package org.apache.ranger.security.handler;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.security.auth.login.AppConfigurationEntry;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.apache.commons.net.ftp.FTPClientConfig;
import org.apache.log4j.Logger;
import org.apache.ranger.authentication.unix.jaas.PamLoginModule;
import org.apache.ranger.authentication.unix.jaas.RoleUserAuthorityGranter;
import org.apache.ranger.authorization.utils.StringUtil;
import org.apache.ranger.biz.UserMgr;
import org.apache.ranger.common.PropertiesUtil;
import org.apache.ranger.common.RangerConstants;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.ldap.core.support.DefaultTlsDirContextAuthenticationStrategy;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.authentication.dao.ReflectionSaltSource;
import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
import org.springframework.security.authentication.jaas.DefaultJaasAuthenticationProvider;
import org.springframework.security.authentication.jaas.memory.InMemoryConfiguration;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
import org.springframework.security.ldap.authentication.BindAuthenticator;
import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
import org.springframework.security.ldap.authentication.LdapAuthenticator;
import org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider;
import org.springframework.security.ldap.search.FilterBasedLdapUserSearch;
import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator;
import org.springframework.security.provisioning.JdbcUserDetailsManager;

/* loaded from: input_file:WEB-INF/classes/org/apache/ranger/security/handler/RangerAuthenticationProvider.class */
public class RangerAuthenticationProvider implements AuthenticationProvider {

    @Autowired
    @Qualifier("userService")
    private JdbcUserDetailsManager userDetailsService;

    @Autowired
    UserMgr userMgr;
    private static final Logger logger = Logger.getLogger(RangerAuthenticationProvider.class);
    private String rangerAuthenticationMethod;
    private LdapAuthenticator authenticator;
    private boolean ssoEnabled = false;

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (!isSsoEnabled()) {
            String property = PropertiesUtil.getProperty("ranger.sha256Password.update.disable", "false");
            if (this.rangerAuthenticationMethod == null) {
                this.rangerAuthenticationMethod = "NONE";
            }
            if (authentication != null && this.rangerAuthenticationMethod != null) {
                if ("LDAP".equalsIgnoreCase(this.rangerAuthenticationMethod)) {
                    Authentication ldapAuthentication = getLdapAuthentication(authentication);
                    if (ldapAuthentication != null && ldapAuthentication.isAuthenticated()) {
                        return ldapAuthentication;
                    }
                    authentication = getLdapBindAuthentication(ldapAuthentication);
                    if (authentication != null && authentication.isAuthenticated()) {
                        return authentication;
                    }
                }
                if ("ACTIVE_DIRECTORY".equalsIgnoreCase(this.rangerAuthenticationMethod)) {
                    Authentication aDBindAuthentication = getADBindAuthentication(authentication);
                    if (aDBindAuthentication != null && aDBindAuthentication.isAuthenticated()) {
                        return aDBindAuthentication;
                    }
                    authentication = getADAuthentication(aDBindAuthentication);
                    if (authentication != null && authentication.isAuthenticated()) {
                        return authentication;
                    }
                }
                if (FTPClientConfig.SYST_UNIX.equalsIgnoreCase(this.rangerAuthenticationMethod)) {
                    authentication = PropertiesUtil.getBooleanProperty("ranger.pam.authentication.enabled", false) ? getPamAuthentication(authentication) : getUnixAuthentication(authentication);
                    if (authentication != null && authentication.isAuthenticated()) {
                        return authentication;
                    }
                }
                if ("PAM".equalsIgnoreCase(this.rangerAuthenticationMethod)) {
                    authentication = getPamAuthentication(authentication);
                    if (authentication != null && authentication.isAuthenticated()) {
                        return authentication;
                    }
                }
                try {
                    authentication = getJDBCAuthentication(authentication, "SHA256");
                } catch (Exception e) {
                    logger.debug("JDBC Authentication failure: ", e);
                }
                if (authentication != null && authentication.isAuthenticated()) {
                    return authentication;
                }
                if (authentication == null || authentication.isAuthenticated()) {
                    return authentication;
                }
                logger.info("Authentication with SHA-256 failed. Now trying with MD5.");
                String name = authentication.getName();
                String str = null;
                if (authentication.getCredentials() != null) {
                    str = authentication.getCredentials().toString();
                }
                try {
                    Authentication jDBCAuthentication = getJDBCAuthentication(authentication, MessageDigestAlgorithms.MD5);
                    if (jDBCAuthentication == null || !jDBCAuthentication.isAuthenticated()) {
                        return jDBCAuthentication;
                    }
                    if ("false".equalsIgnoreCase(property)) {
                        this.userMgr.updatePasswordInSHA256(name, str, false);
                    }
                    return jDBCAuthentication;
                } catch (Exception e2) {
                    throw e2;
                }
            }
        } else if (authentication != null) {
            authentication = getSSOAuthentication(authentication);
            if (authentication != null && authentication.isAuthenticated()) {
                return authentication;
            }
        }
        return authentication;
    }

