package com.universe.mdm.sso.kerberos.service.security.provider;

import com.universe.mdm.sso.kerberos.configuration.SsoKerberosModuleConstants;
import com.universe.mdm.sso.kerberos.dto.KerberosUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.unidata.mdm.core.context.AuthenticationRequestContext;
import org.unidata.mdm.core.type.security.AuthenticationSystemParameter;
import org.unidata.mdm.core.type.security.UserDetails;
import org.unidata.mdm.core.type.security.provider.AuthenticationProvider;

@Component(SsoKerberosModuleConstants.BEAN_NAME_KERBEROS_LOGIN_PROVIDER)
/* loaded from: input_file:com/universe/mdm/sso/kerberos/service/security/provider/KerberosLoginProvider.class */
public class KerberosLoginProvider implements AuthenticationProvider {
    private static boolean notKerberosAuthenticated(Authentication authentication) {
        return authentication == null || !authentication.isAuthenticated() || authentication.getPrincipal() == null || !(authentication.getPrincipal() instanceof KerberosUser);
    }

    public UserDetails login(AuthenticationRequestContext authenticationRequestContext) {
        if (!(((String) authenticationRequestContext.getParam(AuthenticationSystemParameter.PARAM_USER_NAME)).isEmpty() && ((String) authenticationRequestContext.getParam(AuthenticationSystemParameter.PARAM_USER_PASSWORD)).isEmpty())) {
            return null;
        }
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (notKerberosAuthenticated(authentication)) {
            return null;
        }
        KerberosUser kerberosUser = (KerberosUser) authentication.getPrincipal();
        authenticationRequestContext.getParams().put(AuthenticationSystemParameter.PARAM_USER_NAME, kerberosUser.getLogin());
        return kerberosUser;
    }
}
