package org.esupportail.cas.adaptors.esupotp;

import java.security.GeneralSecurityException;
import java.util.ArrayList;
import javax.security.auth.login.FailedLoginException;
import org.apereo.cas.authentication.AuthenticationHandlerExecutionResult;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.web.support.WebUtils;
import org.esupportail.cas.config.EsupOtpConfigurationProperties;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.execution.RequestContextHolder;

/* loaded from: input_file:org/esupportail/cas/adaptors/esupotp/EsupOtpAuthenticationHandler.class */
public class EsupOtpAuthenticationHandler extends AbstractPreAndPostProcessingAuthenticationHandler {
    private static final Logger log = LoggerFactory.getLogger(EsupOtpAuthenticationHandler.class);
    EsupOtpConfigurationProperties esupOtpConfigurationProperties;
    EsupOtpService esupOtpService;

    public EsupOtpAuthenticationHandler(String str, ServicesManager servicesManager, PrincipalFactory principalFactory, EsupOtpConfigurationProperties esupOtpConfigurationProperties, EsupOtpService esupOtpService) {
        super(str, servicesManager, principalFactory, Integer.valueOf(esupOtpConfigurationProperties.getRank()));
        this.esupOtpConfigurationProperties = esupOtpConfigurationProperties;
        this.esupOtpService = esupOtpService;
    }

    protected AuthenticationHandlerExecutionResult doAuthentication(Credential credential, Service service) throws GeneralSecurityException, PreventedException {
        EsupOtpCredential esupOtpCredential = (EsupOtpCredential) credential;
        String token = esupOtpCredential.getToken();
        String id = WebUtils.getAuthentication(RequestContextHolder.getRequestContext()).getPrincipal().getId();
        try {
            if (this.esupOtpService.verifyOtp(id, token).getString("code").equals("Ok")) {
                return createHandlerResult(esupOtpCredential, this.principalFactory.createPrincipal(id), new ArrayList(0));
            }
        } catch (Throwable th) {
            log.error("doAuthentication failed", th);
        }
        throw new FailedLoginException("Failed to authenticate code " + token);
    }

    public boolean supports(Credential credential) {
        return EsupOtpCredential.class.isAssignableFrom(credential.getClass());
    }
}
