package org.ikasan.console.security.service.authentication;

import javax.naming.ldap.InitialLdapContext;
import org.ikasan.security.service.UserService;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.ldap.authentication.LdapAuthenticator;

/* loaded from: input_file:WEB-INF/lib/console-jar-1.0.0-rc1.jar:org/ikasan/console/security/service/authentication/LdapAuthenticationProvider.class */
public class LdapAuthenticationProvider implements AuthenticationProvider {
    public static final String DUMMY_ROLE = "DUMMY";
    private LdapAuthenticator authenticator;
    private UserService userService;

    public LdapAuthenticationProvider(UserService userService) {
        if (userService == null) {
            throw new IllegalArgumentException("UserService must be provided.");
        }
        this.userService = userService;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) {
        DirContextOperations authenticate = this.authenticator.authenticate(authentication);
        LdapAuthenticationToken ldapAuthenticationToken = new LdapAuthenticationToken(authentication, DUMMY_ROLE);
        ldapAuthenticationToken.addAuthorities(this.userService.loadUserByUsername(authentication.getPrincipal().toString()).getAuthorities());
        InitialLdapContext initialLdapContext = (InitialLdapContext) authenticate.getObjectAttribute("ldapContext");
        if (initialLdapContext != null) {
            ldapAuthenticationToken.setContext(initialLdapContext);
        }
        return ldapAuthenticationToken;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }

    public LdapAuthenticator getAuthenticator() {
        return this.authenticator;
    }

    public void setAuthenticator(LdapAuthenticator ldapAuthenticator) {
        this.authenticator = ldapAuthenticator;
    }
}
