package org.springframework.security.authentication.ott;

import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.util.Assert;

/* loaded from: input_file:ingrid-codelist-repository-7.5.0/lib/spring-security-core-6.4.2.jar:org/springframework/security/authentication/ott/OneTimeTokenAuthenticationProvider.class */
public final class OneTimeTokenAuthenticationProvider implements AuthenticationProvider {
    private final OneTimeTokenService oneTimeTokenService;
    private final UserDetailsService userDetailsService;

    public OneTimeTokenAuthenticationProvider(OneTimeTokenService oneTimeTokenService, UserDetailsService userDetailsService) {
        Assert.notNull(oneTimeTokenService, "oneTimeTokenService cannot be null");
        Assert.notNull(userDetailsService, "userDetailsService cannot be null");
        this.userDetailsService = userDetailsService;
        this.oneTimeTokenService = oneTimeTokenService;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        OneTimeTokenAuthenticationToken oneTimeTokenAuthenticationToken = (OneTimeTokenAuthenticationToken) authentication;
        OneTimeToken consume = this.oneTimeTokenService.consume(oneTimeTokenAuthenticationToken);
        if (consume == null) {
            throw new InvalidOneTimeTokenException("Invalid token");
        }
        UserDetails loadUserByUsername = this.userDetailsService.loadUserByUsername(consume.getUsername());
        OneTimeTokenAuthenticationToken authenticated = OneTimeTokenAuthenticationToken.authenticated(loadUserByUsername, loadUserByUsername.getAuthorities());
        authenticated.setDetails(oneTimeTokenAuthenticationToken.getDetails());
        return authenticated;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return OneTimeTokenAuthenticationToken.class.isAssignableFrom(cls);
    }
}
