package org.zodiac.security.auth.authentication.servlet;

import java.io.IOException;
import java.util.Collection;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
import org.zodiac.commons.logging.SmartSlf4jLogger;
import org.zodiac.commons.logging.SmartSlf4jLoggerFactory;
import org.zodiac.sdk.toolkit.util.collection.CollUtil;
import org.zodiac.security.config.SecurityConfigInfo;

/* loaded from: input_file:org/zodiac/security/auth/authentication/servlet/AbstractServletAuthenticationHandler.class */
public abstract class AbstractServletAuthenticationHandler implements ServletAuthenticationHandler {
    protected final SmartSlf4jLogger log;
    private final Collection<String> supportedRequestMethods;
    private SecurityConfigInfo securityConfigInfo;
    private AuthenticationFailureHandler failureHandler;
    private AuthenticationSuccessHandler successHandler;
    private AuthenticationManager authenticationManager;
    private UserDetailsService userDetailsService;
    private SecurityRememberMeServices rememberMeServices;
    private SessionAuthenticationStrategy sessionStrategy;
    protected ApplicationEventPublisher eventPublisher;
    private boolean authenticated;

    public AbstractServletAuthenticationHandler(SecurityConfigInfo securityConfigInfo, AuthenticationManager authenticationManager, UserDetailsService userDetailsService, ApplicationEventPublisher applicationEventPublisher) {
        this(securityConfigInfo, null, null, authenticationManager, userDetailsService, null, null, applicationEventPublisher);
    }

    public AbstractServletAuthenticationHandler(SecurityConfigInfo securityConfigInfo, AuthenticationFailureHandler authenticationFailureHandler, AuthenticationSuccessHandler authenticationSuccessHandler, AuthenticationManager authenticationManager, UserDetailsService userDetailsService, SecurityRememberMeServices securityRememberMeServices, SessionAuthenticationStrategy sessionAuthenticationStrategy, ApplicationEventPublisher applicationEventPublisher) {
        this.log = SmartSlf4jLoggerFactory.getLogger(getClass());
        this.supportedRequestMethods = CollUtil.set(new String[]{HttpMethod.POST.toString()});
        this.authenticated = false;
        this.securityConfigInfo = securityConfigInfo;
        this.failureHandler = authenticationFailureHandler;
        this.successHandler = authenticationSuccessHandler;
        this.authenticationManager = authenticationManager;
        this.userDetailsService = userDetailsService;
        this.rememberMeServices = securityRememberMeServices;
        this.sessionStrategy = sessionAuthenticationStrategy;
        this.eventPublisher = applicationEventPublisher;
    }

    public AbstractServletAuthenticationHandler setEventPublisher(ApplicationEventPublisher applicationEventPublisher) {
        this.eventPublisher = applicationEventPublisher;
        return this;
    }

    @Override // org.zodiac.security.auth.authentication.servlet.ServletAuthenticationHandler
    public Authentication authenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException, ServletException {
        if (!checkAuthenticationMethod(httpServletRequest)) {
            throw new AuthenticationServiceException(String.format("Authentication method not supported: %s", httpServletRequest.getMethod()));
        }
        try {
            Authentication attemptAuthentication = attemptAuthentication(httpServletRequest, httpServletResponse);
            if (null == attemptAuthentication) {
                return null;
            }
            getSessionStrategy().onAuthentication(attemptAuthentication, httpServletRequest, httpServletResponse);
            successfulAuthentication(httpServletRequest, httpServletResponse, attemptAuthentication);
            return attemptAuthentication;
        } catch (InternalAuthenticationServiceException e) {
            this.log.error("An internal error occurred while trying to authenticate the user.", e);
            unsuccessfulAuthentication(httpServletRequest, httpServletResponse, e);
            return null;
        } catch (AuthenticationException e2) {
            unsuccessfulAuthentication(httpServletRequest, httpServletResponse, e2);
            return null;
        }
    }

    @Override // org.zodiac.security.auth.authentication.servlet.ServletAuthenticationHandler
    public void unauthenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        SecurityContextHolder.clearContext();
        getRememberMeServices().logout(httpServletRequest, httpServletResponse);
        disableAuthenticated();
    }

    public Collection<String> getSupportedRequestMethods() {
        return this.supportedRequestMethods;
    }

    @Override // org.zodiac.security.auth.authentication.servlet.ServletAuthenticationHandler
    public AuthenticationFailureHandler getFailureHandler() {
        return obtainAuthenticationFailureHandler();
    }

