package org.springframework.security.ui.portlet;

import java.io.IOException;
import java.security.Principal;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
import javax.portlet.PortletRequest;
import javax.portlet.PortletResponse;
import javax.portlet.RenderRequest;
import javax.portlet.RenderResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationManager;
import org.springframework.security.context.SecurityContext;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.security.ui.AbstractProcessingFilter;
import org.springframework.security.ui.AuthenticationDetailsSource;
import org.springframework.security.ui.AuthenticationDetailsSourceImpl;
import org.springframework.util.Assert;
import org.springframework.web.portlet.HandlerInterceptor;
import org.springframework.web.portlet.ModelAndView;

/* loaded from: input_file:WEB-INF/lib/spring-security-portlet-2.0.4.jar:org/springframework/security/ui/portlet/PortletProcessingInterceptor.class */
public class PortletProcessingInterceptor implements HandlerInterceptor, InitializingBean {
    private static final Log logger;
    private AuthenticationManager authenticationManager;
    private List userNameAttributes;
    static Class class$org$springframework$security$ui$portlet$PortletProcessingInterceptor;
    static Class class$org$springframework$security$ui$portlet$PortletAuthenticationDetails;
    private boolean useAuthTypeAsCredentials = false;
    private AuthenticationDetailsSource authenticationDetailsSource = new AuthenticationDetailsSourceImpl();

    public PortletProcessingInterceptor() {
        Class cls;
        AuthenticationDetailsSourceImpl authenticationDetailsSourceImpl = (AuthenticationDetailsSourceImpl) this.authenticationDetailsSource;
        if (class$org$springframework$security$ui$portlet$PortletAuthenticationDetails == null) {
            cls = class$("org.springframework.security.ui.portlet.PortletAuthenticationDetails");
            class$org$springframework$security$ui$portlet$PortletAuthenticationDetails = cls;
        } else {
            cls = class$org$springframework$security$ui$portlet$PortletAuthenticationDetails;
        }
        authenticationDetailsSourceImpl.setClazz(cls);
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.authenticationManager, "An AuthenticationManager must be set");
    }

    @Override // org.springframework.web.portlet.HandlerInterceptor
    public boolean preHandleAction(ActionRequest actionRequest, ActionResponse actionResponse, Object obj) throws Exception {
        return preHandle(actionRequest, actionResponse, obj);
    }

    @Override // org.springframework.web.portlet.HandlerInterceptor
    public boolean preHandleRender(RenderRequest renderRequest, RenderResponse renderResponse, Object obj) throws Exception {
        return preHandle(renderRequest, renderResponse, obj);
    }

    @Override // org.springframework.web.portlet.HandlerInterceptor
    public void postHandleRender(RenderRequest renderRequest, RenderResponse renderResponse, Object obj, ModelAndView modelAndView) throws Exception {
    }

    @Override // org.springframework.web.portlet.HandlerInterceptor
    public void afterActionCompletion(ActionRequest actionRequest, ActionResponse actionResponse, Object obj, Exception exc) throws Exception {
    }

    @Override // org.springframework.web.portlet.HandlerInterceptor
    public void afterRenderCompletion(RenderRequest renderRequest, RenderResponse renderResponse, Object obj, Exception exc) throws Exception {
    }

    private boolean preHandle(PortletRequest portletRequest, PortletResponse portletResponse, Object obj) throws Exception {
        SecurityContext context = SecurityContextHolder.getContext();
        if (logger.isDebugEnabled()) {
            logger.debug(new StringBuffer().append("Checking secure context token: ").append(context.getAuthentication()).toString());
        }
        if (context.getAuthentication() != null) {
            return true;
        }
        try {
            PreAuthenticatedAuthenticationToken preAuthenticatedAuthenticationToken = new PreAuthenticatedAuthenticationToken(getPrincipalFromRequest(portletRequest), getCredentialsFromRequest(portletRequest));
            preAuthenticatedAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails(portletRequest));
            if (logger.isDebugEnabled()) {
                logger.debug(new StringBuffer().append("Beginning authentication request for user '").append(preAuthenticatedAuthenticationToken.getName()).append("'").toString());
            }
            onPreAuthentication(portletRequest, portletResponse);
            Authentication authenticate = this.authenticationManager.authenticate(preAuthenticatedAuthenticationToken);
            if (logger.isDebugEnabled()) {
                logger.debug(new StringBuffer().append("Authentication success: ").append(authenticate).toString());
            }
            context.setAuthentication(authenticate);
            onSuccessfulAuthentication(portletRequest, portletResponse, authenticate);
            return true;
        } catch (AuthenticationException e) {
            if (logger.isDebugEnabled()) {
                logger.debug("Authentication failed - updating ContextHolder to contain null Authentication", e);
            }
            context.setAuthentication(null);
            portletRequest.getPortletSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, e, 1);
            onUnsuccessfulAuthentication(portletRequest, portletResponse, e);
            return true;
        }
    }

    protected Object getPrincipalFromRequest(PortletRequest portletRequest) {
        String name;
        String remoteUser = portletRequest.getRemoteUser();
        if (remoteUser != null) {
            return remoteUser;
        }
        Principal userPrincipal = portletRequest.getUserPrincipal();
        if (userPrincipal != null && (name = userPrincipal.getName()) != null) {
            return name;
        }
        if (this.userNameAttributes == null) {
            return null;
        }
        Map map = null;
        try {
            map = (Map) portletRequest.getAttribute("javax.portlet.userinfo");
        } catch (Exception e) {
            logger.warn("unable to retrieve USER_INFO map from portlet request", e);
        }
        if (map == null) {
            return null;
        }
        Iterator it = this.userNameAttributes.iterator();
        while (it.hasNext()) {
            String str = (String) map.get(it.next());
            if (str != null) {
                return str;
            }
        }
        return null;
    }

    protected Object getCredentialsFromRequest(PortletRequest portletRequest) {
        return this.useAuthTypeAsCredentials ? portletRequest.getAuthType() : "dummy";
    }

    protected void onPreAuthentication(PortletRequest portletRequest, PortletResponse portletResponse) throws AuthenticationException, IOException {
    }

    protected void onSuccessfulAuthentication(PortletRequest portletRequest, PortletResponse portletResponse, Authentication authentication) throws IOException {
    }

    protected void onUnsuccessfulAuthentication(PortletRequest portletRequest, PortletResponse portletResponse, AuthenticationException authenticationException) throws IOException {
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    public void setUserNameAttributes(List list) {
        this.userNameAttributes = list;
    }

    public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource) {
        this.authenticationDetailsSource = authenticationDetailsSource;
    }

    public void setUseAuthTypeAsCredentials(boolean z) {
        this.useAuthTypeAsCredentials = z;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$springframework$security$ui$portlet$PortletProcessingInterceptor == null) {
            cls = class$("org.springframework.security.ui.portlet.PortletProcessingInterceptor");
            class$org$springframework$security$ui$portlet$PortletProcessingInterceptor = cls;
        } else {
            cls = class$org$springframework$security$ui$portlet$PortletProcessingInterceptor;
        }
        logger = LogFactory.getLog(cls);
    }
}
