package com.atlassian.plugins.authentication.impl.web.usercontext.impl;

import com.atlassian.plugin.spring.scanner.annotation.component.BambooComponent;
import com.atlassian.plugin.spring.scanner.annotation.component.RefappComponent;
import com.atlassian.plugin.spring.scanner.annotation.imports.ComponentImport;
import com.atlassian.plugins.authentication.impl.web.usercontext.AuthenticationFailedException;
import com.atlassian.plugins.authentication.impl.web.usercontext.PrincipalResolver;
import com.atlassian.sal.api.auth.AuthenticationController;
import com.atlassian.sal.api.user.UserManager;
import java.security.Principal;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;

@RefappComponent
@BambooComponent
/* loaded from: input_file:com/atlassian/plugins/authentication/impl/web/usercontext/impl/SalPrincipalResolver.class */
public class SalPrincipalResolver implements PrincipalResolver {
    private final UserManager userManager;
    private final AuthenticationController authenticationController;

    @Inject
    public SalPrincipalResolver(@ComponentImport UserManager userManager, @ComponentImport AuthenticationController authenticationController) {
        this.userManager = userManager;
        this.authenticationController = authenticationController;
    }

    @Override // com.atlassian.plugins.authentication.impl.web.usercontext.PrincipalResolver
    public Principal resolvePrincipal(String str, HttpServletRequest httpServletRequest) throws AuthenticationFailedException {
        Principal resolvePrincipal = resolvePrincipal(str);
        if (resolvePrincipal == null) {
            throw new AuthenticationFailedException("Received SAML assertion for user " + str + ", but the user doesn't exist in the product");
        }
        if (isAllowedToLogin(httpServletRequest, resolvePrincipal)) {
            return resolvePrincipal;
        }
        throw new AuthenticationFailedException("Received SAML assertion for user " + str + ", but the user is not permitted to log in");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Principal resolvePrincipal(String str) {
        return this.userManager.resolve(str);
    }

    protected boolean isAllowedToLogin(HttpServletRequest httpServletRequest, Principal principal) {
        return this.authenticationController.canLogin(principal, httpServletRequest);
    }
}
