package org.springframework.security.ui.basicauth;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.springframework.aop.framework.autoproxy.target.QuickTargetSourceCreator;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationManager;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.anonymous.AnonymousAuthenticationToken;
import org.springframework.security.ui.AuthenticationDetailsSource;
import org.springframework.security.ui.AuthenticationEntryPoint;
import org.springframework.security.ui.FilterChainOrder;
import org.springframework.security.ui.SpringSecurityFilter;
import org.springframework.security.ui.WebAuthenticationDetailsSource;
import org.springframework.security.ui.rememberme.RememberMeServices;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0.2.jar:org/springframework/security/ui/basicauth/BasicProcessingFilter.class */
public class BasicProcessingFilter extends SpringSecurityFilter implements InitializingBean {
    private AuthenticationEntryPoint authenticationEntryPoint;
    private AuthenticationManager authenticationManager;
    private RememberMeServices rememberMeServices;
    private AuthenticationDetailsSource authenticationDetailsSource = new WebAuthenticationDetailsSource();
    private boolean ignoreFailure = false;
    private String credentialsCharset = "UTF-8";

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.authenticationManager, "An AuthenticationManager is required");
        if (isIgnoreFailure()) {
            return;
        }
        Assert.notNull(this.authenticationEntryPoint, "An AuthenticationEntryPoint is required");
    }

    @Override // org.springframework.security.ui.SpringSecurityFilter
    public void doFilterHttp(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        String header = httpServletRequest.getHeader("Authorization");
        if (this.logger.isDebugEnabled()) {
            this.logger.debug(new StringBuffer().append("Authorization header: ").append(header).toString());
        }
        if (header != null && header.startsWith("Basic ")) {
            String str = new String(Base64.decodeBase64(header.substring(6).getBytes("UTF-8")), getCredentialsCharset(httpServletRequest));
            String str2 = "";
            String str3 = "";
            int indexOf = str.indexOf(QuickTargetSourceCreator.PREFIX_COMMONS_POOL);
            if (indexOf != -1) {
                str2 = str.substring(0, indexOf);
                str3 = str.substring(indexOf + 1);
            }
            if (authenticationIsRequired(str2)) {
                UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(str2, str3);
                usernamePasswordAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
                try {
                    Authentication authenticate = this.authenticationManager.authenticate(usernamePasswordAuthenticationToken);
                    if (this.logger.isDebugEnabled()) {
                        this.logger.debug(new StringBuffer().append("Authentication success: ").append(authenticate.toString()).toString());
                    }
                    SecurityContextHolder.getContext().setAuthentication(authenticate);
                    if (this.rememberMeServices != null) {
                        this.rememberMeServices.loginSuccess(httpServletRequest, httpServletResponse, authenticate);
                    }
                } catch (AuthenticationException e) {
                    if (this.logger.isDebugEnabled()) {
                        this.logger.debug(new StringBuffer().append("Authentication request for user: ").append(str2).append(" failed: ").append(e.toString()).toString());
                    }
                    SecurityContextHolder.getContext().setAuthentication(null);
                    if (this.rememberMeServices != null) {
                        this.rememberMeServices.loginFail(httpServletRequest, httpServletResponse);
                    }
                    if (this.ignoreFailure) {
                        filterChain.doFilter(httpServletRequest, httpServletResponse);
                        return;
                    } else {
                        this.authenticationEntryPoint.commence(httpServletRequest, httpServletResponse, e);
                        return;
                    }
                }
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private boolean authenticationIsRequired(String str) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || !authentication.isAuthenticated()) {
            return true;
        }
        return ((authentication instanceof UsernamePasswordAuthenticationToken) && !authentication.getName().equals(str)) || (authentication instanceof AnonymousAuthenticationToken);
    }

    protected AuthenticationEntryPoint getAuthenticationEntryPoint() {
        return this.authenticationEntryPoint;
    }

    public void setAuthenticationEntryPoint(AuthenticationEntryPoint authenticationEntryPoint) {
        this.authenticationEntryPoint = authenticationEntryPoint;
    }

    protected AuthenticationManager getAuthenticationManager() {
        return this.authenticationManager;
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    protected boolean isIgnoreFailure() {
        return this.ignoreFailure;
    }

    public void setIgnoreFailure(boolean z) {
        this.ignoreFailure = z;
    }

    public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource) {
        Assert.notNull(authenticationDetailsSource, "AuthenticationDetailsSource required");
        this.authenticationDetailsSource = authenticationDetailsSource;
    }

    public void setRememberMeServices(RememberMeServices rememberMeServices) {
        this.rememberMeServices = rememberMeServices;
    }

    public void setCredentialsCharset(String str) {
        Assert.hasText(str, "credentialsCharset cannot be null or empty");
        this.credentialsCharset = str;
    }

    protected String getCredentialsCharset(HttpServletRequest httpServletRequest) {
        return this.credentialsCharset;
    }

    @Override // org.springframework.security.ui.SpringSecurityFilter, org.springframework.core.Ordered
    public int getOrder() {
        return FilterChainOrder.BASIC_PROCESSING_FILTER;
    }
}
