package eu.openanalytics.containerproxy.auth.impl;

import com.google.common.collect.Lists;
import eu.openanalytics.containerproxy.auth.IAuthenticationBackend;
import java.util.Arrays;
import java.util.Collection;
import javax.inject.Inject;
import org.springframework.core.env.Environment;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.rcp.RemoteAuthenticationException;
import org.springframework.security.authentication.rcp.RemoteAuthenticationManager;
import org.springframework.security.authentication.rcp.RemoteAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.RestClientException;
import org.springframework.web.client.RestTemplate;

/* loaded from: input_file:BOOT-INF/lib/containerproxy-0.8.2.jar:eu/openanalytics/containerproxy/auth/impl/WebServiceAuthenticationBackend.class */
public class WebServiceAuthenticationBackend implements IAuthenticationBackend {
    public static final String NAME = "webservice";
    private static final String PROPERTY_PREFIX = "proxy.webservice.";

    @Inject
    private Environment environment;

    @Override // eu.openanalytics.containerproxy.auth.IAuthenticationBackend
    public String getName() {
        return NAME;
    }

    @Override // eu.openanalytics.containerproxy.auth.IAuthenticationBackend
    public boolean hasAuthorization() {
        return true;
    }

    @Override // eu.openanalytics.containerproxy.auth.IAuthenticationBackend
    public void configureHttpSecurity(HttpSecurity httpSecurity) throws Exception {
    }

    @Override // eu.openanalytics.containerproxy.auth.IAuthenticationBackend
    public void configureAuthenticationManagerBuilder(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        RemoteAuthenticationProvider remoteAuthenticationProvider = new RemoteAuthenticationProvider();
        remoteAuthenticationProvider.setRemoteAuthenticationManager(new RemoteAuthenticationManager() { // from class: eu.openanalytics.containerproxy.auth.impl.WebServiceAuthenticationBackend.1
            @Override // org.springframework.security.authentication.rcp.RemoteAuthenticationManager
            public Collection<? extends GrantedAuthority> attemptAuthentication(String str, String str2) throws RemoteAuthenticationException {
                RestTemplate restTemplate = new RestTemplate();
                HttpHeaders httpHeaders = new HttpHeaders();
                httpHeaders.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));
                httpHeaders.setContentType(MediaType.APPLICATION_JSON);
                try {
                    ResponseEntity exchange = restTemplate.exchange(WebServiceAuthenticationBackend.this.environment.getProperty("proxy.webservice.authentication-url"), HttpMethod.POST, new HttpEntity<>(String.format(WebServiceAuthenticationBackend.this.environment.getProperty("proxy.webservice.authentication-request-body", ""), str, str2), httpHeaders), String.class, new Object[0]);
                    if (exchange.getStatusCode() == HttpStatus.OK) {
                        return Lists.newArrayList();
                    }
                    throw new AuthenticationServiceException("Unknown response received " + exchange);
                } catch (HttpClientErrorException e) {
                    throw new BadCredentialsException("Invalid username or password");
                } catch (RestClientException e2) {
                    throw new AuthenticationServiceException("Internal error " + e2.getMessage());
                }
            }
        });
        authenticationManagerBuilder.authenticationProvider((AuthenticationProvider) remoteAuthenticationProvider);
    }
}
