package uk.ac.ceh.components.userstore.springsecurity;

import java.beans.ConstructorProperties;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import jcifs.util.Base64;
import org.ntlmv2.liferay.NtlmLogonException;
import org.ntlmv2.liferay.NtlmManager;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.NullRememberMeServices;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
import uk.ac.ceh.components.userstore.springsecurity.AbstractSpnegoAuthenticationFilter;

/* loaded from: input_file:uk/ac/ceh/components/userstore/springsecurity/NtlmAuthenticationFilter.class */
public class NtlmAuthenticationFilter extends AbstractSpnegoAuthenticationFilter {
    private final AuthenticationManager authenticationManager;
    private final NtlmManager ntlmManager;
    private RememberMeServices rememberMeServices = new NullRememberMeServices();
    private SecureRandom secureRandom = new SecureRandom();
    private String challengeAttribute = "NTLM_SERVER_CHALLENGE";

    @Override // uk.ac.ceh.components.userstore.springsecurity.AbstractSpnegoAuthenticationFilter
    protected boolean isAuthenticatable(AbstractSpnegoAuthenticationFilter.Authorization authorization) {
        String mechanism = authorization.getMechanism();
        return mechanism.equals("NTLM") || mechanism.equals("Negotiate");
    }

    @Override // uk.ac.ceh.components.userstore.springsecurity.AbstractSpnegoAuthenticationFilter
    protected void doAuthentication(AbstractSpnegoAuthenticationFilter.Authorization authorization, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (!authorization.isNtlmSSP()) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        byte[] token = authorization.getToken();
        if (token[8] == 1) {
            byte[] bArr = new byte[8];
            this.secureRandom.nextBytes(bArr);
            httpServletRequest.getSession().setAttribute(this.challengeAttribute, bArr);
            httpServletResponse.addHeader("WWW-Authenticate", authorization.getMechanism() + " " + Base64.encode(this.ntlmManager.negotiate(token, bArr)));
            httpServletResponse.setStatus(401);
            httpServletResponse.setContentLength(0);
            httpServletResponse.flushBuffer();
            return;
        }
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        try {
            Authentication authenticate = this.authenticationManager.authenticate(createToken(authorization.getToken(), session));
            SecurityContextHolder.getContext().setAuthentication(authenticate);
            this.rememberMeServices.loginSuccess(httpServletRequest, httpServletResponse, authenticate);
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } catch (AuthenticationException e) {
            getEntryPoint().commence(httpServletRequest, httpServletResponse, e);
        }
    }

    private PreAuthenticatedAuthenticationToken createToken(byte[] bArr, HttpSession httpSession) throws IOException, ServletException {
        try {
            if (httpSession.getAttribute(this.challengeAttribute) == null) {
                throw new BadCredentialsException("Recieved a Type 3 message before a Type 1");
            }
            try {
                try {
                    PreAuthenticatedAuthenticationToken preAuthenticatedAuthenticationToken = new PreAuthenticatedAuthenticationToken(this.ntlmManager.authenticate(bArr, (byte[]) httpSession.getAttribute(this.challengeAttribute)).getUserName(), bArr);
                    httpSession.removeAttribute(this.challengeAttribute);
                    return preAuthenticatedAuthenticationToken;
                } catch (NoSuchAlgorithmException e) {
                    throw new ServletException("The auth service is not set up correctly", e);
                }
            } catch (NtlmLogonException e2) {
                throw new BadCredentialsException("The provided credentials are incorrect", e2);
            }
        } catch (Throwable th) {
            httpSession.removeAttribute(this.challengeAttribute);
            throw th;
        }
    }

    @ConstructorProperties({"authenticationManager", "ntlmManager"})
    public NtlmAuthenticationFilter(AuthenticationManager authenticationManager, NtlmManager ntlmManager) {
        this.authenticationManager = authenticationManager;
        this.ntlmManager = ntlmManager;
    }

    public AuthenticationManager getAuthenticationManager() {
        return this.authenticationManager;
    }

    public NtlmManager getNtlmManager() {
        return this.ntlmManager;
    }

    public RememberMeServices getRememberMeServices() {
        return this.rememberMeServices;
    }

    public SecureRandom getSecureRandom() {
        return this.secureRandom;
    }

    public String getChallengeAttribute() {
        return this.challengeAttribute;
    }

    public void setRememberMeServices(RememberMeServices rememberMeServices) {
        this.rememberMeServices = rememberMeServices;
    }

    public void setSecureRandom(SecureRandom secureRandom) {
        this.secureRandom = secureRandom;
    }

    public void setChallengeAttribute(String str) {
        this.challengeAttribute = str;
    }

