package com.appiancorp.security.auth.maintwindow;

import com.appiancorp.core.expr.portable.assertions.Preconditions;
import com.appiancorp.security.auth.maintwindow.exceptions.MaintWindowActiveException;
import com.appiancorp.suite.cfg.AdminSecurityConfiguration;
import com.appiancorp.suiteapi.security.auth.AppianUserDetails;
import com.appiancorp.suiteapi.security.auth.TerminateAuthenticationChainException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.session.SessionAuthenticationException;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;

/* loaded from: input_file:com/appiancorp/security/auth/maintwindow/MaintWindowSessionAuthenticationStrategy.class */
public class MaintWindowSessionAuthenticationStrategy implements SessionAuthenticationStrategy {
    private AdminSecurityConfiguration adminSecurityConfiguration;

    public MaintWindowSessionAuthenticationStrategy(AdminSecurityConfiguration adminSecurityConfiguration) {
        Preconditions.checkNotNull(adminSecurityConfiguration, "AdminSecurityConfiguration must not be null");
        this.adminSecurityConfiguration = adminSecurityConfiguration;
    }

    public void onAuthentication(Authentication authentication, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws SessionAuthenticationException {
        if (!((AppianUserDetails) authentication.getPrincipal()).isSysAdmin() && this.adminSecurityConfiguration.isMaintWindowActive().booleanValue()) {
            throw new TerminateAuthenticationChainException(new MaintWindowActiveException("Only System Admins can login during a maintenance window"));
        }
    }
}
