package org.apache.kylin.rest.security;

import java.io.Serializable;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import net.sf.ehcache.Cache;
import net.sf.ehcache.CacheManager;
import net.sf.ehcache.Element;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.apache.kylin.rest.service.UserService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
import org.springframework.security.ldap.authentication.LdapAuthenticator;
import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;

/* loaded from: input_file:WEB-INF/classes/org/apache/kylin/rest/security/LdapProvider.class */
public class LdapProvider extends LdapAuthenticationProvider {
    private static final Logger logger = LoggerFactory.getLogger(LdapProvider.class);

    @Autowired
    UserService userService;

    @Autowired
    private CacheManager cacheManager;
    MessageDigest md;

    public LdapProvider(LdapAuthenticator ldapAuthenticator, LdapAuthoritiesPopulator ldapAuthoritiesPopulator) {
        super(ldapAuthenticator, ldapAuthoritiesPopulator);
        this.md = null;
        try {
            this.md = MessageDigest.getInstance(MessageDigestAlgorithms.MD5);
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("Failed to init Message Digest ", e);
        }
    }

    @Override // org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider, org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        Authentication authenticate;
        Cache cache = this.cacheManager.getCache("UserCache");
        this.md.reset();
        String arrays = Arrays.toString(this.md.digest((authentication.getName() + authentication.getCredentials()).getBytes()));
        Element element = cache.get((Serializable) arrays);
        if (null != element) {
            authenticate = (Authentication) element.getObjectValue();
            SecurityContextHolder.getContext().setAuthentication(authenticate);
        } else {
            try {
                authenticate = super.authenticate(authentication);
                cache.put(new Element((Serializable) arrays, (Serializable) authenticate));
                User user = new User(authentication.getName(), "skippped-ldap", authenticate.getAuthorities());
                if (this.userService.userExists(authentication.getName())) {
                    this.userService.updateUser(user);
                } else {
                    this.userService.createUser(user);
                }
            } catch (AuthenticationException e) {
                logger.error("Failed to auth user: " + authentication.getName(), (Throwable) e);
                throw e;
            }
        }
        return authenticate;
    }
}
