/*
   * (non-Javadoc)
   *
   * @see
   * org.springframework.security.authentication.AuthenticationProvider#authenticate
   * (org.springframework.security.Authentication)
   */
  public Authentication authenticate(final Authentication authentication)
      throws AuthenticationException {

    if (!supports(authentication.getClass())) {
      return null;
    }

    if (authentication instanceof OpenIDAuthenticationToken) {
      OpenIDAuthenticationToken response = (OpenIDAuthenticationToken) authentication;
      OpenIDAuthenticationStatus status = response.getStatus();

      // handle the various possibilities
      if (status == OpenIDAuthenticationStatus.SUCCESS) {
        // Lookup user details
        UserDetails userDetails = userDetailsService.loadUserDetails(response);

        return createSuccessfulAuthentication(userDetails, response);

      } else if (status == OpenIDAuthenticationStatus.CANCELLED) {
        throw new AuthenticationCancelledException("Log in cancelled");
      } else if (status == OpenIDAuthenticationStatus.ERROR) {
        throw new AuthenticationServiceException(
            "Error message from server: " + response.getMessage());
      } else if (status == OpenIDAuthenticationStatus.FAILURE) {
        throw new BadCredentialsException("Log in failed - identity could not be verified");
      } else if (status == OpenIDAuthenticationStatus.SETUP_NEEDED) {
        throw new AuthenticationServiceException(
            "The server responded setup was needed, which shouldn't happen");
      } else {
        throw new AuthenticationServiceException("Unrecognized return value " + status.toString());
      }
    }

    return null;
  }
 /**
  * Handles the creation of the final <tt>Authentication</tt> object which will be returned by the
  * provider.
  *
  * <p>The default implementation just creates a new OpenIDAuthenticationToken from the original,
  * but with the UserDetails as the principal and including the authorities loaded by the
  * UserDetailsService.
  *
  * @param userDetails the loaded UserDetails object
  * @param auth the token passed to the authenticate method, containing
  * @return the token which will represent the authenticated user.
  */
 protected Authentication createSuccessfulAuthentication(
     UserDetails userDetails, OpenIDAuthenticationToken auth) {
   return new OpenIDAuthenticationToken(
       userDetails,
       authoritiesMapper.mapAuthorities(userDetails.getAuthorities()),
       auth.getIdentityUrl(),
       auth.getAttributes());
 }