    }

    public SquashActiveDirectoryLdapAuthenticationProvider(String str, String str2) {
        super(str, str2);
    }

    public AbstractActiveDirectoryLdapAuthenticationProviderFeatures getFeatures() {
        return this.features;
    }

    public void setFeatures(AbstractActiveDirectoryLdapAuthenticationProviderFeatures abstractActiveDirectoryLdapAuthenticationProviderFeatures) {
        this.features = abstractActiveDirectoryLdapAuthenticationProviderFeatures;
    }

    public void setUserFinder(UserManagerService userManagerService) {
        this.userFinder = userManagerService;
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        UsernamePasswordAuthenticationToken authenticate = super.authenticate(authentication);
        if (authenticate.isAuthenticated()) {
            User findByLogin = this.userFinder.findByLogin(((LdapUserDetails) authenticate.getPrincipal()).getUsername());
            if (findByLogin != null && !findByLogin.getActive().booleanValue()) {
                throw new BadCredentialsException("User is not active");
            }
        }
        return new FeatureAwareActiveDirectoryLdapAuthenticationToken(authenticate, this.features);
    }
}
