package org.apache.ranger.security.web.authentication;

import com.google.common.net.HttpHeaders;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.hadoop.hdfs.web.resources.TokenServiceParam;
import org.apache.log4j.Logger;
import org.apache.ranger.biz.SessionMgr;
import org.apache.ranger.common.JSONUtil;
import org.apache.ranger.common.PropertiesUtil;
import org.apache.ranger.common.RangerConfigUtil;
import org.apache.ranger.security.web.filter.RangerSSOAuthenticationFilter;
import org.apache.ranger.view.VXResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;

/* loaded from: input_file:WEB-INF/classes/org/apache/ranger/security/web/authentication/RangerAuthenticationEntryPoint.class */
public class RangerAuthenticationEntryPoint extends LoginUrlAuthenticationEntryPoint {
    public static final int SC_AUTHENTICATION_TIMEOUT = 419;
    private static final Logger logger = Logger.getLogger(RangerAuthenticationEntryPoint.class);
    static int ajaxReturnCode = -1;

    @Autowired
    RangerConfigUtil configUtil;

    @Autowired
    JSONUtil jsonUtil;

    @Autowired
    SessionMgr sessionMgr;

    public RangerAuthenticationEntryPoint() {
        if (logger.isDebugEnabled()) {
            logger.debug("AjaxAwareAuthenticationEntryPoint(): constructor");
        }
        if (ajaxReturnCode < 0) {
            ajaxReturnCode = PropertiesUtil.getIntProperty("ranger.ajax.auth.required.code", 401).intValue();
        }
    }

    @Override // org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint, org.springframework.security.web.AuthenticationEntryPoint
    public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        String header = httpServletRequest.getHeader(HttpHeaders.X_REQUESTED_WITH);
        httpServletResponse.setHeader("X-Frame-Options", "DENY");
        if (logger.isDebugEnabled()) {
            logger.debug("commence() X-Requested-With=" + header);
        }
        String stringBuffer = httpServletRequest.getRequestURL() != null ? httpServletRequest.getRequestURL().toString() : "";
        String str = this.configUtil.getWebAppRootURL() + "/" + PropertiesUtil.getProperty("ranger.servlet.mapping.url.pattern", TokenServiceParam.NAME);
        if ("XMLHttpRequest".equals(header)) {
            try {
                VXResponse vXResponse = new VXResponse();
                vXResponse.setStatusCode(419);
                vXResponse.setMsgDesc("Session Timeout");
                httpServletResponse.setStatus(419);
                httpServletResponse.getWriter().write(this.jsonUtil.writeObjectAsString(vXResponse));
                return;
            } catch (IOException e) {
                logger.info("Error while writing JSON in HttpServletResponse");
                return;
            }
        }
        try {
            VXResponse vXResponse2 = new VXResponse();
            vXResponse2.setStatusCode(401);
            vXResponse2.setMsgDesc("Authentication Failed");
            httpServletResponse.setStatus(401);
            httpServletResponse.getWriter().write(this.jsonUtil.writeObjectAsString(vXResponse2));
        } catch (IOException e2) {
            logger.info("Error while writing JSON in HttpServletResponse");
        }
        if (header != null && "XMLHttpRequest".equalsIgnoreCase(header)) {
            if (logger.isDebugEnabled()) {
                logger.debug("commence() AJAX request. Authentication required. Returning " + ajaxReturnCode + ". URL=" + httpServletRequest.getRequestURI());
            }
            httpServletResponse.sendError(ajaxReturnCode, "");
        } else {
            if (stringBuffer.startsWith(str)) {
                return;
            }
            if (stringBuffer.contains(RangerSSOAuthenticationFilter.LOCAL_LOGIN_URL) && httpServletRequest.getSession() != null) {
                httpServletRequest.getSession().setAttribute(RangerSSOAuthenticationFilter.LOCAL_LOGIN_URL, "true");
                httpServletRequest.getServletContext().setAttribute(httpServletRequest.getSession().getId(), RangerSSOAuthenticationFilter.LOCAL_LOGIN_URL);
            }
            super.commence(httpServletRequest, httpServletResponse, authenticationException);
        }
    }
}
