package net.solarnetwork.web.security;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.StringReader;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Enumeration;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import javax.servlet.AsyncContext;
import javax.servlet.DispatcherType;
import javax.servlet.ReadListener;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpUpgradeHandler;
import javax.servlet.http.Part;
import net.solarnetwork.util.IteratorEnumeration;
import net.solarnetwork.web.support.RequestInfoHandshakeInterceptor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.messaging.Message;
import org.springframework.messaging.MessageChannel;
import org.springframework.messaging.simp.SimpMessageHeaderAccessor;
import org.springframework.messaging.simp.stomp.StompCommand;
import org.springframework.messaging.simp.stomp.StompHeaderAccessor;
import org.springframework.messaging.support.ChannelInterceptorAdapter;
import org.springframework.messaging.support.MessageHeaderAccessor;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;

/* loaded from: input_file:net/solarnetwork/web/security/AuthenticationDataTokenChannelInterceptor.class */
public class AuthenticationDataTokenChannelInterceptor extends ChannelInterceptorAdapter {
    private final UserDetailsService userDetailsService;
    private final Logger log = LoggerFactory.getLogger(getClass());
    private long maxDateSkew = TimeUnit.MINUTES.toMillis(15);
    private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource = new WebAuthenticationDetailsSource();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:net/solarnetwork/web/security/AuthenticationDataTokenChannelInterceptor$MessageHttpServletRequestAdapter.class */
    public static final class MessageHttpServletRequestAdapter implements HttpServletRequest {
        private final HttpMethod requestMethod;
        private final URI requestUri;
        private final HttpHeaders requestHeaders;
        private final HttpHeaders nativeHeaders = new HttpHeaders();

        public MessageHttpServletRequestAdapter(SimpMessageHeaderAccessor simpMessageHeaderAccessor) {
            this.requestMethod = (HttpMethod) getSessionAttribute(simpMessageHeaderAccessor, RequestInfoHandshakeInterceptor.REQUEST_URI_ATTR, HttpMethod.class);
            this.requestUri = (URI) getSessionAttribute(simpMessageHeaderAccessor, RequestInfoHandshakeInterceptor.REQUEST_URI_ATTR, URI.class);
            this.requestHeaders = (HttpHeaders) getSessionAttribute(simpMessageHeaderAccessor, RequestInfoHandshakeInterceptor.REQUEST_HEADERS, HttpHeaders.class);
            this.nativeHeaders.putAll(simpMessageHeaderAccessor.toNativeHeaderMap());
        }

        private <T> T getSessionAttribute(SimpMessageHeaderAccessor simpMessageHeaderAccessor, String str, Class<T> cls) {
            Map sessionAttributes = simpMessageHeaderAccessor.getSessionAttributes();
            if (sessionAttributes == null) {
                return null;
            }
            T t = (T) sessionAttributes.get(str);
            if (cls == null || cls.isInstance(t)) {
                return t;
            }
            return null;
        }

        public Object getAttribute(String str) {
            return null;
        }

        public Enumeration<String> getAttributeNames() {
            return null;
        }

        public String getCharacterEncoding() {
            return null;
        }

        public void setCharacterEncoding(String str) throws UnsupportedEncodingException {
        }

        public int getContentLength() {
            return 0;
        }

        public long getContentLengthLong() {
            return 0L;
        }

        public String getContentType() {
            return null;
        }

        public ServletInputStream getInputStream() throws IOException {
            return new ServletInputStream() { // from class: net.solarnetwork.web.security.AuthenticationDataTokenChannelInterceptor.MessageHttpServletRequestAdapter.1
                public int read() throws IOException {
                    return -1;
                }

                public void setReadListener(ReadListener readListener) {
                }

                public boolean isReady() {
                    return true;
                }

                public boolean isFinished() {
                    return true;
                }
            };
        }

        public String getParameter(String str) {
            return null;
        }

        public Enumeration<String> getParameterNames() {
            return new IteratorEnumeration(Collections.emptyIterator());
        }

        public String[] getParameterValues(String str) {
            return null;
        }

        public Map<String, String[]> getParameterMap() {
            return Collections.emptyMap();
        }