    private Authentication getLdapAuthentication(Authentication authentication) {
        LdapAuthenticationProvider ldapAuthenticationProvider;
        try {
            String property = PropertiesUtil.getProperty("ranger.ldap.url", "");
            String property2 = PropertiesUtil.getProperty("ranger.ldap.user.dnpattern", "");
            String property3 = PropertiesUtil.getProperty("ranger.ldap.group.searchbase", "");
            String property4 = PropertiesUtil.getProperty("ranger.ldap.group.searchfilter", "");
            String property5 = PropertiesUtil.getProperty("ranger.ldap.group.roleattribute", "");
            String property6 = PropertiesUtil.getProperty("ranger.ldap.default.role", RangerConstants.ROLE_USER);
            boolean booleanValue = Boolean.valueOf(PropertiesUtil.getProperty("ranger.ldap.starttls", "false")).booleanValue();
            String name = authentication.getName();
            String obj = authentication.getCredentials() != null ? authentication.getCredentials().toString() : "";
            DefaultSpringSecurityContextSource defaultSpringSecurityContextSource = new DefaultSpringSecurityContextSource(property);
            if (booleanValue) {
                defaultSpringSecurityContextSource.setPooled(false);
                defaultSpringSecurityContextSource.setAuthenticationStrategy(new DefaultTlsDirContextAuthenticationStrategy());
            }
            defaultSpringSecurityContextSource.setCacheEnvironmentProperties(false);
            defaultSpringSecurityContextSource.setAnonymousReadOnly(true);
            BindAuthenticator bindAuthenticator = new BindAuthenticator(defaultSpringSecurityContextSource);
            bindAuthenticator.setUserDnPatterns(property2.split(";"));
            if (StringUtil.isEmpty(property3) || StringUtil.isEmpty(property4)) {
                ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);
            } else {
                DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(defaultSpringSecurityContextSource, property3);
                defaultLdapAuthoritiesPopulator.setGroupRoleAttribute(property5);
                defaultLdapAuthoritiesPopulator.setGroupSearchFilter(property4);
                defaultLdapAuthoritiesPopulator.setIgnorePartialResultException(true);
                ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator, defaultLdapAuthoritiesPopulator);
            }
            if (name == null || obj == null || name.trim().isEmpty() || obj.trim().isEmpty()) {
                return authentication;
            }
            ArrayList arrayList = new ArrayList();
            arrayList.add(new SimpleGrantedAuthority(property6));
            authentication = getAuthenticationWithGrantedAuthority(ldapAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken(new User(name, obj, arrayList), obj, arrayList)));
            return authentication;
        } catch (Exception e) {
            logger.debug("LDAP Authentication Failed:", e);
            return authentication;
        }
    }

