package io.camunda.tasklist.webapp;

import io.camunda.tasklist.util.ConversionUtils;
import io.camunda.tasklist.webapp.security.TasklistProfileService;
import io.camunda.tasklist.webapp.security.TasklistURIs;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.web.servlet.error.ErrorController;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;

@Controller
/* loaded from: input_file:io/camunda/tasklist/webapp/ForwardErrorController.class */
public class ForwardErrorController implements ErrorController {
    private static final Logger LOGGER = LoggerFactory.getLogger(ForwardErrorController.class);

    @Autowired
    private TasklistProfileService profileService;

    @RequestMapping({TasklistURIs.ERROR_URL})
    public ModelAndView handleError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String str = (String) httpServletRequest.getAttribute("jakarta.servlet.forward.request_uri");
        if (str == null) {
            return forwardToRootPage();
        }
        if (this.profileService.isLoginDelegated() && !str.contains(TasklistURIs.LOGIN_RESOURCE) && isNotLoggedIn()) {
            return saveRequestAndRedirectToLogin(httpServletRequest, str);
        }
        if (!str.contains(TasklistURIs.GRAPHQL_URL)) {
            return forwardToRootPage();
        }
        ModelAndView modelAndView = new ModelAndView();
        Integer num = (Integer) httpServletRequest.getAttribute("jakarta.servlet.error.status_code");
        modelAndView.addObject("message", this.profileService.getMessageByProfileFor((Exception) httpServletRequest.getAttribute("org.springframework.boot.web.servlet.error.DefaultErrorAttributes.ERROR")));
        modelAndView.setStatus(HttpStatus.valueOf(num.intValue()));
        return modelAndView;
    }

    private ModelAndView forwardToRootPage() {
        ModelAndView modelAndView = new ModelAndView("forward:/");
        modelAndView.setStatus(HttpStatus.OK);
        return modelAndView;
    }

    private ModelAndView saveRequestAndRedirectToLogin(HttpServletRequest httpServletRequest, String str) {
        LOGGER.warn("Requested path {}, but not authenticated. Redirect to  {} ", str, TasklistURIs.LOGIN_RESOURCE);
        String queryString = httpServletRequest.getQueryString();
        if (ConversionUtils.stringIsEmpty(queryString)) {
            httpServletRequest.getSession(true).setAttribute(TasklistURIs.REQUESTED_URL, str);
        } else {
            httpServletRequest.getSession(true).setAttribute(TasklistURIs.REQUESTED_URL, str + "?" + queryString);
        }
        ModelAndView modelAndView = new ModelAndView("redirect:/api/login");
        modelAndView.setStatus(HttpStatus.FOUND);
        return modelAndView;
    }

    private boolean isNotLoggedIn() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return (authentication instanceof AnonymousAuthenticationToken) || !authentication.isAuthenticated();
    }
}
