package de.itsvs.cwtrpc.security;

import com.google.gwt.user.server.rpc.RPCRequest;
import de.itsvs.cwtrpc.core.RpcSessionInvalidationPolicy;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.ApplicationEventPublisherAware;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.NullRememberMeServices;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
import org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy;
import org.springframework.util.Assert;

/* loaded from: input_file:de/itsvs/cwtrpc/security/AbstractRpcAuthenticationProcessingFilter.class */
public abstract class AbstractRpcAuthenticationProcessingFilter extends AbstractRpcProcessingFilter implements ApplicationEventPublisherAware {
    private final Log log = LogFactory.getLog(AbstractRpcAuthenticationProcessingFilter.class);
    private ApplicationEventPublisher applicationEventPublisher;
    private AuthenticationManager authenticationManager;
    private AuthenticationDetailsSource authenticationDetailsSource;
    private AuthenticationSuccessHandler authenticationSuccessHandler;
    private AuthenticationFailureHandler authenticationFailureHandler;
    private RememberMeServices rememberMeServices;
    private SessionAuthenticationStrategy sessionAuthenticationStrategy;
    private RpcHttpSessionStrategy rpcHttpSessionStrategy;

    public ApplicationEventPublisher getApplicationEventPublisher() {
        return this.applicationEventPublisher;
    }

    public void setApplicationEventPublisher(ApplicationEventPublisher applicationEventPublisher) {
        this.applicationEventPublisher = applicationEventPublisher;
    }

    public AuthenticationManager getAuthenticationManager() {
        return this.authenticationManager;
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        Assert.notNull(authenticationManager, "'authenticationManager' must not be null");
        this.authenticationManager = authenticationManager;
    }

    public AuthenticationSuccessHandler getAuthenticationSuccessHandler() {
        return this.authenticationSuccessHandler;
    }

    public void setAuthenticationSuccessHandler(AuthenticationSuccessHandler authenticationSuccessHandler) {
        Assert.notNull(authenticationSuccessHandler, "'authenticationSuccessHandler' must not be null");
        this.authenticationSuccessHandler = authenticationSuccessHandler;
    }

    public AuthenticationFailureHandler getAuthenticationFailureHandler() {
        return this.authenticationFailureHandler;
    }

    public void setAuthenticationFailureHandler(AuthenticationFailureHandler authenticationFailureHandler) {
        Assert.notNull(authenticationFailureHandler, "'authenticationFailureHandler' must not be null");
        this.authenticationFailureHandler = authenticationFailureHandler;
    }

    public AuthenticationDetailsSource getAuthenticationDetailsSource() {
        return this.authenticationDetailsSource;
    }

    public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource) {
        Assert.notNull(authenticationDetailsSource, "'authenticationDetailsSource' must not be null");
        this.authenticationDetailsSource = authenticationDetailsSource;
    }

    public RememberMeServices getRememberMeServices() {
        return this.rememberMeServices;
    }

    public void setRememberMeServices(RememberMeServices rememberMeServices) {
        Assert.notNull(rememberMeServices, "'rememberMeServices' must not be null");
        this.rememberMeServices = rememberMeServices;
    }

    public SessionAuthenticationStrategy getSessionAuthenticationStrategy() {
        return this.sessionAuthenticationStrategy;
    }

    public void setSessionAuthenticationStrategy(SessionAuthenticationStrategy sessionAuthenticationStrategy) {
        Assert.notNull(sessionAuthenticationStrategy, "'sessionAuthenticationStrategy' must not be null");
        this.sessionAuthenticationStrategy = sessionAuthenticationStrategy;
    }

    public RpcHttpSessionStrategy getRpcHttpSessionStrategy() {
        return this.rpcHttpSessionStrategy;
    }

    public void setRpcHttpSessionStrategy(RpcHttpSessionStrategy rpcHttpSessionStrategy) {
        Assert.notNull(rpcHttpSessionStrategy, "'rpcHttpSessionStrategy' must not be null");
        this.rpcHttpSessionStrategy = rpcHttpSessionStrategy;
    }

    @Override // de.itsvs.cwtrpc.security.AbstractRpcProcessingFilter
    public void afterPropertiesSet() throws ServletException {
        super.afterPropertiesSet();
        Assert.notNull(getAuthenticationManager(), "'authenticationManager' must be specified");
        if (getAuthenticationSuccessHandler() == null) {
            DefaultRpcAuthenticationSuccessHandler defaultRpcAuthenticationSuccessHandler = new DefaultRpcAuthenticationSuccessHandler();
            defaultRpcAuthenticationSuccessHandler.setServletContext(getServletContext());
            defaultRpcAuthenticationSuccessHandler.afterPropertiesSet();
            setAuthenticationSuccessHandler(defaultRpcAuthenticationSuccessHandler);
        }
        if (getAuthenticationFailureHandler() == null) {
            SimpleRpcAuthenticationFailureHandler simpleRpcAuthenticationFailureHandler = new SimpleRpcAuthenticationFailureHandler();
            simpleRpcAuthenticationFailureHandler.setServletContext(getServletContext());
            simpleRpcAuthenticationFailureHandler.afterPropertiesSet();
            setAuthenticationFailureHandler(simpleRpcAuthenticationFailureHandler);
        }
        if (getSessionAuthenticationStrategy() == null) {
            setSessionAuthenticationStrategy(new SessionFixationProtectionStrategy());
        }
        if (getAuthenticationDetailsSource() == null) {
            setAuthenticationDetailsSource(new WebAuthenticationDetailsSource());
        }
        if (getRememberMeServices() == null) {
            setRememberMeServices(new NullRememberMeServices());
        }
        if (getRpcHttpSessionStrategy() == null) {
            setRpcHttpSessionStrategy(new DefaultRpcHttpSessionStrategy());
        }
    }

