package nl._42.boot.saml.web;

import com.onelogin.saml2.Auth;
import com.onelogin.saml2.exception.SAMLException;
import com.onelogin.saml2.settings.Saml2Settings;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import nl._42.boot.saml.user.SAMLAuthenticationProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

/* loaded from: input_file:nl/_42/boot/saml/web/SAMLProcessingFilter.class */
public class SAMLProcessingFilter extends AbstractSAMLFilter {
    private static final Logger log = LoggerFactory.getLogger(SAMLProcessingFilter.class);
    private final SAMLAuthenticationProvider authenticationProvider;
    private final AuthenticationSuccessHandler successHandler;
    private final AuthenticationFailureHandler failureHandler;

    public SAMLProcessingFilter(Saml2Settings saml2Settings, SAMLAuthenticationProvider sAMLAuthenticationProvider, AuthenticationSuccessHandler authenticationSuccessHandler, AuthenticationFailureHandler authenticationFailureHandler) {
        super(saml2Settings);
        this.authenticationProvider = sAMLAuthenticationProvider;
        this.successHandler = authenticationSuccessHandler;
        this.failureHandler = authenticationFailureHandler;
    }

    @Override // nl._42.boot.saml.web.AbstractSAMLFilter
    protected void doFilter(Auth auth, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException, SAMLException {
        try {
            auth.processResponse();
            if (auth.isAuthenticated()) {
                handleSuccess(auth, httpServletRequest, httpServletResponse);
            } else {
                handleFailure(auth, httpServletRequest, httpServletResponse);
            }
        } catch (Exception e) {
            throw new SAMLException("Could not process response", e);
        }
    }

    private void handleSuccess(Auth auth, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        Authentication authenticate = this.authenticationProvider.authenticate(auth);
        log.info("Authentication {} successful", authenticate.getName());
        SecurityContextHolder.getContext().setAuthentication(authenticate);
        this.successHandler.onAuthenticationSuccess(httpServletRequest, httpServletResponse, authenticate);
    }

    private void handleFailure(Auth auth, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        this.failureHandler.onAuthenticationFailure(httpServletRequest, httpServletResponse, new AuthenticationServiceException(String.format("Could not authenticate: (%s) %s", auth.getLastErrorReason(), String.join(", ", auth.getErrors()))));
    }
}
