package ee.bitweb.springframework.security.estonianid.filter;

import ee.bitweb.springframework.security.estonianid.SmartIdAuthenticationException;
import ee.bitweb.springframework.security.estonianid.SmartIdAuthenticationPendingException;
import ee.bitweb.springframework.security.estonianid.authentication.SmartIdAuthenticationHandler;
import ee.bitweb.springframework.security.estonianid.authentication.SmartIdAuthenticationSession;
import ee.bitweb.springframework.security.estonianid.authentication.SmartIdAuthenticationToken;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.ApplicationEventPublisherAware;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.util.Assert;
import org.springframework.util.ObjectUtils;
import org.springframework.web.filter.GenericFilterBean;
import org.springframework.web.servlet.LocaleResolver;
import org.springframework.web.servlet.i18n.CookieLocaleResolver;

/* loaded from: input_file:ee/bitweb/springframework/security/estonianid/filter/SmartIdAuthenticationFilter.class */
public class SmartIdAuthenticationFilter extends GenericFilterBean implements ApplicationEventPublisherAware {
    private AuthenticationManager authenticationManager;
    private ApplicationEventPublisher applicationEventPublisher;
    private Map<String, SmartIdAuthenticationSession.CountryCode> localeToCountryMap;
    private String filterProcessesUrl = "/j_spring_sid_security_check";
    private AuthenticationSuccessHandler authenticationSuccessHandler = new SmartIdAuthenticationHandler();
    private AuthenticationFailureHandler authenticationFailureHandler = new SmartIdAuthenticationHandler();
    private LocaleResolver localeResolver = new CookieLocaleResolver();
    private SmartIdAuthenticationSession.CountryCode defaultCountryCode = SmartIdAuthenticationSession.CountryCode.EE;

    public void afterPropertiesSet() throws ServletException {
        super.afterPropertiesSet();
        Assert.notNull(this.authenticationManager, "authenticationManager must be specified");
        Assert.notNull(this.applicationEventPublisher, "applicationEventPublisher must be specified");
        if (ObjectUtils.isEmpty(this.localeToCountryMap)) {
            this.localeToCountryMap = new HashMap();
            this.localeToCountryMap.put("et_EE", SmartIdAuthenticationSession.CountryCode.EE);
            this.localeToCountryMap.put("lt_LT", SmartIdAuthenticationSession.CountryCode.LT);
            this.localeToCountryMap.put("lv_LV", SmartIdAuthenticationSession.CountryCode.LV);
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!httpServletRequest.getRequestURI().contains(this.filterProcessesUrl)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        this.logger.debug("Request requires Smart-ID authentication");
        try {
            Authentication attemptAuthentication = attemptAuthentication(httpServletRequest, (SmartIdAuthenticationToken) SecurityContextHolder.getContext().getAuthentication());
            if (ObjectUtils.isEmpty(attemptAuthentication)) {
                return;
            }
            successfulAuthentication(httpServletRequest, httpServletResponse, attemptAuthentication);
        } catch (SmartIdAuthenticationPendingException e) {
            insufficientAuthentication(httpServletRequest, httpServletResponse, e);
        } catch (AuthenticationException e2) {
            unsuccessfulAuthentication(httpServletRequest, httpServletResponse, e2);
        }
    }