    public Authentication getADAuthentication(Authentication authentication) {
        try {
            String property = PropertiesUtil.getProperty("ranger.ldap.ad.url", "");
            String property2 = PropertiesUtil.getProperty("ranger.ldap.ad.domain", "");
            String property3 = PropertiesUtil.getProperty("ranger.ldap.default.role", RangerConstants.ROLE_USER);
            String property4 = PropertiesUtil.getProperty("ranger.ldap.ad.user.searchfilter", "(sAMAccountName={0})");
            ActiveDirectoryLdapAuthenticationProvider activeDirectoryLdapAuthenticationProvider = new ActiveDirectoryLdapAuthenticationProvider(property2, property);
            activeDirectoryLdapAuthenticationProvider.setConvertSubErrorCodesToExceptions(true);
            activeDirectoryLdapAuthenticationProvider.setUseAuthenticationRequestCredentials(true);
            activeDirectoryLdapAuthenticationProvider.setSearchFilter(property4);
            String name = authentication.getName();
            String obj = authentication.getCredentials() != null ? authentication.getCredentials().toString() : "";
            if (name == null || obj == null || name.trim().isEmpty() || obj.trim().isEmpty()) {
                return authentication;
            }
            ArrayList arrayList = new ArrayList();
            arrayList.add(new SimpleGrantedAuthority(property3));
            authentication = activeDirectoryLdapAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken(new User(name, obj, arrayList), obj, arrayList));
            return authentication;
        } catch (Exception e) {
            logger.debug("AD Authentication Failed:", e);
            return authentication;
        }
    }

    public Authentication getPamAuthentication(Authentication authentication) {
        try {
            String property = PropertiesUtil.getProperty("ranger.ldap.default.role", RangerConstants.ROLE_USER);
            DefaultJaasAuthenticationProvider defaultJaasAuthenticationProvider = new DefaultJaasAuthenticationProvider();
            AppConfigurationEntry.LoginModuleControlFlag loginModuleControlFlag = AppConfigurationEntry.LoginModuleControlFlag.REQUIRED;
            Map<String, String> propertiesMap = PropertiesUtil.getPropertiesMap();
            if (!propertiesMap.containsKey(PamLoginModule.SERVICE_KEY)) {
                propertiesMap.put(PamLoginModule.SERVICE_KEY, "ranger-admin");
            }
            AppConfigurationEntry[] appConfigurationEntryArr = {new AppConfigurationEntry("org.apache.ranger.authentication.unix.jaas.PamLoginModule", loginModuleControlFlag, propertiesMap)};
            HashMap hashMap = new HashMap();
            hashMap.put("SPRINGSECURITY", appConfigurationEntryArr);
            defaultJaasAuthenticationProvider.setConfiguration(new InMemoryConfiguration(hashMap));
            defaultJaasAuthenticationProvider.setAuthorityGranters(new RoleUserAuthorityGranter[]{new RoleUserAuthorityGranter()});
            defaultJaasAuthenticationProvider.afterPropertiesSet();
            String name = authentication.getName();
            String obj = authentication.getCredentials() != null ? authentication.getCredentials().toString() : "";
            if (name == null || obj == null || name.trim().isEmpty() || obj.trim().isEmpty()) {
                return authentication;
            }
            ArrayList arrayList = new ArrayList();
            arrayList.add(new SimpleGrantedAuthority(property));
            authentication = getAuthenticationWithGrantedAuthority(defaultJaasAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken(new User(name, obj, arrayList), obj, arrayList)));
            return authentication;
        } catch (Exception e) {
            logger.debug("Pam Authentication Failed:", e);
            return authentication;
        }
    }

