package be.atbash.ee.security.octopus.view;

import be.atbash.ee.security.octopus.SecurityUtils;
import be.atbash.ee.security.octopus.config.OctopusJSFConfiguration;
import be.atbash.ee.security.octopus.context.OctopusWebSecurityContext;
import be.atbash.ee.security.octopus.logout.LogoutHandler;
import be.atbash.ee.security.octopus.session.SessionUtil;
import be.atbash.ee.security.octopus.subject.WebSubject;
import be.atbash.ee.security.octopus.token.AuthenticationToken;
import be.atbash.ee.security.octopus.util.SavedRequest;
import be.atbash.ee.security.octopus.util.WebUtils;
import be.atbash.util.exception.AtbashUnexpectedException;
import java.io.IOException;
import javax.enterprise.context.Dependent;
import javax.enterprise.inject.Specializes;
import javax.faces.context.ExternalContext;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;

@Dependent
@Specializes
/* loaded from: input_file:be/atbash/ee/security/octopus/view/OctopusJSFSecurityContext.class */
public class OctopusJSFSecurityContext extends OctopusWebSecurityContext {

    @Inject
    private SessionUtil sessionUtil;

    @Inject
    private LogoutHandler logoutHandler;

    @Inject
    private OctopusJSFConfiguration octopusJSFConfiguration;

    public void loginWithRedirect(HttpServletRequest httpServletRequest, ExternalContext externalContext, AuthenticationToken authenticationToken, String str) throws IOException {
        WebSubject subject = SecurityUtils.getSubject();
        boolean z = true;
        if (subject.getPrincipal() != null && !subject.isAuthenticated()) {
            z = false;
        }
        if (z) {
            this.sessionUtil.invalidateCurrentSession(httpServletRequest);
        }
        subject.login(authenticationToken);
        if (!subject.isAuthenticated()) {
            externalContext.redirect(httpServletRequest.getContextPath() + this.octopusJSFConfiguration.getSecondStepPage());
        } else {
            SavedRequest andClearSavedRequest = WebUtils.getAndClearSavedRequest(subject);
            externalContext.redirect(andClearSavedRequest != null ? andClearSavedRequest.getRequestUrl() : str);
        }
    }

    public void logout() {
        try {
            WebSubject subject = SecurityUtils.getSubject();
            WebUtils.issueRedirect(subject.getServletRequest(), subject.getServletResponse(), this.logoutHandler.getLogoutPage());
            super.logout();
        } catch (IOException e) {
            throw new AtbashUnexpectedException(e);
        }
    }
}