    @Override // org.zodiac.security.auth.authentication.servlet.ServletAuthenticationHandler
    public AuthenticationSuccessHandler getSuccessHandler() {
        return obtainAuthenticationSuccessHandler();
    }

    public boolean isAuthenticated() {
        return this.authenticated;
    }

    public AuthenticationManager getAuthenticationManager() {
        return this.authenticationManager;
    }

    public final SecurityRememberMeServices getRememberMeServices() {
        return obtainRememberMeServices();
    }

    public SessionAuthenticationStrategy getSessionStrategy() {
        return obtainSessionAuthenticationStrategy();
    }

    protected final SecurityConfigInfo getSecurityConfigInfo() {
        return this.securityConfigInfo;
    }

    protected final boolean checkAuthenticationMethod(HttpServletRequest httpServletRequest) {
        return null != httpServletRequest && getSupportedRequestMethods().contains(httpServletRequest.getMethod());
    }

    protected final AbstractServletAuthenticationHandler addSupportedRequestMethods(Collection<HttpMethod> collection) {
        if (CollUtil.isEmptyColl(collection)) {
            return this;
        }
        collection.forEach(httpMethod -> {
            getSupportedRequestMethods().add(httpMethod.toString());
        });
        return this;
    }

    protected void successfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
        if (this.log.isDebugEnabled()) {
            this.log.debug("Authentication success. Updating SecurityContextHolder to contain: {}", authentication);
        }
        SecurityContextHolder.getContext().setAuthentication(authentication);
        getRememberMeServices().loginSuccess(httpServletRequest, httpServletResponse, authentication);
        if (this.eventPublisher != null) {
            this.eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authentication, getClass()));
        }
        enableAuthenticated();
    }

    protected void unsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        SecurityContextHolder.clearContext();
        AuthenticationFailureHandler failureHandler = getFailureHandler();
        if (this.log.isDebugEnabled()) {
            this.log.debug(String.format("Authentication request failed: %s", authenticationException.toString()), authenticationException);
            this.log.debug("Updated SecurityContextHolder to contain null Authentication");
            this.log.debug("Delegating to authentication failure handler {}", failureHandler);
        }
        getRememberMeServices().loginFail(httpServletRequest, httpServletResponse);
        saveException(httpServletRequest, authenticationException);
    }

    protected AuthenticationFailureHandler obtainAuthenticationFailureHandler() {
        if (null != this.failureHandler) {
            return this.failureHandler;
        }
        this.failureHandler = new SimpleUrlAuthenticationFailureHandler(this.securityConfigInfo.getWeb().getFailureForwardUrl());
        return this.failureHandler;
    }

    protected AuthenticationSuccessHandler obtainAuthenticationSuccessHandler() {
        if (null != this.successHandler) {
            return this.successHandler;
        }
        SavedRequestAwareAuthenticationSuccessHandler savedRequestAwareAuthenticationSuccessHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        savedRequestAwareAuthenticationSuccessHandler.setTargetUrlParameter(this.securityConfigInfo.getWeb().getSuccessForwardUrl());
        this.successHandler = savedRequestAwareAuthenticationSuccessHandler;
        return this.successHandler;
    }

    protected SecurityRememberMeServices obtainRememberMeServices() {
        if (null != this.rememberMeServices) {
            return this.rememberMeServices;
        }
        this.rememberMeServices = new SecurityTokenBasedRememberMeServices(this.securityConfigInfo.getRememberMeKey(), this.userDetailsService);
        return this.rememberMeServices;
    }

    protected SessionAuthenticationStrategy obtainSessionAuthenticationStrategy() {
        if (null != this.sessionStrategy) {
            return this.sessionStrategy;
        }
        this.sessionStrategy = new NullAuthenticatedSessionStrategy();
        return this.sessionStrategy;
    }

    protected final void saveException(HttpServletRequest httpServletRequest, AuthenticationException authenticationException) {
        if (httpServletRequest.getSession(false) != null) {
            httpServletRequest.getSession().setAttribute("SPRING_SECURITY_LAST_EXCEPTION", authenticationException);
        }
    }

    private void disableAuthenticated() {
        this.authenticated = false;
    }

    private void enableAuthenticated() {
        this.authenticated = true;
    }

    protected abstract Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException, ServletException;

    @Override // org.zodiac.security.auth.authentication.servlet.ServletAuthenticationHandler
    public boolean hasAuthenticated(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Object attribute;
        Authentication authentication;
        HttpSession session = httpServletRequest.getSession(false);
        return (null == session || null == (attribute = session.getAttribute(getSecurityConfigInfo().getWeb().getSession().getSecurityContextKey())) || null == (authentication = ((SecurityContext) attribute).getAuthentication()) || (authentication instanceof AnonymousAuthenticationToken) || !authentication.isAuthenticated()) ? false : true;
    }
}
