package org.dspace.app.rest.security;

import java.io.IOException;
import java.util.ArrayList;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.dspace.authenticate.OrcidAuthentication;
import org.dspace.authenticate.OrcidAuthenticationBean;
import org.dspace.core.Utils;
import org.dspace.services.ConfigurationService;
import org.dspace.services.factory.DSpaceServicesFactory;
import org.dspace.utils.DSpace;
import org.dspace.web.ContextUtil;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.ProviderNotFoundException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;

/* loaded from: input_file:org/dspace/app/rest/security/OrcidLoginFilter.class */
public class OrcidLoginFilter extends StatelessLoginFilter {
    private static final Logger log = LogManager.getLogger(OrcidLoginFilter.class);
    private ConfigurationService configurationService;
    private OrcidAuthenticationBean orcidAuthentication;

    public OrcidLoginFilter(String str, AuthenticationManager authenticationManager, RestAuthenticationService restAuthenticationService) {
        super(str, authenticationManager, restAuthenticationService);
        this.configurationService = DSpaceServicesFactory.getInstance().getConfigurationService();
        this.orcidAuthentication = (OrcidAuthenticationBean) new DSpace().getServiceManager().getServiceByName("orcidAuthentication", OrcidAuthenticationBean.class);
    }

    @Override // org.dspace.app.rest.security.StatelessLoginFilter
    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
        if (OrcidAuthentication.isEnabled()) {
            return this.authenticationManager.authenticate(new DSpaceAuthentication());
        }
        throw new ProviderNotFoundException("Orcid login is disabled.");
    }

    @Override // org.dspace.app.rest.security.StatelessLoginFilter
    protected void successfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, Authentication authentication) throws IOException, ServletException {
        DSpaceAuthentication dSpaceAuthentication = (DSpaceAuthentication) authentication;
        log.debug("Orcid authentication successful for EPerson {}. Sending back temporary auth cookie", dSpaceAuthentication.getName());
        this.restAuthenticationService.addAuthenticationDataForUser(httpServletRequest, httpServletResponse, dSpaceAuthentication, true);
        redirectAfterSuccess(httpServletRequest, httpServletResponse);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.dspace.app.rest.security.StatelessLoginFilter
    public void unsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        if (this.orcidAuthentication.isUsed(ContextUtil.obtainContext(httpServletRequest), httpServletRequest)) {
            httpServletResponse.sendRedirect(this.configurationService.getProperty("dspace.ui.url") + "/error?status=401&code=orcid.generic-error");
        } else {
            super.unsuccessfulAuthentication(httpServletRequest, httpServletResponse, authenticationException);
        }
    }

    private void redirectAfterSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter("redirectUrl");
        if (StringUtils.isEmpty(parameter)) {
            parameter = this.configurationService.getProperty("dspace.ui.url");
        }
        String hostName = Utils.getHostName(parameter);
        String hostName2 = Utils.getHostName(this.configurationService.getProperty("dspace.server.url"));
        ArrayList arrayList = new ArrayList();
        arrayList.add(hostName2);
        for (String str : this.configurationService.getArrayProperty("rest.cors.allowed-origins")) {
            arrayList.add(Utils.getHostName(str));
        }
        if (StringUtils.equalsAnyIgnoreCase(hostName, (CharSequence[]) arrayList.toArray(new String[0]))) {
            log.debug("Orcid redirecting to " + parameter);
            httpServletResponse.sendRedirect(parameter);
        } else {
            log.error("Invalid Orcid redirectURL=" + parameter + ". URL doesn't match hostname of server or UI!");
            httpServletResponse.sendError(400, "Invalid redirectURL! Must match server or ui hostname.");
        }
    }
}
