package cern.c2mon.web.ui.security;

import cern.c2mon.client.common.service.SessionService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

/* loaded from: input_file:cern/c2mon/web/ui/security/RbacAuthenticationProvider.class */
public class RbacAuthenticationProvider extends DefaultAuthenticationProvider {
    private static final Logger log = LoggerFactory.getLogger(RbacAuthenticationProvider.class);
    private static final String APP_NAME = "c2mon-web";
    private final SessionService sessionService;

    public RbacAuthenticationProvider(SessionService sessionService) {
        this.sessionService = sessionService;
    }

    @Override // cern.c2mon.web.ui.security.DefaultAuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        String str = (String) authentication.getPrincipal();
        String str2 = (String) authentication.getCredentials();
        if (this.sessionService.isUserLogged(str)) {
            log.debug("Repeated login for user " + str);
        } else if (!this.sessionService.login(APP_NAME, str, str2)) {
            throw new BadCredentialsException("Invalid username/password");
        }
        return super.authenticate(authentication);
    }
}
