package uk.ac.ceh.components.userstore.springsecurity;

import java.beans.ConstructorProperties;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.Arrays;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.codec.Base64;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.util.matcher.AnyRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:uk/ac/ceh/components/userstore/springsecurity/AbstractSpnegoAuthenticationFilter.class */
public abstract class AbstractSpnegoAuthenticationFilter extends OncePerRequestFilter {
    private AuthenticationEntryPoint entryPoint = new NegotiateAuthenticationEntryPoint();
    private RequestMatcher requestMatcher = AnyRequestMatcher.INSTANCE;
    private boolean skipIfAlreadyAuthenticated = true;
    private boolean autoLogin = true;

    /* loaded from: input_file:uk/ac/ceh/components/userstore/springsecurity/AbstractSpnegoAuthenticationFilter$Authorization.class */
    public static class Authorization {
        private final String mechanism;
        private final byte[] token;

        public boolean isNtlmSSP() {
            return this.token.length > 6 && this.token[0] == 78 && this.token[1] == 84 && this.token[2] == 76 && this.token[3] == 77 && this.token[4] == 83 && this.token[5] == 83 && this.token[6] == 80;
        }

        @ConstructorProperties({"mechanism", "token"})
        public Authorization(String str, byte[] bArr) {
            this.mechanism = str;
            this.token = bArr;
        }

        public String getMechanism() {
            return this.mechanism;
        }

        public byte[] getToken() {
            return this.token;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof Authorization)) {
                return false;
            }
            Authorization authorization = (Authorization) obj;
            if (!authorization.canEqual(this)) {
                return false;
            }
            String mechanism = getMechanism();
            String mechanism2 = authorization.getMechanism();
            if (mechanism == null) {
                if (mechanism2 != null) {
                    return false;
                }
            } else if (!mechanism.equals(mechanism2)) {
                return false;
            }
            return Arrays.equals(getToken(), authorization.getToken());
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof Authorization;
        }

        public int hashCode() {
            String mechanism = getMechanism();
            return (((1 * 59) + (mechanism == null ? 0 : mechanism.hashCode())) * 59) + Arrays.hashCode(getToken());
        }

        public String toString() {
            return "AbstractSpnegoAuthenticationFilter.Authorization(mechanism=" + getMechanism() + ", token=" + Arrays.toString(getToken()) + ")";
        }
    }

    protected final void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        Authorization authorization = getAuthorization(httpServletRequest);
        if (authorization != null && isAuthenticatable(authorization)) {
            doAuthentication(authorization, httpServletRequest, httpServletResponse, filterChain);
        } else if (this.autoLogin) {
            this.entryPoint.commence(httpServletRequest, httpServletResponse, new AuthenticationCredentialsNotFoundException("Initiate automatic login"));
        } else {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }

    protected abstract boolean isAuthenticatable(Authorization authorization);

    protected abstract void doAuthentication(Authorization authorization, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException;

    protected boolean shouldNotFilter(HttpServletRequest httpServletRequest) throws ServletException {
        return (this.skipIfAlreadyAuthenticated && isAuthenticated()) || !this.requestMatcher.matches(httpServletRequest);
    }

    protected boolean isAuthenticated() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return authentication != null && authentication.isAuthenticated();
    }

    private Authorization getAuthorization(HttpServletRequest httpServletRequest) throws UnsupportedEncodingException {
        String[] split;
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null || (split = StringUtils.split(header, " ")) == null) {
            return null;
        }
        byte[] bytes = split[1].getBytes("UTF-8");
        if (Base64.isBase64(bytes)) {
            return new Authorization(split[0], Base64.decode(bytes));
        }
        return null;
    }

    public AuthenticationEntryPoint getEntryPoint() {
        return this.entryPoint;
    }

    public RequestMatcher getRequestMatcher() {
        return this.requestMatcher;
    }

    public boolean isSkipIfAlreadyAuthenticated() {
        return this.skipIfAlreadyAuthenticated;
    }

    public boolean isAutoLogin() {
        return this.autoLogin;
    }

    public void setEntryPoint(AuthenticationEntryPoint authenticationEntryPoint) {
        this.entryPoint = authenticationEntryPoint;
    }

    public void setRequestMatcher(RequestMatcher requestMatcher) {
        this.requestMatcher = requestMatcher;
    }

    public void setSkipIfAlreadyAuthenticated(boolean z) {
        this.skipIfAlreadyAuthenticated = z;
    }

    public void setAutoLogin(boolean z) {
        this.autoLogin = z;
    }

    public String toString() {
        return "AbstractSpnegoAuthenticationFilter(entryPoint=" + getEntryPoint() + ", requestMatcher=" + getRequestMatcher() + ", skipIfAlreadyAuthenticated=" + isSkipIfAlreadyAuthenticated() + ", autoLogin=" + isAutoLogin() + ")";
    }

    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof AbstractSpnegoAuthenticationFilter)) {
            return false;
        }
        AbstractSpnegoAuthenticationFilter abstractSpnegoAuthenticationFilter = (AbstractSpnegoAuthenticationFilter) obj;
        if (!abstractSpnegoAuthenticationFilter.canEqual(this)) {
            return false;
        }
        AuthenticationEntryPoint entryPoint = getEntryPoint();
        AuthenticationEntryPoint entryPoint2 = abstractSpnegoAuthenticationFilter.getEntryPoint();
        if (entryPoint == null) {
            if (entryPoint2 != null) {
                return false;
            }
        } else if (!entryPoint.equals(entryPoint2)) {
            return false;
        }
        RequestMatcher requestMatcher = getRequestMatcher();
        RequestMatcher requestMatcher2 = abstractSpnegoAuthenticationFilter.getRequestMatcher();
        if (requestMatcher == null) {
            if (requestMatcher2 != null) {
                return false;
            }
        } else if (!requestMatcher.equals(requestMatcher2)) {
            return false;
        }
        return isSkipIfAlreadyAuthenticated() == abstractSpnegoAuthenticationFilter.isSkipIfAlreadyAuthenticated() && isAutoLogin() == abstractSpnegoAuthenticationFilter.isAutoLogin();
    }

    protected boolean canEqual(Object obj) {
        return obj instanceof AbstractSpnegoAuthenticationFilter;
    }

    public int hashCode() {
        AuthenticationEntryPoint entryPoint = getEntryPoint();
        int hashCode = (1 * 59) + (entryPoint == null ? 0 : entryPoint.hashCode());
        RequestMatcher requestMatcher = getRequestMatcher();
        return (((((hashCode * 59) + (requestMatcher == null ? 0 : requestMatcher.hashCode())) * 59) + (isSkipIfAlreadyAuthenticated() ? 79 : 97)) * 59) + (isAutoLogin() ? 79 : 97);
    }
}
