package com.iplatform.security;

import com.iplatform.base.PlatformLoginCallback;
import com.iplatform.base.pojo.RequestLogin;
import com.iplatform.security.exception.PcUserStopAppException;
import com.iplatform.security.util.LoginCallbackUtils;
import com.walker.web.CaptchaType;
import com.walker.web.ClientType;
import com.walker.web.LoginType;
import com.walker.web.ResponseCode;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/* loaded from: input_file:BOOT-INF/lib/iplatform-base-security-3.2.0.jar:com/iplatform/security/DefaultAuthenticationProvider.class */
public class DefaultAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
    private boolean allowPcUserAccessApp = true;
    private UserDetailsService userDetailsService;

    @Override // org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        if (!(usernamePasswordAuthenticationToken instanceof DefaultAuthenticationToken)) {
            throw new InternalAuthenticationServiceException("UsernamePasswordAuthenticationToken 必须是: DefaultAuthenticationToken", null);
        }
        RequestLogin requestLogin = ((DefaultAuthenticationToken) usernamePasswordAuthenticationToken).getRequestLogin();
        if (!this.allowPcUserAccessApp && requestLogin.getClientType().equalsIgnoreCase(ClientType.MOBILE.getIndex()) && ((DefaultUserDetails) userDetails).getUserPrincipal().getUserInfo().getUser_type().intValue() != 99) {
            throw new PcUserStopAppException(null);
        }
        PlatformLoginCallback loginCallbackBean = LoginCallbackUtils.getLoginCallbackBean(LoginType.getType(requestLogin.getLoginType()), true, CaptchaType.getType(requestLogin.getVerifyType()));
        if (loginCallbackBean == null) {
            throw new InternalAuthenticationServiceException("loginCallback未找到:" + requestLogin.getLoginType());
        }
        if (!loginCallbackBean.validatePassword(((DefaultUserDetails) userDetails).getUserPrincipal())) {
            throw new BadCredentialsException(ResponseCode.USER_CREDENTIALS_ERROR.getMessage());
        }
        this.logger.debug("++++++++++++ 自动验证密码为正确, loginType = " + requestLogin.getLoginType());
    }

    @Override // org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
    protected UserDetails retrieveUser(String str, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        try {
            UserDetails loadUserByUsername = this.userDetailsService.loadUserByUsername(str);
            if (loadUserByUsername == null) {
                throw new InternalAuthenticationServiceException("UserDetailsService returned null, which is an interface contract violation");
            }
            return loadUserByUsername;
        } catch (Exception e) {
            if (e instanceof UsernameNotFoundException) {
                this.logger.debug("+++++++++++++++ " + e.getMessage());
                throw e;
            }
            if (e instanceof InternalAuthenticationServiceException) {
                throw e;
            }
            throw new InternalAuthenticationServiceException(e.getMessage(), e);
        }
    }

    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }

    public void setAllowPcUserAccessApp(boolean z) {
        this.allowPcUserAccessApp = z;
    }
}
