package org.apache.ambari.logsearch.web.security;

import java.util.HashMap;
import javax.inject.Inject;
import javax.inject.Named;
import org.apache.ambari.logsearch.common.VResponse;
import org.apache.ambari.logsearch.solr.SolrConstants;
import org.apache.ambari.logsearch.util.JSONUtil;
import org.apache.ambari.logsearch.web.security.LogsearchAbstractAuthenticationProvider;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.WebAuthenticationDetails;

@Named
/* loaded from: input_file:org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider.class */
public class LogsearchAuthenticationProvider extends LogsearchAbstractAuthenticationProvider {
    private static final Logger logger = Logger.getLogger(LogsearchAuthenticationProvider.class);
    private static final Logger auditLogger = Logger.getLogger("org.apache.ambari.logsearch.audit");

    @Inject
    private LogsearchFileAuthenticationProvider fileAuthenticationProvider;

    @Inject
    private LogsearchExternalServerAuthenticationProvider externalServerAuthenticationProvider;

    @Inject
    private LogsearchSimpleAuthenticationProvider simpleAuthenticationProvider;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.apache.ambari.logsearch.web.security.LogsearchAuthenticationProvider$1, reason: invalid class name */
    /* loaded from: input_file:org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProvider$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$ambari$logsearch$web$security$LogsearchAbstractAuthenticationProvider$AuthMethod = new int[LogsearchAbstractAuthenticationProvider.AuthMethod.values().length];

        static {
            try {
                $SwitchMap$org$apache$ambari$logsearch$web$security$LogsearchAbstractAuthenticationProvider$AuthMethod[LogsearchAbstractAuthenticationProvider.AuthMethod.FILE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$ambari$logsearch$web$security$LogsearchAbstractAuthenticationProvider$AuthMethod[LogsearchAbstractAuthenticationProvider.AuthMethod.EXTERNAL_AUTH.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$ambari$logsearch$web$security$LogsearchAbstractAuthenticationProvider$AuthMethod[LogsearchAbstractAuthenticationProvider.AuthMethod.SIMPLE.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        logger.info("Authenticating user:" + authentication.getName() + ", userDetail=" + authentication.toString());
        logger.info("authentication.class=" + authentication.getClass().getName());
        HashMap hashMap = new HashMap();
        hashMap.put("user", authentication.getName());
        hashMap.put("principal", authentication.getPrincipal().toString());
        hashMap.put("auth_class", authentication.getClass().getName());
        if (authentication instanceof UsernamePasswordAuthenticationToken) {
            Object details = ((UsernamePasswordAuthenticationToken) authentication).getDetails();
            if (details instanceof WebAuthenticationDetails) {
                WebAuthenticationDetails webAuthenticationDetails = (WebAuthenticationDetails) details;
                hashMap.put("remote_ip", webAuthenticationDetails.getRemoteAddress());
                hashMap.put("session", webAuthenticationDetails.getSessionId());
            }
        }
        boolean z = false;
        try {
            Authentication authentication2 = authentication;
            AuthenticationException authenticationException = null;
            for (LogsearchAbstractAuthenticationProvider.AuthMethod authMethod : LogsearchAbstractAuthenticationProvider.AuthMethod.values()) {
                try {
                    authentication2 = doAuth(authentication2, authMethod);
                } catch (Exception e) {
                    logger.error(e, e.getCause());
                } catch (AuthenticationException e2) {
                    if (authenticationException == null) {
                        authenticationException = e2;
                    }
                }
                if (authentication2 != null && authentication2.isAuthenticated()) {
                    logger.info("Authenticated using method=" + authMethod.name() + ", user=" + authentication2.getName());
                    hashMap.put(SolrConstants.AuditLogConstants.AUDIT_RESULT, "allowed");
                    z = true;
                    hashMap.put("authType", authMethod.name());
                    auditLogger.log(1 != 0 ? Level.INFO : Level.WARN, JSONUtil.mapToJSON(hashMap));
                    return authentication2;
                }
            }
            hashMap.put(SolrConstants.AuditLogConstants.AUDIT_RESULT, "denied");
            logger.warn("Authentication failed for user=" + authentication.getName() + ", userDetail=" + authentication.toString());
            if (authenticationException == null) {
                return authentication2;
            }
            hashMap.put(SolrConstants.AuditLogConstants.AUDIT_REASON, authenticationException.getMessage());
            throw authenticationException;
        } finally {
            auditLogger.log(z ? Level.INFO : Level.WARN, JSONUtil.mapToJSON(hashMap));
        }
    }

    private Authentication doAuth(Authentication authentication, LogsearchAbstractAuthenticationProvider.AuthMethod authMethod) {
        switch (AnonymousClass1.$SwitchMap$org$apache$ambari$logsearch$web$security$LogsearchAbstractAuthenticationProvider$AuthMethod[authMethod.ordinal()]) {
            case VResponse.STATUS_ERROR /* 1 */:
                return this.fileAuthenticationProvider.authenticate(authentication);
            case VResponse.STATUS_VALIDATION /* 2 */:
                return this.externalServerAuthenticationProvider.authenticate(authentication);
            case VResponse.STATUS_WARN /* 3 */:
                return this.simpleAuthenticationProvider.authenticate(authentication);
            default:
                logger.error("Invalid authentication method :" + authMethod.name());
                return authentication;
        }
    }

    @Override // org.apache.ambari.logsearch.web.security.LogsearchAbstractAuthenticationProvider
    public /* bridge */ /* synthetic */ boolean supports(Class cls) {
        return super.supports(cls);
    }
}
