package org.jasig.cas.authentication;

import java.util.Iterator;
import java.util.List;
import javax.validation.constraints.NotNull;
import javax.validation.constraints.Size;
import org.jasig.cas.authentication.AbstractAuthenticationManager;
import org.jasig.cas.authentication.handler.AuthenticationException;
import org.jasig.cas.authentication.handler.AuthenticationHandler;
import org.jasig.cas.authentication.handler.BadCredentialsAuthenticationException;
import org.jasig.cas.authentication.handler.UnsupportedCredentialsException;
import org.jasig.cas.authentication.principal.Credentials;
import org.jasig.cas.authentication.principal.CredentialsToPrincipalResolver;
import org.jasig.cas.authentication.principal.Principal;

/* loaded from: input_file:WEB-INF/lib/cas-server-core-3.4.2.jar:org/jasig/cas/authentication/AuthenticationManagerImpl.class */
public final class AuthenticationManagerImpl extends AbstractAuthenticationManager {

    @NotNull
    @Size(min = 1)
    private List<AuthenticationHandler> authenticationHandlers;

    @NotNull
    @Size(min = 1)
    private List<CredentialsToPrincipalResolver> credentialsToPrincipalResolvers;

    @Override // org.jasig.cas.authentication.AbstractAuthenticationManager
    protected AbstractAuthenticationManager.Pair<AuthenticationHandler, Principal> authenticateAndObtainPrincipal(Credentials credentials) throws AuthenticationException {
        boolean z = false;
        boolean z2 = false;
        AuthenticationHandler authenticationHandler = null;
        Iterator<AuthenticationHandler> it = this.authenticationHandlers.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            AuthenticationHandler next = it.next();
            if (next.supports(credentials)) {
                z = true;
                if (next.authenticate(credentials)) {
                    if (this.log.isInfoEnabled()) {
                        this.log.info("AuthenticationHandler: " + next.getClass().getName() + " successfully authenticated the user which provided the following credentials: " + credentials.toString());
                    }
                    authenticationHandler = next;
                    z2 = true;
                } else if (this.log.isInfoEnabled()) {
                    this.log.info("AuthenticationHandler: " + next.getClass().getName() + " failed to authenticate the user which provided the following credentials: " + credentials.toString());
                }
            }
        }
        if (!z2) {
            if (z) {
                throw BadCredentialsAuthenticationException.ERROR;
            }
            throw UnsupportedCredentialsException.ERROR;
        }
        boolean z3 = false;
        for (CredentialsToPrincipalResolver credentialsToPrincipalResolver : this.credentialsToPrincipalResolvers) {
            if (credentialsToPrincipalResolver.supports(credentials)) {
                Principal resolvePrincipal = credentialsToPrincipalResolver.resolvePrincipal(credentials);
                z3 = true;
                if (resolvePrincipal != null) {
                    return new AbstractAuthenticationManager.Pair<>(authenticationHandler, resolvePrincipal);
                }
            }
        }
        if (!z3) {
            this.log.error("CredentialsToPrincipalResolver not found for " + credentials.getClass().getName());
            throw UnsupportedCredentialsException.ERROR;
        }
        if (this.log.isDebugEnabled()) {
            this.log.debug("CredentialsToPrincipalResolver found but no principal returned.");
        }
        throw BadCredentialsAuthenticationException.ERROR;
    }

    public void setAuthenticationHandlers(List<AuthenticationHandler> list) {
        this.authenticationHandlers = list;
    }

    public void setCredentialsToPrincipalResolvers(List<CredentialsToPrincipalResolver> list) {
        this.credentialsToPrincipalResolvers = list;
    }
}
