package org.acegisecurity.providers.dao;

import org.acegisecurity.AccountExpiredException;
import org.acegisecurity.AcegiMessageSource;
import org.acegisecurity.Authentication;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.BadCredentialsException;
import org.acegisecurity.CredentialsExpiredException;
import org.acegisecurity.DisabledException;
import org.acegisecurity.LockedException;
import org.acegisecurity.providers.AuthenticationProvider;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.acegisecurity.providers.dao.cache.NullUserCache;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UserDetailsChecker;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.MessageSource;
import org.springframework.context.MessageSourceAware;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.util.Assert;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/jenkins-core-2.278-rc30817.122782c7fcf6.jar:org/acegisecurity/providers/dao/AbstractUserDetailsAuthenticationProvider.class
 */
/* loaded from: input_file:WEB-INF/detached-plugins/ldap.hpi:WEB-INF/lib/acegi-security-1.0.7.jar:org/acegisecurity/providers/dao/AbstractUserDetailsAuthenticationProvider.class */
public abstract class AbstractUserDetailsAuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware {
    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
    private UserCache userCache = new NullUserCache();
    private boolean forcePrincipalAsString = false;
    protected boolean hideUserNotFoundExceptions = true;
    private UserDetailsChecker preAuthenticationChecks = new DefaultPreAuthenticationChecks(this, null);
    private UserDetailsChecker postAuthenticationChecks = new DefaultPostAuthenticationChecks(this, null);
    static Class class$org$acegisecurity$providers$UsernamePasswordAuthenticationToken;

    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/jenkins-core-2.278-rc30817.122782c7fcf6.jar:org/acegisecurity/providers/dao/AbstractUserDetailsAuthenticationProvider$1.class
     */
    /* renamed from: org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider$1, reason: invalid class name */
    /* loaded from: input_file:WEB-INF/detached-plugins/ldap.hpi:WEB-INF/lib/acegi-security-1.0.7.jar:org/acegisecurity/providers/dao/AbstractUserDetailsAuthenticationProvider$1.class */
    static class AnonymousClass1 {
    }

    /* loaded from: input_file:WEB-INF/detached-plugins/ldap.hpi:WEB-INF/lib/acegi-security-1.0.7.jar:org/acegisecurity/providers/dao/AbstractUserDetailsAuthenticationProvider$DefaultPostAuthenticationChecks.class */
    private class DefaultPostAuthenticationChecks implements UserDetailsChecker {
        private final AbstractUserDetailsAuthenticationProvider this$0;

        private DefaultPostAuthenticationChecks(AbstractUserDetailsAuthenticationProvider abstractUserDetailsAuthenticationProvider) {
            this.this$0 = abstractUserDetailsAuthenticationProvider;
        }

        @Override // org.acegisecurity.userdetails.UserDetailsChecker
        public void check(UserDetails userDetails) {
            if (!userDetails.isCredentialsNonExpired()) {
                throw new CredentialsExpiredException(this.this$0.messages.getMessage("AbstractUserDetailsAuthenticationProvider.credentialsExpired", "User credentials have expired"), userDetails);
            }
        }

        DefaultPostAuthenticationChecks(AbstractUserDetailsAuthenticationProvider abstractUserDetailsAuthenticationProvider, AnonymousClass1 anonymousClass1) {
            this(abstractUserDetailsAuthenticationProvider);
        }
    }

    /* loaded from: input_file:WEB-INF/detached-plugins/ldap.hpi:WEB-INF/lib/acegi-security-1.0.7.jar:org/acegisecurity/providers/dao/AbstractUserDetailsAuthenticationProvider$DefaultPreAuthenticationChecks.class */
    private class DefaultPreAuthenticationChecks implements UserDetailsChecker {
        private final AbstractUserDetailsAuthenticationProvider this$0;

        private DefaultPreAuthenticationChecks(AbstractUserDetailsAuthenticationProvider abstractUserDetailsAuthenticationProvider) {
            this.this$0 = abstractUserDetailsAuthenticationProvider;
        }

        @Override // org.acegisecurity.userdetails.UserDetailsChecker
        public void check(UserDetails userDetails) {
            if (!userDetails.isAccountNonLocked()) {
                throw new LockedException(this.this$0.messages.getMessage("AbstractUserDetailsAuthenticationProvider.locked", "User account is locked"), userDetails);
            }
            if (!userDetails.isEnabled()) {
                throw new DisabledException(this.this$0.messages.getMessage("AbstractUserDetailsAuthenticationProvider.disabled", "User is disabled"), userDetails);
            }
            if (!userDetails.isAccountNonExpired()) {
                throw new AccountExpiredException(this.this$0.messages.getMessage("AbstractUserDetailsAuthenticationProvider.expired", "User account has expired"), userDetails);
            }
        }