    public Authentication getUnixAuthentication(Authentication authentication) {
        try {
            String property = PropertiesUtil.getProperty("ranger.ldap.default.role", RangerConstants.ROLE_USER);
            DefaultJaasAuthenticationProvider defaultJaasAuthenticationProvider = new DefaultJaasAuthenticationProvider();
            AppConfigurationEntry[] appConfigurationEntryArr = {new AppConfigurationEntry("org.apache.ranger.authentication.unix.jaas.RemoteUnixLoginModule", AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, PropertiesUtil.getPropertiesMap())};
            HashMap hashMap = new HashMap();
            hashMap.put("SPRINGSECURITY", appConfigurationEntryArr);
            defaultJaasAuthenticationProvider.setConfiguration(new InMemoryConfiguration(hashMap));
            defaultJaasAuthenticationProvider.setAuthorityGranters(new RoleUserAuthorityGranter[]{new RoleUserAuthorityGranter()});
            defaultJaasAuthenticationProvider.afterPropertiesSet();
            String name = authentication.getName();
            String obj = authentication.getCredentials() != null ? authentication.getCredentials().toString() : "";
            if (name == null || obj == null || name.trim().isEmpty() || obj.trim().isEmpty()) {
                return authentication;
            }
            ArrayList arrayList = new ArrayList();
            arrayList.add(new SimpleGrantedAuthority(property));
            authentication = getAuthenticationWithGrantedAuthority(defaultJaasAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken(new User(name, obj, arrayList), obj, arrayList)));
            return authentication;
        } catch (Exception e) {
            logger.debug("Unix Authentication Failed:", e);
            return authentication;
        }
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return cls.equals(UsernamePasswordAuthenticationToken.class);
    }

    public String getRangerAuthenticationMethod() {
        return this.rangerAuthenticationMethod;
    }

    public void setRangerAuthenticationMethod(String str) {
        this.rangerAuthenticationMethod = str;
    }

    public LdapAuthenticator getAuthenticator() {
        return this.authenticator;
    }

    public void setAuthenticator(LdapAuthenticator ldapAuthenticator) {
        this.authenticator = ldapAuthenticator;
    }

    private Authentication getADBindAuthentication(Authentication authentication) {
        try {
            String property = PropertiesUtil.getProperty("ranger.ldap.ad.url", "");
            String property2 = PropertiesUtil.getProperty("ranger.ldap.ad.base.dn", "");
            String property3 = PropertiesUtil.getProperty("ranger.ldap.ad.bind.dn", "");
            String property4 = PropertiesUtil.getProperty("ranger.ldap.ad.bind.password", "");
            String property5 = PropertiesUtil.getProperty("ranger.ldap.default.role", RangerConstants.ROLE_USER);
            String property6 = PropertiesUtil.getProperty("ranger.ldap.ad.referral", "follow");
            String property7 = PropertiesUtil.getProperty("ranger.ldap.ad.user.searchfilter", "(sAMAccountName={0})");
            boolean booleanValue = Boolean.valueOf(PropertiesUtil.getProperty("ranger.ldap.starttls", "false")).booleanValue();
            String name = authentication.getName();
            String obj = authentication.getCredentials() != null ? authentication.getCredentials().toString() : "";
            DefaultSpringSecurityContextSource defaultSpringSecurityContextSource = new DefaultSpringSecurityContextSource(property);
            defaultSpringSecurityContextSource.setUserDn(property3);
            defaultSpringSecurityContextSource.setPassword(property4);
            defaultSpringSecurityContextSource.setReferral(property6);
            defaultSpringSecurityContextSource.setCacheEnvironmentProperties(true);
            defaultSpringSecurityContextSource.setAnonymousReadOnly(false);
            defaultSpringSecurityContextSource.setPooled(true);
            if (booleanValue) {
                defaultSpringSecurityContextSource.setPooled(false);
                defaultSpringSecurityContextSource.setAuthenticationStrategy(new DefaultTlsDirContextAuthenticationStrategy());
            }
            defaultSpringSecurityContextSource.afterPropertiesSet();
            if (property7 == null || property7.trim().isEmpty()) {
                property7 = "(sAMAccountName={0})";
            }
            FilterBasedLdapUserSearch filterBasedLdapUserSearch = new FilterBasedLdapUserSearch(property2, property7, defaultSpringSecurityContextSource);
            filterBasedLdapUserSearch.setSearchSubtree(true);
            BindAuthenticator bindAuthenticator = new BindAuthenticator(defaultSpringSecurityContextSource);
            bindAuthenticator.setUserSearch(filterBasedLdapUserSearch);
            bindAuthenticator.afterPropertiesSet();
            LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator);
            if (name == null || obj == null || name.trim().isEmpty() || obj.trim().isEmpty()) {
                return authentication;
            }
            ArrayList arrayList = new ArrayList();
            arrayList.add(new SimpleGrantedAuthority(property5));
            authentication = getAuthenticationWithGrantedAuthority(ldapAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken(new User(name, obj, arrayList), obj, arrayList)));
            return authentication;
        } catch (Exception e) {
            logger.debug("AD Authentication Failed:", e);
            return authentication;
        }
    }

