package cn.herodotus.engine.oauth2.authentication.provider;

import cn.herodotus.engine.captcha.core.dto.Verification;
import cn.herodotus.engine.captcha.core.exception.CaptchaHasExpiredException;
import cn.herodotus.engine.captcha.core.exception.CaptchaIsEmptyException;
import cn.herodotus.engine.captcha.core.exception.CaptchaMismatchException;
import cn.herodotus.engine.captcha.core.exception.CaptchaParameterIllegalException;
import cn.herodotus.engine.captcha.core.processor.CaptchaRendererFactory;
import cn.herodotus.engine.oauth2.core.definition.details.FormLoginWebAuthenticationDetails;
import cn.herodotus.engine.oauth2.core.exception.OAuth2CaptchaArgumentIllegalException;
import cn.herodotus.engine.oauth2.core.exception.OAuth2CaptchaHasExpiredException;
import cn.herodotus.engine.oauth2.core.exception.OAuth2CaptchaIsEmptyException;
import cn.herodotus.engine.oauth2.core.exception.OAuth2CaptchaMismatchException;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;

/* loaded from: input_file:cn/herodotus/engine/oauth2/authentication/provider/OAuth2FormLoginAuthenticationProvider.class */
public class OAuth2FormLoginAuthenticationProvider extends DaoAuthenticationProvider {
    private static final Logger log = LoggerFactory.getLogger(OAuth2FormLoginAuthenticationProvider.class);
    private final CaptchaRendererFactory captchaRendererFactory;

    public OAuth2FormLoginAuthenticationProvider(CaptchaRendererFactory captchaRendererFactory) {
        this.captchaRendererFactory = captchaRendererFactory;
    }

    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        Object details = usernamePasswordAuthenticationToken.getDetails();
        if (ObjectUtils.isNotEmpty(details) && (details instanceof FormLoginWebAuthenticationDetails)) {
            FormLoginWebAuthenticationDetails formLoginWebAuthenticationDetails = (FormLoginWebAuthenticationDetails) details;
            if (formLoginWebAuthenticationDetails.getEnabled().booleanValue()) {
                String code = formLoginWebAuthenticationDetails.getCode();
                String category = formLoginWebAuthenticationDetails.getCategory();
                String sessionId = formLoginWebAuthenticationDetails.getSessionId();
                if (StringUtils.isBlank(code)) {
                    throw new OAuth2CaptchaIsEmptyException("Captcha is empty.");
                }
                try {
                    Verification verification = new Verification();
                    verification.setCharacters(code);
                    verification.setCategory(category);
                    verification.setIdentity(sessionId);
                    this.captchaRendererFactory.verify(verification);
                } catch (CaptchaMismatchException e) {
                    throw new OAuth2CaptchaMismatchException("Captcha is mismatch!");
                } catch (CaptchaIsEmptyException e2) {
                    throw new OAuth2CaptchaIsEmptyException("Captcha is empty!");
                } catch (CaptchaHasExpiredException e3) {
                    throw new OAuth2CaptchaHasExpiredException("Captcha is expired!");
                } catch (CaptchaParameterIllegalException e4) {
                    throw new OAuth2CaptchaArgumentIllegalException("Captcha argument is illegal!");
                }
            }
        }
        super.additionalAuthenticationChecks(userDetails, usernamePasswordAuthenticationToken);
    }

    public boolean supports(Class<?> cls) {
        boolean isAssignableFrom = OAuth2FormLoginAuthenticationToken.class.isAssignableFrom(cls);
        log.trace("[Herodotus] |- Form Login Authentication is supports! [{}]", Boolean.valueOf(isAssignableFrom));
        return isAssignableFrom;
    }
}