        DefaultPreAuthenticationChecks(AbstractUserDetailsAuthenticationProvider abstractUserDetailsAuthenticationProvider, AnonymousClass1 anonymousClass1) {
            this(abstractUserDetailsAuthenticationProvider);
        }
    }

    protected abstract void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException;

    @Override // org.springframework.beans.factory.InitializingBean
    public final void afterPropertiesSet() throws Exception {
        Assert.notNull(this.userCache, "A user cache must be set");
        Assert.notNull(this.messages, "A message source must be set");
        doAfterPropertiesSet();
    }

    @Override // org.acegisecurity.providers.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        Class cls;
        if (class$org$acegisecurity$providers$UsernamePasswordAuthenticationToken == null) {
            cls = class$("org.acegisecurity.providers.UsernamePasswordAuthenticationToken");
            class$org$acegisecurity$providers$UsernamePasswordAuthenticationToken = cls;
        } else {
            cls = class$org$acegisecurity$providers$UsernamePasswordAuthenticationToken;
        }
        Assert.isInstanceOf((Class<?>) cls, authentication, this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.onlySupports", "Only UsernamePasswordAuthenticationToken is supported"));
        String name = authentication.getPrincipal() == null ? "NONE_PROVIDED" : authentication.getName();
        boolean z = true;
        UserDetails userFromCache = this.userCache.getUserFromCache(name);
        if (userFromCache == null) {
            z = false;
            try {
                userFromCache = retrieveUser(name, (UsernamePasswordAuthenticationToken) authentication);
                Assert.notNull(userFromCache, "retrieveUser returned null - a violation of the interface contract");
            } catch (UsernameNotFoundException e) {
                if (this.hideUserNotFoundExceptions) {
                    throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
                }
                throw e;
            }
        }
        this.preAuthenticationChecks.check(userFromCache);
        try {
            additionalAuthenticationChecks(userFromCache, (UsernamePasswordAuthenticationToken) authentication);
        } catch (AuthenticationException e2) {
            if (!z) {
                throw e2;
            }
            z = false;
            userFromCache = retrieveUser(name, (UsernamePasswordAuthenticationToken) authentication);
            additionalAuthenticationChecks(userFromCache, (UsernamePasswordAuthenticationToken) authentication);
        }
        this.postAuthenticationChecks.check(userFromCache);
        if (!z) {
            this.userCache.putUserInCache(userFromCache);
        }
        UserDetails userDetails = userFromCache;
        if (this.forcePrincipalAsString) {
            userDetails = userFromCache.getUsername();
        }
        return createSuccessAuthentication(userDetails, authentication, userFromCache);
    }

    protected Authentication createSuccessAuthentication(Object obj, Authentication authentication, UserDetails userDetails) {
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(obj, authentication.getCredentials(), userDetails.getAuthorities());
        usernamePasswordAuthenticationToken.setDetails(authentication.getDetails());
        return usernamePasswordAuthenticationToken;
    }

    protected void doAfterPropertiesSet() throws Exception {
    }

    public UserCache getUserCache() {
        return this.userCache;
    }

    public boolean isForcePrincipalAsString() {
        return this.forcePrincipalAsString;
    }

    public boolean isHideUserNotFoundExceptions() {
        return this.hideUserNotFoundExceptions;
    }

    protected abstract UserDetails retrieveUser(String str, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException;

    public void setForcePrincipalAsString(boolean z) {
        this.forcePrincipalAsString = z;
    }

    public void setHideUserNotFoundExceptions(boolean z) {
        this.hideUserNotFoundExceptions = z;
    }

    @Override // org.springframework.context.MessageSourceAware
    public void setMessageSource(MessageSource messageSource) {
        this.messages = new MessageSourceAccessor(messageSource);
    }

    public void setUserCache(UserCache userCache) {
        this.userCache = userCache;
    }

    protected UserDetailsChecker getPreAuthenticationChecks() {
        return this.preAuthenticationChecks;
    }

    public void setPreAuthenticationChecks(UserDetailsChecker userDetailsChecker) {
        this.preAuthenticationChecks = userDetailsChecker;
    }

    protected UserDetailsChecker getPostAuthenticationChecks() {
        return this.postAuthenticationChecks;
    }

    public void setPostAuthenticationChecks(UserDetailsChecker userDetailsChecker) {
        this.postAuthenticationChecks = userDetailsChecker;
    }

    @Override // org.acegisecurity.providers.AuthenticationProvider
    public boolean supports(Class cls) {
        Class cls2;
        if (class$org$acegisecurity$providers$UsernamePasswordAuthenticationToken == null) {
            cls2 = class$("org.acegisecurity.providers.UsernamePasswordAuthenticationToken");
            class$org$acegisecurity$providers$UsernamePasswordAuthenticationToken = cls2;
        } else {
            cls2 = class$org$acegisecurity$providers$UsernamePasswordAuthenticationToken;
        }
        return cls2.isAssignableFrom(cls);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }
}
