package org.springframework.security.authentication.ott.reactive;

import java.util.function.Function;
import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.authentication.ott.InvalidOneTimeTokenException;
import org.springframework.security.authentication.ott.OneTimeTokenAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.util.Assert;
import reactor.core.publisher.Mono;

/* loaded from: input_file:WEB-INF/lib/spring-security-core-6.4.1.jar:org/springframework/security/authentication/ott/reactive/OneTimeTokenReactiveAuthenticationManager.class */
public final class OneTimeTokenReactiveAuthenticationManager implements ReactiveAuthenticationManager {
    private final ReactiveOneTimeTokenService oneTimeTokenService;
    private final ReactiveUserDetailsService userDetailsService;

    public OneTimeTokenReactiveAuthenticationManager(ReactiveOneTimeTokenService reactiveOneTimeTokenService, ReactiveUserDetailsService reactiveUserDetailsService) {
        Assert.notNull(reactiveOneTimeTokenService, "oneTimeTokenService cannot be null");
        Assert.notNull(reactiveUserDetailsService, "userDetailsService cannot be null");
        this.oneTimeTokenService = reactiveOneTimeTokenService;
        this.userDetailsService = reactiveUserDetailsService;
    }

    @Override // org.springframework.security.authentication.ReactiveAuthenticationManager
    public Mono<Authentication> authenticate(Authentication authentication) {
        if (!(authentication instanceof OneTimeTokenAuthenticationToken)) {
            return Mono.empty();
        }
        OneTimeTokenAuthenticationToken oneTimeTokenAuthenticationToken = (OneTimeTokenAuthenticationToken) authentication;
        return this.oneTimeTokenService.consume(oneTimeTokenAuthenticationToken).switchIfEmpty(Mono.defer(() -> {
            return Mono.error(new InvalidOneTimeTokenException("Invalid token"));
        })).flatMap(oneTimeToken -> {
            return this.userDetailsService.findByUsername(oneTimeToken.getUsername());
        }).map(onSuccess(oneTimeTokenAuthenticationToken));
    }

    private Function<UserDetails, OneTimeTokenAuthenticationToken> onSuccess(OneTimeTokenAuthenticationToken oneTimeTokenAuthenticationToken) {
        return userDetails -> {
            OneTimeTokenAuthenticationToken authenticated = OneTimeTokenAuthenticationToken.authenticated(userDetails, userDetails.getAuthorities());
            authenticated.setDetails(oneTimeTokenAuthenticationToken.getDetails());
            return authenticated;
        };
    }
}
