package com.appiancorp.security.auth;

import com.appiancorp.ag.security.DefaultAuthenticatorWrapper;
import com.appiancorp.common.config.ApplicationContextHolder;
import com.appiancorp.common.monitoring.ProductMetricsAggregatedDataCollector;
import com.appiancorp.security.authz.AuthorizationException;
import com.appiancorp.suiteapi.common.exceptions.AppianRuntimeException;
import com.appiancorp.suiteapi.security.auth.AppianUserDetails;
import com.appiancorp.webapi.WebApiUrlConstructor;
import com.google.common.collect.ImmutableList;
import org.apache.log4j.Logger;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

/* loaded from: input_file:com/appiancorp/security/auth/AppianAuthenticationProvider.class */
public class AppianAuthenticationProvider implements AuthenticationProvider {
    private static final Logger LOG = Logger.getLogger(AppianAuthenticationProvider.class);
    private static final String BASE_PRODUCT_METRICS_KEY = "webApi.authentication.basicAuthentication.";
    private static final String SUCCESS = "success";
    private static final String FAILURE = "failure";
    private final AuthenticationFilter compositeAuthenticationFilter;
    private final CompositeAuthenticator compositeAuthenticator;

    public AppianAuthenticationProvider() {
        ImmutableList build = ImmutableList.builder().add((DefaultAuthenticatorWrapper) ApplicationContextHolder.getBean("defaultAuthenticatorWrapper", DefaultAuthenticatorWrapper.class)).build();
        this.compositeAuthenticationFilter = new NoOpAuthFilter();
        this.compositeAuthenticator = new CompositeAuthenticator(build);
    }

    public AppianAuthenticationProvider(CompositeAuthenticationFilter compositeAuthenticationFilter, CompositeAuthenticator compositeAuthenticator) {
        this.compositeAuthenticationFilter = compositeAuthenticationFilter;
        this.compositeAuthenticator = compositeAuthenticator;
    }

    public boolean supports(Class<? extends Object> cls) {
        return this.compositeAuthenticator.supports(cls);
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        String str = "failure";
        try {
            try {
                try {
                    this.compositeAuthenticationFilter.filter(authentication);
                    AppianUserDetails authenticateUser = this.compositeAuthenticator.authenticateUser(authentication);
                    str = "success";
                    UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(authenticateUser, (Object) null, authenticateUser.getAuthorities());
                    usernamePasswordAuthenticationToken.setDetails(authentication.getDetails());
                    if (authentication instanceof UsernamePasswordAuthenticationToken) {
                        logWebApiProductMetrics(authentication, str);
                    }
                    return usernamePasswordAuthenticationToken;
                } catch (Exception e) {
                    LOG.error("Error while trying to authenticate the token: " + authentication, e);
                    if ((e instanceof AppianRuntimeException) && (e.toAppianException() instanceof AuthorizationException)) {
                        throw new AuthenticationServiceException("Error while trying to authenticate the user. Please make sure that the user is either in the Application Users and/or the Designers group", e);
                    }
                    throw new AuthenticationServiceException("Error while trying to authenticate the token: " + authentication, e);
                }
            } catch (AuthenticationException e2) {
                throw e2;
            }
        } catch (Throwable th) {
            if (authentication instanceof UsernamePasswordAuthenticationToken) {
                logWebApiProductMetrics(authentication, str);
            }
            throw th;
        }
    }

    private void logWebApiProductMetrics(Authentication authentication, String str) {
        Object details = authentication.getDetails();
        if (details == null || !WebApiUrlConstructor.WEBAPI_SERVLET_URL.equals(((AuthenticationDetails) details).getServletPath())) {
            return;
        }
        ProductMetricsAggregatedDataCollector.recordData(BASE_PRODUCT_METRICS_KEY + str);
    }
}
