package org.juiser.spring.security.web.authentication;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.juiser.spring.security.authentication.HeaderAuthenticationToken;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:org/juiser/spring/security/web/authentication/HeaderAuthenticationFilter.class */
public class HeaderAuthenticationFilter extends GenericFilterBean {
    private static final Logger log = LoggerFactory.getLogger(HeaderAuthenticationFilter.class);
    private final String headerName;
    private final AuthenticationManager authenticationManager;
    private final RequestMatcher requiresAuthenticationRequestMatcher;

    public HeaderAuthenticationFilter(String str, AuthenticationManager authenticationManager) {
        Assert.hasText(str, "headerName cannot be null or empty.");
        Assert.notNull("AuthenticationManager is required.");
        this.headerName = str;
        this.requiresAuthenticationRequestMatcher = new RequestHeaderRequestMatcher(str, (String) null);
        this.authenticationManager = authenticationManager;
    }

    protected String getHeaderName() {
        return this.headerName;
    }

    protected AuthenticationManager getAuthenticationManager() {
        return this.authenticationManager;
    }

    protected RequestMatcher getRequiresAuthenticationRequestMatcher() {
        return this.requiresAuthenticationRequestMatcher;
    }

    public void afterPropertiesSet() throws ServletException {
        Assert.notNull(this.authenticationManager, "authenticationManager must be specified");
    }

    protected boolean requiresAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return getRequiresAuthenticationRequestMatcher().matches(httpServletRequest);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!requiresAuthentication(httpServletRequest, httpServletResponse)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        log.debug("Request will be authenticated.");
        boolean z = true;
        Authentication authentication = null;
        try {
            authentication = attemptAuthentication(httpServletRequest, httpServletResponse);
            Assert.notNull(authentication, "authResult cannot be null.");
        } catch (AuthenticationException e) {
            z = unsuccessfulAuthentication(httpServletRequest, httpServletResponse, filterChain, e);
        } catch (InternalAuthenticationServiceException e2) {
            log.error("An internal error occurred while trying to authenticate the request header. Request will be anonymous.", e2);
            z = unsuccessfulAuthentication(httpServletRequest, httpServletResponse, filterChain, e2);
        }
        if (authentication != null) {
            z = successfulAuthentication(httpServletRequest, httpServletResponse, filterChain, authentication);
        }
        if (z) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }

    protected boolean successfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, Authentication authentication) throws IOException, ServletException {
        log.debug("Request authenticated.  Updating SecurityContextHolder to contain: {}", authentication);
        SecurityContextHolder.getContext().setAuthentication(authentication);
        return true;
    }

    protected boolean unsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, AuthenticationException authenticationException) throws IOException, ServletException {
        SecurityContextHolder.clearContext();
        if (!log.isDebugEnabled()) {
            return true;
        }
        log.debug("Authentication request failed: " + authenticationException.toString(), authenticationException);
        log.debug("Updated SecurityContextHolder to contain null Authentication");
        log.debug("Continuing filter chain with null Authentication");
        return true;
    }

    protected Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException, ServletException {
        String headerName = getHeaderName();
        String header = httpServletRequest.getHeader(headerName);
        Assert.hasText(header, "Missing expected request header value.");
        return getAuthenticationManager().authenticate(new HeaderAuthenticationToken(headerName, header));
    }
}