    private Authentication getLdapBindAuthentication(Authentication authentication) {
        try {
            String property = PropertiesUtil.getProperty("ranger.ldap.url", "");
            String property2 = PropertiesUtil.getProperty("ranger.ldap.user.dnpattern", "");
            String property3 = PropertiesUtil.getProperty("ranger.ldap.group.searchbase", "");
            String property4 = PropertiesUtil.getProperty("ranger.ldap.group.searchfilter", "");
            String property5 = PropertiesUtil.getProperty("ranger.ldap.group.roleattribute", "");
            String property6 = PropertiesUtil.getProperty("ranger.ldap.default.role", RangerConstants.ROLE_USER);
            String property7 = PropertiesUtil.getProperty("ranger.ldap.base.dn", "");
            String property8 = PropertiesUtil.getProperty("ranger.ldap.bind.dn", "");
            String property9 = PropertiesUtil.getProperty("ranger.ldap.bind.password", "");
            String property10 = PropertiesUtil.getProperty("ranger.ldap.referral", "follow");
            String property11 = PropertiesUtil.getProperty("ranger.ldap.user.searchfilter", "(uid={0})");
            boolean booleanValue = Boolean.valueOf(PropertiesUtil.getProperty("ranger.ldap.starttls", "false")).booleanValue();
            String name = authentication.getName();
            String obj = authentication.getCredentials() != null ? authentication.getCredentials().toString() : "";
            DefaultSpringSecurityContextSource defaultSpringSecurityContextSource = new DefaultSpringSecurityContextSource(property);
            defaultSpringSecurityContextSource.setUserDn(property8);
            defaultSpringSecurityContextSource.setPassword(property9);
            defaultSpringSecurityContextSource.setReferral(property10);
            defaultSpringSecurityContextSource.setCacheEnvironmentProperties(false);
            defaultSpringSecurityContextSource.setAnonymousReadOnly(false);
            defaultSpringSecurityContextSource.setPooled(true);
            if (booleanValue) {
                defaultSpringSecurityContextSource.setPooled(false);
                defaultSpringSecurityContextSource.setAuthenticationStrategy(new DefaultTlsDirContextAuthenticationStrategy());
            }
            defaultSpringSecurityContextSource.afterPropertiesSet();
            DefaultLdapAuthoritiesPopulator defaultLdapAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(defaultSpringSecurityContextSource, property3);
            defaultLdapAuthoritiesPopulator.setGroupRoleAttribute(property5);
            defaultLdapAuthoritiesPopulator.setGroupSearchFilter(property4);
            defaultLdapAuthoritiesPopulator.setIgnorePartialResultException(true);
            if (property11 == null || property11.trim().isEmpty()) {
                property11 = "(uid={0})";
            }
            FilterBasedLdapUserSearch filterBasedLdapUserSearch = new FilterBasedLdapUserSearch(property7, property11, defaultSpringSecurityContextSource);
            filterBasedLdapUserSearch.setSearchSubtree(true);
            BindAuthenticator bindAuthenticator = new BindAuthenticator(defaultSpringSecurityContextSource);
            bindAuthenticator.setUserSearch(filterBasedLdapUserSearch);
            bindAuthenticator.setUserDnPatterns(new String[]{property2});
            bindAuthenticator.afterPropertiesSet();
            LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(bindAuthenticator, defaultLdapAuthoritiesPopulator);
            if (name == null || obj == null || name.trim().isEmpty() || obj.trim().isEmpty()) {
                return authentication;
            }
            ArrayList arrayList = new ArrayList();
            arrayList.add(new SimpleGrantedAuthority(property6));
            authentication = getAuthenticationWithGrantedAuthority(ldapAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken(new User(name, obj, arrayList), obj, arrayList)));
            return authentication;
        } catch (Exception e) {
            logger.debug("LDAP Authentication Failed:", e);
            return authentication;
        }
    }