        public String getProtocol() {
            return null;
        }

        public String getScheme() {
            return this.requestUri != null ? this.requestUri.getScheme() : "http";
        }

        public String getServerName() {
            if (this.requestUri != null) {
                return this.requestUri.getHost();
            }
            return null;
        }

        public int getServerPort() {
            int port = this.requestUri != null ? this.requestUri.getPort() : -1;
            if (port < 1) {
                port = "https".equals(this.requestUri.getScheme()) ? 443 : 80;
            }
            return port;
        }

        public BufferedReader getReader() throws IOException {
            return new BufferedReader(new StringReader(""));
        }

        public String getRemoteAddr() {
            return null;
        }

        public String getRemoteHost() {
            return null;
        }

        public void setAttribute(String str, Object obj) {
        }

        public void removeAttribute(String str) {
        }

        public Locale getLocale() {
            return null;
        }

        public Enumeration<Locale> getLocales() {
            return null;
        }

        public boolean isSecure() {
            return false;
        }

        public RequestDispatcher getRequestDispatcher(String str) {
            return null;
        }

        public String getRealPath(String str) {
            return null;
        }

        public int getRemotePort() {
            return 0;
        }

        public String getLocalName() {
            return null;
        }

        public String getLocalAddr() {
            return null;
        }

        public int getLocalPort() {
            return 0;
        }

        public ServletContext getServletContext() {
            return null;
        }

        public AsyncContext startAsync() throws IllegalStateException {
            return null;
        }

        public AsyncContext startAsync(ServletRequest servletRequest, ServletResponse servletResponse) throws IllegalStateException {
            return null;
        }

        public boolean isAsyncStarted() {
            return false;
        }

        public boolean isAsyncSupported() {
            return false;
        }

        public AsyncContext getAsyncContext() {
            return null;
        }

        public DispatcherType getDispatcherType() {
            return null;
        }

        public String getAuthType() {
            return null;
        }

        public Cookie[] getCookies() {
            return null;
        }

        public long getDateHeader(String str) {
            long firstDate = this.nativeHeaders.getFirstDate(str);
            if (firstDate < 0 && this.requestHeaders != null) {
                firstDate = this.requestHeaders.getFirstDate(str);
            }
            return firstDate;
        }

        public String getHeader(String str) {
            String first = this.nativeHeaders.getFirst(str);
            if (first == null && this.requestHeaders != null) {
                first = this.requestHeaders.getFirst(str);
            }
            return first;
        }

        public Enumeration<String> getHeaders(String str) {
            List list = this.nativeHeaders.get(str);
            if (this.requestHeaders != null) {
                if (list == null) {
                    list = this.requestHeaders.get(str);
                } else {
                    List list2 = this.requestHeaders.get(str);
                    if (list2 != null) {
                        list = new ArrayList(list);
                        list.addAll(list2);
                    }
                }
            }
            return new IteratorEnumeration(list != null ? list.iterator() : Collections.emptyIterator());
        }

        public Enumeration<String> getHeaderNames() {
            Set keySet = this.nativeHeaders.keySet();
            if (this.requestHeaders != null) {
                keySet = new LinkedHashSet(keySet);
                keySet.addAll(this.requestHeaders.keySet());
            }
            return new IteratorEnumeration(keySet != null ? keySet.iterator() : Collections.emptyIterator());
        }

        public int getIntHeader(String str) {
            String header = getHeader(str);
            if (header != null) {
                return Integer.parseInt(header);
            }
            return -1;
        }

        public String getMethod() {
            return this.requestMethod == null ? HttpMethod.GET.toString() : this.requestMethod.toString();
        }

        public String getPathInfo() {
            return null;
        }

        public String getPathTranslated() {
            return null;
        }

        public String getContextPath() {
            return null;
        }

        public String getQueryString() {
            return null;
        }

        public String getRemoteUser() {
            return null;
        }

        public boolean isUserInRole(String str) {
            return false;
        }

        public Principal getUserPrincipal() {
            return null;
        }

        public String getRequestedSessionId() {
            return null;
        }

        public String getRequestURI() {
            return this.requestUri != null ? this.requestUri.getRawPath() : "/";
        }

