package org.dspace.app.rest.security;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.dspace.app.rest.utils.ContextUtil;
import org.dspace.core.Context;
import org.dspace.eperson.EPerson;
import org.dspace.services.RequestService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

/* loaded from: input_file:org/dspace/app/rest/security/StatelessAuthenticationFilter.class */
public class StatelessAuthenticationFilter extends BasicAuthenticationFilter {
    private static final Logger log = LoggerFactory.getLogger(StatelessAuthenticationFilter.class);
    private RestAuthenticationService restAuthenticationService;
    private EPersonRestAuthenticationProvider authenticationProvider;
    private RequestService requestService;

    public StatelessAuthenticationFilter(AuthenticationManager authenticationManager, RestAuthenticationService restAuthenticationService, EPersonRestAuthenticationProvider ePersonRestAuthenticationProvider, RequestService requestService) {
        super(authenticationManager);
        this.requestService = requestService;
        this.restAuthenticationService = restAuthenticationService;
        this.authenticationProvider = ePersonRestAuthenticationProvider;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        Authentication authentication = getAuthentication(httpServletRequest);
        if (authentication != null) {
            SecurityContextHolder.getContext().setAuthentication(authentication);
            this.restAuthenticationService.invalidateAuthenticationCookie(httpServletResponse);
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private Authentication getAuthentication(HttpServletRequest httpServletRequest) {
        Context obtainContext;
        EPerson authenticatedEPerson;
        if (!this.restAuthenticationService.hasAuthenticationData(httpServletRequest) || (authenticatedEPerson = this.restAuthenticationService.getAuthenticatedEPerson(httpServletRequest, (obtainContext = ContextUtil.obtainContext(httpServletRequest)))) == null) {
            return null;
        }
        this.requestService.setCurrentUserId(authenticatedEPerson.getID());
        return new DSpaceAuthentication(authenticatedEPerson.getEmail(), this.authenticationProvider.getGrantedAuthorities(obtainContext, authenticatedEPerson));
    }
}
