package com.payneteasy.superfly.security;

import com.payneteasy.superfly.api.SSOUser;
import com.payneteasy.superfly.security.authentication.CheckOTPToken;
import com.payneteasy.superfly.security.authentication.CompoundAuthentication;
import com.payneteasy.superfly.security.authentication.SSOUserTransportAuthenticationToken;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.util.Assert;

/* loaded from: input_file:com/payneteasy/superfly/security/SuperflyOTPAuthenticationProcessingFilter.class */
public class SuperflyOTPAuthenticationProcessingFilter extends AbstractSingleStepAuthenticationProcessingFilter {
    private static final Logger logger = LoggerFactory.getLogger(SuperflyOTPAuthenticationProcessingFilter.class);
    private String otpParameter;

    public SuperflyOTPAuthenticationProcessingFilter() {
        super("/j_superfly_otp_security_check");
        this.otpParameter = "j_otp";
    }

    public void setOtpParameter(String str) {
        this.otpParameter = str;
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            throw new BadCredentialsException("Authentication is null");
        }
        Assert.notNull(authentication, "authentication cannot be null");
        CompoundAuthentication compoundAuthenticationOrNewOne = getCompoundAuthenticationOrNewOne(authentication);
        return getAuthenticationManager().authenticate(new CompoundAuthentication(compoundAuthenticationOrNewOne.getReadyAuthentications(), createSimpleAuthRequest(extractLatestAuthOrSimpleAuth(authentication), obtainOtp(httpServletRequest))));
    }

    protected Authentication createSimpleAuthRequest(Authentication authentication, String str) {
        if (authentication instanceof SSOUserTransportAuthenticationToken) {
            return createCheckOtpAuthRequest(str, ((SSOUserTransportAuthenticationToken) authentication).getSsoUser());
        }
        String str2 = "Unexpected authentication of class " + authentication.getClass() + ": " + authentication;
        logger.error(str2);
        throw new AuthenticationServiceException(str2);
    }

    protected Authentication createCheckOtpAuthRequest(String str, SSOUser sSOUser) {
        return new CheckOTPToken(sSOUser, str);
    }

    protected String obtainOtp(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.otpParameter);
    }
}
