package com.payneteasy.superfly.security;

import com.payneteasy.superfly.api.SSORole;
import com.payneteasy.superfly.api.SSOUser;
import com.payneteasy.superfly.security.authentication.CompoundAuthentication;
import com.payneteasy.superfly.security.authentication.SSOUserAndSelectedRoleAuthenticationToken;
import com.payneteasy.superfly.security.authentication.SSOUserTransportAuthenticationToken;
import java.io.IOException;
import java.util.Iterator;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:com/payneteasy/superfly/security/SuperflySelectRoleAuthenticationProcessingFilter.class */
public class SuperflySelectRoleAuthenticationProcessingFilter extends AbstractSingleStepAuthenticationProcessingFilter {
    private String roleParameter;

    protected SuperflySelectRoleAuthenticationProcessingFilter() {
        super("/j_superfly_select_role");
        this.roleParameter = TwoStepAuthenticationProcessingFilter.SPRING_SECURITY_FORM_ROLE_KEY;
    }

    public void setRoleParameter(String str) {
        this.roleParameter = str;
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException, ServletException {
        String obtainRoleKey = obtainRoleKey(httpServletRequest);
        SSOUser sSOUser = (SSOUser) httpServletRequest.getSession().getAttribute(SSOUserTransportAuthenticationToken.SESSION_KEY);
        httpServletRequest.getSession().removeAttribute(SSOUserTransportAuthenticationToken.SESSION_KEY);
        if (sSOUser == null) {
            throw new BadCredentialsException("Session expired");
        }
        SSORole sSORole = null;
        Iterator it = sSOUser.getActionsMap().keySet().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            SSORole sSORole2 = (SSORole) it.next();
            if (sSORole2.getName().equals(obtainRoleKey)) {
                sSORole = sSORole2;
                break;
            }
        }
        if (sSORole == null) {
            throw new BadCredentialsException("Unknown role: " + obtainRoleKey);
        }
        return getAuthenticationManager().authenticate(new CompoundAuthentication(getCompoundAuthenticationOrNewOne(SecurityContextHolder.getContext().getAuthentication()).getReadyAuthentications(), createUserRoleAuthRequest(sSOUser, sSORole)));
    }

    protected String obtainRoleKey(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.roleParameter);
    }

    protected Authentication createUserRoleAuthRequest(SSOUser sSOUser, SSORole sSORole) {
        return new SSOUserAndSelectedRoleAuthenticationToken(sSOUser, sSORole);
    }
}
