package org.pac4j.core.ext.authentication;

import org.apache.commons.lang3.StringUtils;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.credentials.authenticator.Authenticator;
import org.pac4j.core.exception.CredentialsException;
import org.pac4j.core.ext.Pac4jExtConstants;
import org.pac4j.core.ext.authentication.captcha.CaptchaResolver;
import org.pac4j.core.ext.credentials.UsernamePasswordCaptchaCredentials;
import org.pac4j.core.ext.exception.CaptchaIncorrectException;
import org.pac4j.core.ext.exception.CaptchaNotFoundException;
import org.pac4j.core.ext.exception.OverRetryRemindException;
import org.pac4j.core.profile.CommonProfile;
import org.pac4j.core.util.CommonHelper;

/* loaded from: input_file:org/pac4j/core/ext/authentication/UsernamePasswordCaptchaAuthenticator.class */
public class UsernamePasswordCaptchaAuthenticator implements Authenticator<UsernamePasswordCaptchaCredentials> {
    private CaptchaResolver captchaResolver;
    private AuthenticatingFailureCounter failureCounter;
    private boolean captchaRequired = false;
    private String retryTimesKeyAttribute = Pac4jExtConstants.RETRY_TIMES_KEY_ATTRIBUTE_NAME;
    private int retryTimesWhenAccessDenied = 3;

    public UsernamePasswordCaptchaAuthenticator() {
    }

    public UsernamePasswordCaptchaAuthenticator(AuthenticatingFailureCounter authenticatingFailureCounter) {
        this.failureCounter = authenticatingFailureCounter;
    }

    public void validate(UsernamePasswordCaptchaCredentials usernamePasswordCaptchaCredentials, WebContext webContext) {
        if (usernamePasswordCaptchaCredentials == null) {
            throw new CredentialsException("No credential");
        }
        String username = usernamePasswordCaptchaCredentials.getUsername();
        String password = usernamePasswordCaptchaCredentials.getPassword();
        if (CommonHelper.isBlank(username)) {
            throw new CredentialsException("Username cannot be blank");
        }
        if (CommonHelper.isBlank(password)) {
            throw new CredentialsException("Password cannot be blank");
        }
        if (CommonHelper.areNotEquals(username, password)) {
            throw new CredentialsException("Username : '" + username + "' does not match password");
        }
        if (isOverRetryRemind(webContext)) {
            throw new OverRetryRemindException("The number of login errors exceeds the maximum retry limit and a verification code is required.");
        }
        if (isCaptchaRequired() || isOverRetryTimes(webContext)) {
            if (StringUtils.isBlank(usernamePasswordCaptchaCredentials.getCaptcha())) {
                throw new CaptchaNotFoundException("Captcha not provided");
            }
            if (!this.captchaResolver.validCaptcha(webContext, usernamePasswordCaptchaCredentials.getCaptcha())) {
                throw new CaptchaIncorrectException("Captcha validation failed!");
            }
        }
        CommonProfile commonProfile = new CommonProfile();
        commonProfile.setId(username);
        commonProfile.addAttribute("username", username);
        commonProfile.addAttribute(Pac4jExtConstants.CAPTCHA, usernamePasswordCaptchaCredentials.getCaptcha());
        usernamePasswordCaptchaCredentials.setUserProfile(commonProfile);
    }

    public boolean isCaptchaRequired() {
        return this.captchaRequired;
    }

    public void setCaptchaRequired(boolean z) {
        this.captchaRequired = z;
    }

    public CaptchaResolver getCaptchaResolver() {
        return this.captchaResolver;
    }

    public void setCaptchaResolver(CaptchaResolver captchaResolver) {
        this.captchaResolver = captchaResolver;
    }

    public AuthenticatingFailureCounter getFailureCounter() {
        return this.failureCounter;
    }

    public void setFailureCounter(AuthenticatingFailureCounter authenticatingFailureCounter) {
        this.failureCounter = authenticatingFailureCounter;
    }

    public String getRetryTimesKeyAttribute() {
        return this.retryTimesKeyAttribute;
    }

    public void setRetryTimesKeyAttribute(String str) {
        this.retryTimesKeyAttribute = str;
    }

    public int getRetryTimesWhenAccessDenied() {
        return this.retryTimesWhenAccessDenied;
    }

    public void setRetryTimesWhenAccessDenied(int i) {
        this.retryTimesWhenAccessDenied = i;
    }

    protected boolean isOverRetryRemind(WebContext webContext) {
        return null != getFailureCounter() && getFailureCounter().get(webContext, getRetryTimesKeyAttribute()) == getRetryTimesWhenAccessDenied();
    }

    protected boolean isOverRetryTimes(WebContext webContext) {
        return null != getFailureCounter() && getFailureCounter().get(webContext, getRetryTimesKeyAttribute()) >= getRetryTimesWhenAccessDenied();
    }
}
