package com.appiancorp.security.auth;

import com.appiancorp.ap2.ServletScopesKeys;
import com.appiancorp.common.config.AdminServicesProvider;
import com.appiancorp.runtime.monitor.InboundAuthTimeLogger;
import com.appiancorp.suiteapi.personalization.UserProfile;
import com.appiancorp.suiteapi.personalization.UserService;
import com.appiancorp.suiteapi.security.auth.AppianUserDetails;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.session.SessionAuthenticationException;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;

/* loaded from: input_file:com/appiancorp/security/auth/AppianWebApiSessionAuthenticationStrategy.class */
public class AppianWebApiSessionAuthenticationStrategy implements SessionAuthenticationStrategy {
    private final AppianAuthenticationEventPublisher eventPublisher;
    private final UserService adminUserService;

    public AppianWebApiSessionAuthenticationStrategy(AppianAuthenticationEventPublisher appianAuthenticationEventPublisher, AdminServicesProvider adminServicesProvider) {
        Objects.requireNonNull(adminServicesProvider);
        this.eventPublisher = (AppianAuthenticationEventPublisher) Objects.requireNonNull(appianAuthenticationEventPublisher);
        this.adminUserService = (UserService) Objects.requireNonNull(adminServicesProvider.userService());
    }

    public void onAuthentication(Authentication authentication, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws SessionAuthenticationException {
        UserProfile userProfile = ((AppianUserDetails) authentication.getPrincipal()).getUserProfile();
        if (userProfile.getStatus() != 1) {
            throw new SessionAuthenticationException(String.format("The user [%s] is deactivated", userProfile.getUsername()));
        }
        this.adminUserService.loginAttempt(userProfile.getUsername(), true);
        HttpSession session = httpServletRequest.getSession(false);
        this.eventPublisher.publishApplicationEvent(new AppianAuthenticationSuccessEvent(authentication, session != null ? (String) session.getAttribute(ServletScopesKeys.KEY_SESSION_UUID) : null), httpServletRequest);
        attemptPrometheusLogging(authentication);
    }

    private void attemptPrometheusLogging(Authentication authentication) {
        AuthenticationDetails authenticationDetails = (AuthenticationDetails) authentication.getDetails();
        if (authenticationDetails == null || authenticationDetails.getAuthType() == null) {
            return;
        }
        InboundAuthTimeLogger.logAuthTime(authenticationDetails.getAuthType(), System.currentTimeMillis() - authenticationDetails.getTimestamp().getTime());
    }
}