    private Authentication attemptAuthentication(HttpServletRequest httpServletRequest, SmartIdAuthenticationToken smartIdAuthenticationToken) throws AuthenticationException {
        this.logger.debug("Attempting Smart-ID authentication");
        String obtainUserIdCode = obtainUserIdCode(httpServletRequest);
        if (obtainUserIdCode != null) {
            obtainUserIdCode = obtainUserIdCode.trim();
        }
        SmartIdAuthenticationSession.CountryCode obtainCountryCode = obtainCountryCode(httpServletRequest);
        if (obtainCountryCode == null) {
            obtainCountryCode = this.defaultCountryCode;
            Locale resolveLocale = this.localeResolver.resolveLocale(httpServletRequest);
            if (!ObjectUtils.isEmpty(resolveLocale) && this.localeToCountryMap.containsKey(resolveLocale.toString())) {
                obtainCountryCode = this.localeToCountryMap.get(resolveLocale.toString());
            }
        }
        if (smartIdAuthenticationToken == null) {
            smartIdAuthenticationToken = new SmartIdAuthenticationToken(obtainUserIdCode, obtainCountryCode);
        } else if (!smartIdAuthenticationToken.getUserIdCode().equals(obtainUserIdCode)) {
            smartIdAuthenticationToken = new SmartIdAuthenticationToken(obtainUserIdCode, obtainCountryCode);
        }
        return this.authenticationManager.authenticate(smartIdAuthenticationToken);
    }

    private void successfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
        SecurityContextHolder.getContext().setAuthentication(authentication);
        this.applicationEventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authentication, getClass()));
        this.authenticationSuccessHandler.onAuthenticationSuccess(httpServletRequest, httpServletResponse, authentication);
    }

    private void insufficientAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SmartIdAuthenticationException smartIdAuthenticationException) throws IOException, ServletException {
        SecurityContextHolder.getContext().setAuthentication(smartIdAuthenticationException.getToken());
        this.authenticationFailureHandler.onAuthenticationFailure(httpServletRequest, httpServletResponse, smartIdAuthenticationException);
    }

    private void unsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        SecurityContextHolder.clearContext();
        this.authenticationFailureHandler.onAuthenticationFailure(httpServletRequest, httpServletResponse, authenticationException);
    }

    private String obtainUserIdCode(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("userIdCode");
        if (parameter == null) {
            return null;
        }
        try {
            return URLDecoder.decode(parameter, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            this.logger.error(e);
            return null;
        }
    }

    private SmartIdAuthenticationSession.CountryCode obtainCountryCode(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("countryCode");
        if (parameter != null) {
            return SmartIdAuthenticationSession.CountryCode.valueOf(parameter);
        }
        return null;
    }

    public String getFilterProcessesUrl() {
        return this.filterProcessesUrl;
    }

    public void setFilterProcessesUrl(String str) {
        this.filterProcessesUrl = str;
    }

    public AuthenticationManager getAuthenticationManager() {
        return this.authenticationManager;
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    public ApplicationEventPublisher getApplicationEventPublisher() {
        return this.applicationEventPublisher;
    }

    public void setApplicationEventPublisher(ApplicationEventPublisher applicationEventPublisher) {
        this.applicationEventPublisher = applicationEventPublisher;
    }

    public AuthenticationSuccessHandler getAuthenticationSuccessHandler() {
        return this.authenticationSuccessHandler;
    }

    public void setAuthenticationSuccessHandler(AuthenticationSuccessHandler authenticationSuccessHandler) {
        this.authenticationSuccessHandler = authenticationSuccessHandler;
    }

    public AuthenticationFailureHandler getAuthenticationFailureHandler() {
        return this.authenticationFailureHandler;
    }

    public void setAuthenticationFailureHandler(AuthenticationFailureHandler authenticationFailureHandler) {
        this.authenticationFailureHandler = authenticationFailureHandler;
    }

    public Object getLocaleResolver() {
        return this.localeResolver;
    }

    public void setLocaleResolver(LocaleResolver localeResolver) {
        this.localeResolver = localeResolver;
    }

    public SmartIdAuthenticationSession.CountryCode getDefaultCountryCode() {
        return this.defaultCountryCode;
    }

    public void setDefaultCountryCode(SmartIdAuthenticationSession.CountryCode countryCode) {
        this.defaultCountryCode = countryCode;
    }

    public Map<String, SmartIdAuthenticationSession.CountryCode> getLocaleToCountryMap() {
        return this.localeToCountryMap;
    }

    public void setLocaleToCountryMap(Map<String, SmartIdAuthenticationSession.CountryCode> map) {
        this.localeToCountryMap = map;
    }
}
