package eu.eudml.ui.security.spring.authentication.filters;

import eu.eudml.ui.security.spring.authentication.cookie.LogoutCookieManipulator;
import eu.eudml.ui.security.spring.authentication.token.ReadOnlyModeAuthentication;
import eu.eudml.ui.security.spring.authentication.token.RememberMeCookieExtractor;
import eu.eudml.ui.security.spring.authentication.token.WebAuthentication;
import eu.eudml.ui.security.spring.service.NotificationUIService;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Required;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
import org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:WEB-INF/classes/eu/eudml/ui/security/spring/authentication/filters/ReadOnlyModeFilter.class */
public class ReadOnlyModeFilter extends GenericFilterBean {
    public static final String FILTER_APPLIED = "__readonly_filter_applied";
    private RedirectStrategy redirectStrategy;
    private NotificationUIService notificationUIService;
    private LogoutCookieManipulator logoutCookieManipulator;
    private List<String> authenticationFilterProcessesUrls;
    private RememberMeCookieExtractor rememberMeCookieExtractor;
    protected Logger logger = LoggerFactory.getLogger(ReadOnlyModeFilter.class);
    private boolean readOnlyMode = false;
    private SessionAuthenticationStrategy sessionStrategy = new SessionFixationProtectionStrategy();

    /* loaded from: input_file:WEB-INF/classes/eu/eudml/ui/security/spring/authentication/filters/ReadOnlyModeFilter$MC.class */
    private static class MC {
        public static final String DUE_ADMINISTRATIVE_REASONS_LOGIN_TEMPORARILY_NOT_POSIBLE = "msg.due.administrative.reasons.login.temporarily.not.posible";

        private MC() {
        }
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        this.logger.debug("current values: readOnlyMode: " + this.readOnlyMode + " authentication: " + authentication);
        if (!this.readOnlyMode) {
            if (authentication instanceof ReadOnlyModeAuthentication) {
                SecurityContextHolder.getContext().setAuthentication(null);
            }
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            if (!isAlreadyAuthenticated(authentication) && !userTryLogin(httpServletRequest, httpServletResponse, authentication)) {
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
            httpServletRequest.setAttribute(FILTER_APPLIED, Boolean.TRUE);
            redirect(httpServletRequest, httpServletResponse);
            this.notificationUIService.notifyUIabout(MC.DUE_ADMINISTRATIVE_REASONS_LOGIN_TEMPORARILY_NOT_POSIBLE);
        }
    }

    private void redirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        ReadOnlyModeAuthentication readOnlyModeAuthentication = new ReadOnlyModeAuthentication();
        this.sessionStrategy.onAuthentication(readOnlyModeAuthentication, httpServletRequest, httpServletResponse);
        this.logoutCookieManipulator.setLogoutCookie(httpServletResponse);
        SecurityContextHolder.getContext().setAuthentication(readOnlyModeAuthentication);
        this.redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, "/");
    }

    private boolean userTryLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        if (userTryLoginUsingRememberMeCookie(authentication, httpServletRequest)) {
            return true;
        }
        Iterator<String> it = this.authenticationFilterProcessesUrls.iterator();
        while (it.hasNext()) {
            if (userTryLogin(httpServletRequest, httpServletResponse, it.next())) {
                return true;
            }
        }
        return false;
    }

    private boolean userTryLoginUsingRememberMeCookie(Authentication authentication, HttpServletRequest httpServletRequest) {
        return authentication == null && this.rememberMeCookieExtractor.extractRememberMeCookie(httpServletRequest) != null;
    }

    private boolean userTryLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        String requestURI = httpServletRequest.getRequestURI();
        int indexOf = requestURI.indexOf(59);
        if (indexOf > 0) {
            requestURI = requestURI.substring(0, indexOf);
        }
        return "".equals(httpServletRequest.getContextPath()) ? requestURI.endsWith(str) : requestURI.endsWith(httpServletRequest.getContextPath() + str);
    }

    private boolean isAlreadyAuthenticated(Authentication authentication) {
        return authentication instanceof WebAuthentication;
    }

    @Required
    public void setReadOnlyMode(boolean z) {
        this.readOnlyMode = z;
    }

    @Required
    public void setNotificationUIService(NotificationUIService notificationUIService) {
        this.notificationUIService = notificationUIService;
    }

    @Required
    public void setLogoutCookieManipulator(LogoutCookieManipulator logoutCookieManipulator) {
        this.logoutCookieManipulator = logoutCookieManipulator;
    }

    @Required
    public void setRedirectStrategy(RedirectStrategy redirectStrategy) {
        this.redirectStrategy = redirectStrategy;
    }

    @Required
    public void setAuthenticationFilterProcessesUrls(List<String> list) {
        this.authenticationFilterProcessesUrls = list;
    }

    @Required
    public void setSessionStrategy(SessionAuthenticationStrategy sessionAuthenticationStrategy) {
        this.sessionStrategy = sessionAuthenticationStrategy;
    }

    @Required
    public void setRememberMeCookieExtractor(RememberMeCookieExtractor rememberMeCookieExtractor) {
        this.rememberMeCookieExtractor = rememberMeCookieExtractor;
    }
}
