package org.geoserver.security.auth;

import java.util.ArrayList;
import javax.servlet.http.HttpServletRequest;
import org.geoserver.security.GeoServerAuthenticationProvider;
import org.geoserver.security.SecurityUtils;
import org.geoserver.security.impl.GeoServerRole;
import org.geoserver.security.impl.GeoServerUser;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

/* loaded from: input_file:org/geoserver/security/auth/GeoServerRootAuthenticationProvider.class */
public class GeoServerRootAuthenticationProvider extends GeoServerAuthenticationProvider {
    public GeoServerRootAuthenticationProvider() {
        setName(GeoServerUser.ROOT_USERNAME);
    }

    @Override // org.geoserver.security.GeoServerAuthenticationProvider
    public boolean supports(Class<? extends Object> cls, HttpServletRequest httpServletRequest) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }

    @Override // org.geoserver.security.GeoServerAuthenticationProvider
    public Authentication authenticate(Authentication authentication, HttpServletRequest httpServletRequest) throws AuthenticationException {
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = (UsernamePasswordAuthenticationToken) authentication;
        if (!GeoServerUser.ROOT_USERNAME.equals(SecurityUtils.getUsername(usernamePasswordAuthenticationToken.getPrincipal()))) {
            return null;
        }
        if (usernamePasswordAuthenticationToken.getCredentials() == null || !getSecurityManager().checkMasterPassword(usernamePasswordAuthenticationToken.getCredentials().toString())) {
            log(new BadCredentialsException("Bad credentials for: " + usernamePasswordAuthenticationToken.getPrincipal()));
            return null;
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(GeoServerRole.ADMIN_ROLE);
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken2 = new UsernamePasswordAuthenticationToken(GeoServerUser.ROOT_USERNAME, (Object) null, arrayList);
        usernamePasswordAuthenticationToken2.setDetails(usernamePasswordAuthenticationToken.getDetails());
        return usernamePasswordAuthenticationToken2;
    }
}