    @Override // de.itsvs.cwtrpc.security.AbstractRpcProcessingFilter
    protected void process(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        RpcSessionInvalidationPolicy rpcSessionInvalidationPolicy = null;
        boolean z = false;
        try {
            try {
                Authentication attemptAuthentication = attemptAuthentication(httpServletRequest, httpServletResponse);
                if (attemptAuthentication == null) {
                    if (0 == 0) {
                        this.log.debug("Clearing security context due to previous errors");
                        SecurityContextHolder.clearContext();
                        if (0 == 0 || !rpcSessionInvalidationPolicy.isInvalidateOnUnexpectedException()) {
                            return;
                        }
                        invalidateSession(httpServletRequest);
                        return;
                    }
                    return;
                }
                rpcSessionInvalidationPolicy = getRpcHttpSessionStrategy().prepareSession(httpServletRequest, httpServletResponse);
                applySessionAuthenticationStrategy(attemptAuthentication, httpServletRequest, httpServletResponse);
                successfulAuthentication(httpServletRequest, httpServletResponse, attemptAuthentication);
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                if (SecurityContextHolder.getContext().getAuthentication() == null) {
                    this.log.debug("Authentication has been removed (inidicates previous errors in filter chain)");
                } else {
                    successfulAuthenticationEnd(httpServletRequest, httpServletResponse, attemptAuthentication);
                    z = true;
                }
                if (z) {
                    return;
                }
                this.log.debug("Clearing security context due to previous errors");
                SecurityContextHolder.clearContext();
                if (rpcSessionInvalidationPolicy == null || !rpcSessionInvalidationPolicy.isInvalidateOnUnexpectedException()) {
                    return;
                }
                invalidateSession(httpServletRequest);
            } catch (org.springframework.security.core.AuthenticationException e) {
                if (e instanceof org.springframework.security.authentication.AuthenticationServiceException) {
                    this.log.error("An authentication service error occured", e);
                } else {
                    this.log.info("Authentication failed", e);
                }
                unsuccessfulAuthentication(httpServletRequest, httpServletResponse, e);
                if (0 == 0) {
                    this.log.debug("Clearing security context due to previous errors");
                    SecurityContextHolder.clearContext();
                    if (rpcSessionInvalidationPolicy == null || !rpcSessionInvalidationPolicy.isInvalidateOnUnexpectedException()) {
                        return;
                    }
                    invalidateSession(httpServletRequest);
                }
            }
        } catch (Throwable th) {
            if (0 == 0) {
                this.log.debug("Clearing security context due to previous errors");
                SecurityContextHolder.clearContext();
                if (rpcSessionInvalidationPolicy != null && rpcSessionInvalidationPolicy.isInvalidateOnUnexpectedException()) {
                    invalidateSession(httpServletRequest);
                }
            }
            throw th;
        }
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws org.springframework.security.core.AuthenticationException, IOException, ServletException {
        return getAuthenticationManager().authenticate(createAuthenticationToken(httpServletRequest, readRpcRequest(httpServletRequest)));
    }

    protected abstract Authentication createAuthenticationToken(HttpServletRequest httpServletRequest, RPCRequest rPCRequest) throws org.springframework.security.core.AuthenticationException, IOException, ServletException;

    protected void applySessionAuthenticationStrategy(Authentication authentication, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        SessionAuthenticationStrategy sessionAuthenticationStrategy = getSessionAuthenticationStrategy();
        if (RpcSessionManagementFilter.appliedSessionAuthenticationStrategy(httpServletRequest, sessionAuthenticationStrategy)) {
            this.log.debug("Session authentication strategy has been applied already");
        } else {
            sessionAuthenticationStrategy.onAuthentication(authentication, httpServletRequest, httpServletResponse);
            RpcSessionManagementFilter.saveAppliedSessionAuthenticationStrategy(httpServletRequest, sessionAuthenticationStrategy);
        }
    }

    protected void unsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, org.springframework.security.core.AuthenticationException authenticationException) throws IOException, ServletException {
        this.log.debug("Unsuccessful authentication", authenticationException);
        SecurityContextHolder.clearContext();
        getRememberMeServices().loginFail(httpServletRequest, httpServletResponse);
        getAuthenticationFailureHandler().onAuthenticationFailure(httpServletRequest, httpServletResponse, authenticationException);
    }

    protected void successfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
        if (this.log.isDebugEnabled()) {
            this.log.debug("Successful authentication of '" + authentication.getName() + "'");
        }
        SecurityContextHolder.getContext().setAuthentication(authentication);
        getRememberMeServices().loginSuccess(httpServletRequest, httpServletResponse, authentication);
        if (getApplicationEventPublisher() != null) {
            getApplicationEventPublisher().publishEvent(new InteractiveAuthenticationSuccessEvent(authentication, getClass()));
        }
    }

    protected void successfulAuthenticationEnd(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
        if (this.log.isDebugEnabled()) {
            this.log.debug("Successful authentication of '" + authentication.getName() + "' ended");
        }
        getAuthenticationSuccessHandler().onAuthenticationSuccess(httpServletRequest, httpServletResponse, authentication);
    }
}