    @Override // uk.ac.ceh.components.userstore.springsecurity.AbstractSpnegoAuthenticationFilter
    public String toString() {
        return "NtlmAuthenticationFilter(authenticationManager=" + getAuthenticationManager() + ", ntlmManager=" + getNtlmManager() + ", rememberMeServices=" + getRememberMeServices() + ", secureRandom=" + getSecureRandom() + ", challengeAttribute=" + getChallengeAttribute() + ")";
    }

    @Override // uk.ac.ceh.components.userstore.springsecurity.AbstractSpnegoAuthenticationFilter
    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof NtlmAuthenticationFilter)) {
            return false;
        }
        NtlmAuthenticationFilter ntlmAuthenticationFilter = (NtlmAuthenticationFilter) obj;
        if (!ntlmAuthenticationFilter.canEqual(this) || !super.equals(obj)) {
            return false;
        }
        AuthenticationManager authenticationManager = getAuthenticationManager();
        AuthenticationManager authenticationManager2 = ntlmAuthenticationFilter.getAuthenticationManager();
        if (authenticationManager == null) {
            if (authenticationManager2 != null) {
                return false;
            }
        } else if (!authenticationManager.equals(authenticationManager2)) {
            return false;
        }
        NtlmManager ntlmManager = getNtlmManager();
        NtlmManager ntlmManager2 = ntlmAuthenticationFilter.getNtlmManager();
        if (ntlmManager == null) {
            if (ntlmManager2 != null) {
                return false;
            }
        } else if (!ntlmManager.equals(ntlmManager2)) {
            return false;
        }
        RememberMeServices rememberMeServices = getRememberMeServices();
        RememberMeServices rememberMeServices2 = ntlmAuthenticationFilter.getRememberMeServices();
        if (rememberMeServices == null) {
            if (rememberMeServices2 != null) {
                return false;
            }
        } else if (!rememberMeServices.equals(rememberMeServices2)) {
            return false;
        }
        SecureRandom secureRandom = getSecureRandom();
        SecureRandom secureRandom2 = ntlmAuthenticationFilter.getSecureRandom();
        if (secureRandom == null) {
            if (secureRandom2 != null) {
                return false;
            }
        } else if (!secureRandom.equals(secureRandom2)) {
            return false;
        }
        String challengeAttribute = getChallengeAttribute();
        String challengeAttribute2 = ntlmAuthenticationFilter.getChallengeAttribute();
        return challengeAttribute == null ? challengeAttribute2 == null : challengeAttribute.equals(challengeAttribute2);
    }

    @Override // uk.ac.ceh.components.userstore.springsecurity.AbstractSpnegoAuthenticationFilter
    protected boolean canEqual(Object obj) {
        return obj instanceof NtlmAuthenticationFilter;
    }

    @Override // uk.ac.ceh.components.userstore.springsecurity.AbstractSpnegoAuthenticationFilter
    public int hashCode() {
        int hashCode = (1 * 59) + super.hashCode();
        AuthenticationManager authenticationManager = getAuthenticationManager();
        int hashCode2 = (hashCode * 59) + (authenticationManager == null ? 0 : authenticationManager.hashCode());
        NtlmManager ntlmManager = getNtlmManager();
        int hashCode3 = (hashCode2 * 59) + (ntlmManager == null ? 0 : ntlmManager.hashCode());
        RememberMeServices rememberMeServices = getRememberMeServices();
        int hashCode4 = (hashCode3 * 59) + (rememberMeServices == null ? 0 : rememberMeServices.hashCode());
        SecureRandom secureRandom = getSecureRandom();
        int hashCode5 = (hashCode4 * 59) + (secureRandom == null ? 0 : secureRandom.hashCode());
        String challengeAttribute = getChallengeAttribute();
        return (hashCode5 * 59) + (challengeAttribute == null ? 0 : challengeAttribute.hashCode());
    }
}
