package org.apereo.cas.authentication;

import com.couchbase.client.java.json.JsonObject;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.List;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.FailedLoginException;
import lombok.Generated;
import org.apereo.cas.authentication.credential.UsernamePasswordCredential;
import org.apereo.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.configuration.model.support.couchbase.authentication.CouchbaseAuthenticationProperties;
import org.apereo.cas.couchbase.core.CouchbaseClientFactory;
import org.apereo.cas.services.ServicesManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Deprecated(since = "7.0.0")
/* loaded from: input_file:org/apereo/cas/authentication/CouchbaseAuthenticationHandler.class */
public class CouchbaseAuthenticationHandler extends AbstractUsernamePasswordAuthenticationHandler {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(CouchbaseAuthenticationHandler.class);
    private final CouchbaseAuthenticationProperties couchbaseProperties;
    private final CouchbaseClientFactory couchbase;

    public CouchbaseAuthenticationHandler(ServicesManager servicesManager, PrincipalFactory principalFactory, CouchbaseClientFactory couchbaseClientFactory, CouchbaseAuthenticationProperties couchbaseAuthenticationProperties) {
        super(couchbaseAuthenticationProperties.getName(), servicesManager, principalFactory, Integer.valueOf(couchbaseAuthenticationProperties.getOrder()));
        this.couchbase = couchbaseClientFactory;
        this.couchbaseProperties = couchbaseAuthenticationProperties;
    }

    protected AuthenticationHandlerExecutionResult authenticateUsernamePasswordInternal(UsernamePasswordCredential usernamePasswordCredential, String str) throws GeneralSecurityException {
        List rowsAsObject = this.couchbase.select(String.format("%s = '%s'", this.couchbaseProperties.getUsernameAttribute(), usernamePasswordCredential.getUsername())).rowsAsObject();
        if (rowsAsObject.isEmpty()) {
            LOGGER.error("Couchbase query did not return any results/rows.");
            throw new AccountNotFoundException("Could not locate account for user " + usernamePasswordCredential.getUsername());
        }
        if (rowsAsObject.size() > 1) {
            throw new FailedLoginException("More then one row found for user " + usernamePasswordCredential.getId());
        }
        JsonObject object = ((JsonObject) rowsAsObject.get(0)).getObject(this.couchbase.getBucket());
        if (!object.containsKey(this.couchbaseProperties.getPasswordAttribute())) {
            throw new FailedLoginException("No password attribute found for " + usernamePasswordCredential.getId());
        }
        if (getPasswordEncoder().matches(str, object.getString(this.couchbaseProperties.getPasswordAttribute()))) {
            return createHandlerResult(usernamePasswordCredential, this.principalFactory.createPrincipal(usernamePasswordCredential.getId(), CouchbaseClientFactory.collectAttributesFromEntity(object, str2 -> {
                return (str2.equals(this.couchbaseProperties.getPasswordAttribute()) || str2.equals(this.couchbaseProperties.getUsernameAttribute())) ? false : true;
            })), new ArrayList(0));
        }
        LOGGER.warn("Account password on record for [{}] does not match the given/encoded password", usernamePasswordCredential.getId());
        throw new FailedLoginException();
    }
}
