package org.artifactory.webapp.servlet.authentication;

import java.io.IOException;
import java.util.Collection;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.artifactory.security.props.auth.PropsAuthenticationToken;
import org.artifactory.security.props.auth.model.TokenKeyValue;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.NullRememberMeServices;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;

/* loaded from: input_file:org/artifactory/webapp/servlet/authentication/PropsAuthenticationFilter.class */
public class PropsAuthenticationFilter implements ArtifactoryAuthenticationFilter {
    private static final Logger log = LoggerFactory.getLogger(PropsAuthenticationFilter.class);
    private AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource = new WebAuthenticationDetailsSource();
    private RememberMeServices rememberMeServices = new NullRememberMeServices();
    private AuthenticationManager authenticationManager;
    private BasicAuthenticationEntryPoint authenticationEntryPoint;

    public PropsAuthenticationFilter(AuthenticationManager authenticationManager, BasicAuthenticationEntryPoint basicAuthenticationEntryPoint) {
        this.authenticationManager = authenticationManager;
        this.authenticationEntryPoint = basicAuthenticationEntryPoint;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override // org.artifactory.webapp.servlet.authentication.ArtifactoryAuthenticationFilter
    public boolean requiresReAuthentication(ServletRequest servletRequest, Authentication authentication) {
        if (AuthenticationFilterUtils.getTokenKeyValueFromHeader((HttpServletRequest) servletRequest) == null || authentication == null) {
            return acceptFilter(servletRequest);
        }
        return false;
    }

    @Override // org.artifactory.webapp.servlet.authentication.ArtifactoryAuthenticationFilter
    public boolean acceptFilter(ServletRequest servletRequest) {
        return AuthenticationFilterUtils.getTokenKeyValueFromHeader((HttpServletRequest) servletRequest) != null;
    }

    @Override // org.artifactory.webapp.servlet.authentication.ArtifactoryAuthenticationFilter
    public String getCacheKey(ServletRequest servletRequest) {
        TokenKeyValue tokenKeyValueFromHeader = AuthenticationFilterUtils.getTokenKeyValueFromHeader((HttpServletRequest) servletRequest);
        if (tokenKeyValueFromHeader != null) {
            return tokenKeyValueFromHeader.getToken();
        }
        return null;
    }

    @Override // org.artifactory.webapp.servlet.authentication.ArtifactoryAuthenticationFilter
    public String getLoginIdentifier(ServletRequest servletRequest) {
        TokenKeyValue tokenKeyValueFromHeader = AuthenticationFilterUtils.getTokenKeyValueFromHeader((HttpServletRequest) servletRequest);
        return tokenKeyValueFromHeader != null ? tokenKeyValueFromHeader.getToken() : getCacheKey(servletRequest);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            TokenKeyValue tokenKeyValueFromHeader = AuthenticationFilterUtils.getTokenKeyValueFromHeader(httpServletRequest);
            if (tokenKeyValueFromHeader != null) {
                log.trace("try authenticate with {} : {}", tokenKeyValueFromHeader.getKey(), tokenKeyValueFromHeader.getToken());
                updateContext(httpServletRequest, httpServletResponse, tryAuthenticate(httpServletRequest, tokenKeyValueFromHeader));
                log.trace("authentication with props token {} : {} succeeded", tokenKeyValueFromHeader.getKey(), tokenKeyValueFromHeader.getToken());
            }
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } catch (AuthenticationException e) {
            clearContext(httpServletRequest, httpServletResponse, e);
            this.authenticationEntryPoint.commence(httpServletRequest, httpServletResponse, e);
        }
    }

    private void clearContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) {
        SecurityContextHolder.clearContext();
        log.debug("Authentication request for failed: " + authenticationException);
        this.rememberMeServices.loginFail(httpServletRequest, httpServletResponse);
    }

    private void updateContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        SecurityContextHolder.getContext().setAuthentication(authentication);
        this.rememberMeServices.loginSuccess(httpServletRequest, httpServletResponse, authentication);
    }

    private Authentication tryAuthenticate(HttpServletRequest httpServletRequest, TokenKeyValue tokenKeyValue) {
        PropsAuthenticationToken propsAuthenticationToken = new PropsAuthenticationToken((Object) null, tokenKeyValue.getKey(), tokenKeyValue.getToken(), (Collection) null);
        propsAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
        return this.authenticationManager.authenticate(propsAuthenticationToken);
    }

    public void destroy() {
    }
}
