package org.springframework.security.web.webauthn.authentication;

import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.webauthn.api.PublicKeyCredentialUserEntity;
import org.springframework.security.web.webauthn.management.WebAuthnRelyingPartyOperations;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/spring-security-web-6.4.3.jar:org/springframework/security/web/webauthn/authentication/WebAuthnAuthenticationProvider.class */
public class WebAuthnAuthenticationProvider implements AuthenticationProvider {
    private final WebAuthnRelyingPartyOperations relyingPartyOperations;
    private final UserDetailsService userDetailsService;

    public WebAuthnAuthenticationProvider(WebAuthnRelyingPartyOperations webAuthnRelyingPartyOperations, UserDetailsService userDetailsService) {
        Assert.notNull(webAuthnRelyingPartyOperations, "relyingPartyOperations cannot be null");
        Assert.notNull(userDetailsService, "userDetailsService cannot be null");
        this.relyingPartyOperations = webAuthnRelyingPartyOperations;
        this.userDetailsService = userDetailsService;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        try {
            PublicKeyCredentialUserEntity authenticate = this.relyingPartyOperations.authenticate(((WebAuthnAuthenticationRequestToken) authentication).getWebAuthnRequest());
            return new WebAuthnAuthentication(authenticate, this.userDetailsService.loadUserByUsername(authenticate.getName()).getAuthorities());
        } catch (RuntimeException e) {
            throw new BadCredentialsException(e.getMessage(), e);
        }
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return WebAuthnAuthenticationRequestToken.class.isAssignableFrom(cls);
    }
}