        public StringBuffer getRequestURL() {
            return null;
        }

        public String getServletPath() {
            return "";
        }

        public HttpSession getSession(boolean z) {
            return null;
        }

        public HttpSession getSession() {
            return null;
        }

        public String changeSessionId() {
            return null;
        }

        public boolean isRequestedSessionIdValid() {
            return false;
        }

        public boolean isRequestedSessionIdFromCookie() {
            return false;
        }

        public boolean isRequestedSessionIdFromURL() {
            return false;
        }

        public boolean isRequestedSessionIdFromUrl() {
            return false;
        }

        public boolean authenticate(HttpServletResponse httpServletResponse) throws IOException, ServletException {
            return false;
        }

        public void login(String str, String str2) throws ServletException {
        }

        public void logout() throws ServletException {
        }

        public Collection<Part> getParts() throws IOException, ServletException {
            return null;
        }

        public Part getPart(String str) throws IOException, ServletException {
            return null;
        }

        public <T extends HttpUpgradeHandler> T upgrade(Class<T> cls) throws IOException, ServletException {
            return null;
        }
    }

    public AuthenticationDataTokenChannelInterceptor(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }

    public void setMaxDateSkew(long j) {
        this.maxDateSkew = j;
    }

    public Message<?> preSend(Message<?> message, MessageChannel messageChannel) {
        Authentication authenticateUser;
        StompHeaderAccessor accessor = MessageHeaderAccessor.getAccessor(message, StompHeaderAccessor.class);
        if (StompCommand.CONNECT.equals(accessor.getCommand()) && (authenticateUser = authenticateUser(accessor)) != null) {
            accessor.setUser(authenticateUser);
        }
        return message;
    }

    private Authentication authenticateUser(SimpMessageHeaderAccessor simpMessageHeaderAccessor) {
        MessageHttpServletRequestAdapter messageHttpServletRequestAdapter = new MessageHttpServletRequestAdapter(simpMessageHeaderAccessor);
        Authentication authentication = null;
        try {
            AuthenticationData authenticationDataForAuthorizationHeader = AuthenticationDataFactory.authenticationDataForAuthorizationHeader(new SecurityHttpServletRequestWrapper(messageHttpServletRequestAdapter, SecurityHttpServletRequestWrapper.DEFAULT_MINIMUM_SPOOL_LENGTH));
            if (authenticationDataForAuthorizationHeader != null) {
                UserDetails loadUserByUsername = this.userDetailsService.loadUserByUsername(authenticationDataForAuthorizationHeader.getAuthTokenId());
                String computeSignatureDigest = authenticationDataForAuthorizationHeader.computeSignatureDigest(loadUserByUsername.getPassword());
                if (!computeSignatureDigest.equals(authenticationDataForAuthorizationHeader.getSignatureDigest())) {
                    this.log.debug("Expected digest: '{}' but received: '{}'", computeSignatureDigest, authenticationDataForAuthorizationHeader.getSignatureDigest());
                    throw new BadCredentialsException("Bad signature digest");
                }
                if (!authenticationDataForAuthorizationHeader.isDateValid(this.maxDateSkew)) {
                    this.log.debug("Request date '{}' diff too large: {}", authenticationDataForAuthorizationHeader.getDate(), Long.valueOf(authenticationDataForAuthorizationHeader.getDateSkew()));
                    throw new BadCredentialsException("Request date skew too large");
                }
                authentication = createSuccessfulAuthentication(messageHttpServletRequestAdapter, loadUserByUsername);
                this.log.debug("Authentication success for user: '{}'", loadUserByUsername.getUsername());
            } else {
                this.log.trace("Missing Authorization header or unsupported scheme");
            }
            return authentication;
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private Authentication createSuccessfulAuthentication(HttpServletRequest httpServletRequest, UserDetails userDetails) {
        PreAuthenticatedAuthenticationToken preAuthenticatedAuthenticationToken = new PreAuthenticatedAuthenticationToken(userDetails, (Object) null, userDetails.getAuthorities());
        preAuthenticatedAuthenticationToken.eraseCredentials();
        preAuthenticatedAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
        return preAuthenticatedAuthenticationToken;
    }

    public boolean preReceive(MessageChannel messageChannel) {
        return super.preReceive(messageChannel);
    }
}