    private Authentication getJDBCAuthentication(Authentication authentication, String str) throws AuthenticationException {
        try {
            ReflectionSaltSource reflectionSaltSource = new ReflectionSaltSource();
            reflectionSaltSource.setUserPropertyToUse("username");
            DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
            daoAuthenticationProvider.setUserDetailsService(this.userDetailsService);
            if (str != null && "SHA256".equalsIgnoreCase(str)) {
                daoAuthenticationProvider.setPasswordEncoder((Object) new ShaPasswordEncoder(256));
            } else if (str != null && MessageDigestAlgorithms.MD5.equalsIgnoreCase(str)) {
                daoAuthenticationProvider.setPasswordEncoder((Object) new Md5PasswordEncoder());
            }
            daoAuthenticationProvider.setSaltSource(reflectionSaltSource);
            String str2 = "";
            String str3 = "";
            if (authentication != null) {
                str2 = authentication.getName();
                if (authentication.getCredentials() != null) {
                    str3 = authentication.getCredentials().toString();
                }
            }
            String property = PropertiesUtil.getProperty("ranger.ldap.default.role", RangerConstants.ROLE_USER);
            if (str2 != null && str3 != null && !str2.trim().isEmpty() && !str3.trim().isEmpty()) {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new SimpleGrantedAuthority(property));
                return daoAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken(new User(str2, str3, arrayList), str3, arrayList));
            }
            if (authentication == null || authentication.isAuthenticated()) {
                return authentication;
            }
            throw new BadCredentialsException("Bad credentials");
        } catch (AuthenticationServiceException e) {
            throw e;
        } catch (BadCredentialsException e2) {
            throw e2;
        } catch (AuthenticationException e3) {
            throw e3;
        } catch (Exception e4) {
            throw e4;
        }
    }

    private List<GrantedAuthority> getAuthorities(String str) {
        Collection<String> rolesByLoginId = this.userMgr.getRolesByLoginId(str);
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = rolesByLoginId.iterator();
        while (it.hasNext()) {
            arrayList.add(new SimpleGrantedAuthority(it.next()));
        }
        return arrayList;
    }

    public Authentication getAuthenticationWithGrantedAuthority(Authentication authentication) {
        if (authentication == null || !authentication.isAuthenticated()) {
            return authentication;
        }
        List<GrantedAuthority> authorities = getAuthorities(authentication.getName().toString());
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(new User(authentication.getName().toString(), authentication.getCredentials().toString(), authorities), authentication.getCredentials(), authorities);
        usernamePasswordAuthenticationToken.setDetails(authentication.getDetails());
        return usernamePasswordAuthenticationToken;
    }

    private Authentication getSSOAuthentication(Authentication authentication) throws AuthenticationException {
        return authentication;
    }

    public boolean isSsoEnabled() {
        return this.ssoEnabled;
    }

    public void setSsoEnabled(boolean z) {
        this.ssoEnabled = z;
    }
}
