package org.springframework.security.ui.openid;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationServiceException;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.openid.OpenIDAuthenticationToken;
import org.springframework.security.ui.AbstractProcessingFilter;
import org.springframework.security.ui.FilterChainOrder;
import org.springframework.security.ui.openid.consumers.OpenID4JavaConsumer;
import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/spring-security-openid-2.0.0.jar:org/springframework/security/ui/openid/OpenIDAuthenticationProcessingFilter.class */
public class OpenIDAuthenticationProcessingFilter extends AbstractProcessingFilter {
    private static final Log log;
    public static final String DEFAULT_CLAIMED_IDENTITY_FIELD = "j_username";
    private OpenIDConsumer consumer;
    private String claimedIdentityFieldName = "j_username";
    static Class class$org$springframework$security$ui$openid$OpenIDAuthenticationProcessingFilter;
    static Class class$org$springframework$security$ui$openid$OpenIDAuthenticationRequiredException;

    @Override // org.springframework.security.ui.AbstractProcessingFilter, org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        super.afterPropertiesSet();
        if (this.consumer == null) {
            this.consumer = new OpenID4JavaConsumer();
        }
    }

    @Override // org.springframework.security.ui.AbstractProcessingFilter
    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest) throws AuthenticationException {
        if (!StringUtils.hasText(httpServletRequest.getParameter("openid.identity"))) {
            String obtainUsername = obtainUsername(httpServletRequest);
            setLastUsername(obtainUsername, httpServletRequest);
            throw new OpenIDAuthenticationRequiredException("External Authentication Required", obtainUsername);
        }
        try {
            OpenIDAuthenticationToken endConsumption = this.consumer.endConsumption(httpServletRequest);
            Authentication authenticate = getAuthenticationManager().authenticate(endConsumption);
            if (authenticate.isAuthenticated()) {
                setLastUsername(endConsumption.getIdentityUrl(), httpServletRequest);
            }
            return authenticate;
        } catch (OpenIDConsumerException e) {
            throw new AuthenticationServiceException("Consumer error", e);
        }
    }

    private void setLastUsername(String str, HttpServletRequest httpServletRequest) {
        if (httpServletRequest.getSession(false) != null || getAllowSessionCreation()) {
            httpServletRequest.getSession().setAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY, str);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.springframework.security.ui.AbstractProcessingFilter
    public String determineFailureUrl(HttpServletRequest httpServletRequest, AuthenticationException authenticationException) {
        if (authenticationException instanceof OpenIDAuthenticationRequiredException) {
            String claimedIdentity = ((OpenIDAuthenticationRequiredException) authenticationException).getClaimedIdentity();
            if (StringUtils.hasText(claimedIdentity)) {
                try {
                    return this.consumer.beginConsumption(httpServletRequest, claimedIdentity, buildReturnToUrl(httpServletRequest));
                } catch (OpenIDConsumerException e) {
                    log.error(new StringBuffer().append("Unable to consume claimedIdentity [").append(claimedIdentity).append("]").toString(), e);
                }
            }
        }
        return super.determineFailureUrl(httpServletRequest, authenticationException);
    }

    protected String buildReturnToUrl(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURL().toString();
    }

    public String getClaimedIdentityFieldName() {
        return this.claimedIdentityFieldName;
    }

    public OpenIDConsumer getConsumer() {
        return this.consumer;
    }

    @Override // org.springframework.security.ui.AbstractProcessingFilter
    public String getDefaultFilterProcessesUrl() {
        return "/j_spring_openid_security_check";
    }

    protected boolean isAuthenticated(HttpServletRequest httpServletRequest) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return authentication != null && authentication.isAuthenticated();
    }

    protected boolean isOpenIdRequest(HttpServletRequest httpServletRequest) {
        String obtainUsername = obtainUsername(httpServletRequest);
        return StringUtils.hasText(obtainUsername) && obtainUsername.toLowerCase().startsWith("http");
    }

    protected String obtainUsername(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.claimedIdentityFieldName);
    }

    @Override // org.springframework.security.ui.AbstractProcessingFilter
    protected void onUnsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException {
        Class cls;
        if (authenticationException instanceof OpenIDAuthenticationRequiredException) {
            OpenIDAuthenticationRequiredException openIDAuthenticationRequiredException = (OpenIDAuthenticationRequiredException) authenticationException;
            if (class$org$springframework$security$ui$openid$OpenIDAuthenticationRequiredException == null) {
                cls = class$("org.springframework.security.ui.openid.OpenIDAuthenticationRequiredException");
                class$org$springframework$security$ui$openid$OpenIDAuthenticationRequiredException = cls;
            } else {
                cls = class$org$springframework$security$ui$openid$OpenIDAuthenticationRequiredException;
            }
            httpServletRequest.setAttribute(cls.getName(), openIDAuthenticationRequiredException.getClaimedIdentity());
        }
    }

    public void setClaimedIdentityFieldName(String str) {
        this.claimedIdentityFieldName = str;
    }

    public void setConsumer(OpenIDConsumer openIDConsumer) {
        this.consumer = openIDConsumer;
    }

    @Override // org.springframework.security.ui.AbstractProcessingFilter
    protected void unsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException {
        SecurityContextHolder.getContext().setAuthentication(null);
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Updated SecurityContextHolder to contain null Authentication");
        }
        String determineFailureUrl = determineFailureUrl(httpServletRequest, authenticationException);
        if (this.logger.isDebugEnabled()) {
            this.logger.debug(new StringBuffer().append("Authentication request failed: ").append(authenticationException.toString()).toString());
        }
        if (getAllowSessionCreation()) {
            try {
                httpServletRequest.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, authenticationException);
            } catch (Exception e) {
            }
        }
        super.getRememberMeServices().loginFail(httpServletRequest, httpServletResponse);
        sendRedirect(httpServletRequest, httpServletResponse, determineFailureUrl);
    }

    @Override // org.springframework.security.ui.SpringSecurityFilter, org.springframework.core.Ordered
    public int getOrder() {
        return FilterChainOrder.OPENID_PROCESSING_FILTER;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$springframework$security$ui$openid$OpenIDAuthenticationProcessingFilter == null) {
            cls = class$("org.springframework.security.ui.openid.OpenIDAuthenticationProcessingFilter");
            class$org$springframework$security$ui$openid$OpenIDAuthenticationProcessingFilter = cls;
        } else {
            cls = class$org$springframework$security$ui$openid$OpenIDAuthenticationProcessingFilter;
        }
        log = LogFactory.getLog(cls);
    }
}
