package com.atlassian.crowd.plugin.rest.service.controller;

import com.atlassian.crowd.embedded.api.PasswordCredential;
import com.atlassian.crowd.exception.ExpiredCredentialException;
import com.atlassian.crowd.exception.InactiveAccountException;
import com.atlassian.crowd.exception.InvalidAuthenticationException;
import com.atlassian.crowd.exception.OperationFailedException;
import com.atlassian.crowd.manager.application.ApplicationManager;
import com.atlassian.crowd.manager.application.ApplicationService;
import com.atlassian.crowd.model.application.Application;
import com.atlassian.crowd.model.user.User;
import com.atlassian.crowd.plugin.rest.entity.PasswordEntity;
import com.atlassian.crowd.plugin.rest.entity.UserEntity;
import com.atlassian.crowd.plugin.rest.util.EntityTranslator;
import com.atlassian.crowd.plugin.rest.util.LinkUriHelper;
import java.net.URI;

/* loaded from: input_file:com/atlassian/crowd/plugin/rest/service/controller/AuthenticationController.class */
public class AuthenticationController extends AbstractResourceController {
    public AuthenticationController(ApplicationService applicationService, ApplicationManager applicationManager) {
        super(applicationService, applicationManager);
    }

    public UserEntity authenticateUser(String str, String str2, PasswordEntity passwordEntity, URI uri) throws ExpiredCredentialException, InactiveAccountException, InvalidAuthenticationException, OperationFailedException {
        Application application = getApplication(str);
        User authenticateUser = this.applicationService.authenticateUser(application, str2, PasswordCredential.unencrypted(passwordEntity.getValue()));
        if (this.applicationService.isUserAuthorised(application, str2)) {
            return EntityTranslator.toUserEntity(authenticateUser, LinkUriHelper.buildUserLink(uri, authenticateUser.getName()));
        }
        throw new InvalidAuthenticationException("User is not allowed to authenticate with the application");
    }
}
