package org.picketbox.cdi.authentication;

import java.security.Principal;
import javax.inject.Inject;
import org.jboss.picketlink.idm.IdentityManager;
import org.jboss.picketlink.idm.model.User;
import org.picketbox.core.PicketBoxPrincipal;
import org.picketbox.core.authentication.AbstractAuthenticationManager;
import org.picketbox.core.exceptions.AuthenticationException;

/* loaded from: input_file:org/picketbox/cdi/authentication/IDMAuthenticationManager.class */
public class IDMAuthenticationManager extends AbstractAuthenticationManager {

    @Inject
    private IdentityManager identityManager;

    public Principal authenticate(String str, Object obj) throws AuthenticationException {
        if (!(obj instanceof String)) {
            throw new IllegalArgumentException("IDM Authentication Manager only supports java.lang.String credentials/password.");
        }
        User user = this.identityManager.getUser(str);
        if (user == null || !this.identityManager.validatePassword(user, obj.toString())) {
            return null;
        }
        return new PicketBoxPrincipal(str);
    }
}
