package com.erudika.para.security;

import com.erudika.para.Para;
import com.erudika.para.core.App;
import com.erudika.para.core.User;
import com.erudika.para.rest.RestUtils;
import com.erudika.para.security.filters.MicrosoftAuthFilter;
import com.erudika.para.utils.Config;
import com.erudika.para.utils.HttpUtils;
import com.erudika.para.utils.Utils;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;

/* loaded from: input_file:WEB-INF/lib/para-server-1.28.2.jar:com/erudika/para/security/SimpleAuthenticationSuccessHandler.class */
public class SimpleAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
    private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();

    @Override // org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler, org.springframework.security.web.authentication.AuthenticationSuccessHandler
    public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
        App app;
        User authenticatedUser = SecurityUtils.getAuthenticatedUser(authentication);
        if (authenticatedUser != null && !StringUtils.equals(httpServletRequest.getRemoteAddr(), authenticatedUser.getLastIp())) {
            authenticatedUser.setLastIp(httpServletRequest.getRemoteAddr());
            authenticatedUser.update();
        }
        String parameter = httpServletRequest.getParameter(httpServletRequest.getRequestURI().contains(MicrosoftAuthFilter.MICROSOFT_ACTION) ? "state" : Config._APPID);
        if (!StringUtils.isBlank(parameter) && (app = (App) Para.getDAO().read(App.id(parameter))) != null) {
            String str = (String) app.getSetting("signin_success");
            if (app.isRootApp() && StringUtils.isBlank(str)) {
                str = Config.getConfigParam("security.signin_success", "/");
            }
            if (StringUtils.contains(str, "jwt=?")) {
                str = str.replace("jwt=?", "jwt=" + SecurityUtils.generateJWToken(authenticatedUser, app).serialize());
            }
            if (!StringUtils.isBlank(str)) {
                this.redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, str);
                return;
            }
        }
        if (isRestRequest(httpServletRequest)) {
            RestUtils.returnStatusResponse(httpServletResponse, 204, "Authentication success.");
        } else {
            super.onAuthenticationSuccess(httpServletRequest, httpServletResponse, authentication);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.springframework.security.web.authentication.AbstractAuthenticationTargetUrlRequestHandler
    public String determineTargetUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String stateParam = HttpUtils.getStateParam(Config.RETURNTO_COOKIE, httpServletRequest);
        if (stateParam == null) {
            return super.determineTargetUrl(httpServletRequest, httpServletResponse);
        }
        String base64dec = Utils.base64dec(stateParam);
        HttpUtils.removeStateParam(Config.RETURNTO_COOKIE, httpServletRequest, httpServletResponse);
        return base64dec;
    }

    protected boolean isRestRequest(HttpServletRequest httpServletRequest) {
        return RestRequestMatcher.INSTANCE.matches(httpServletRequest) || AjaxRequestMatcher.INSTANCE.matches(httpServletRequest);
    }
}
