package lsfusion.http.authentication;

import com.google.common.base.Throwables;
import java.io.IOException;
import java.util.HashMap;
import java.util.Locale;
import javax.servlet.FilterChain;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lsfusion.base.Pair;
import lsfusion.gwt.client.base.exception.AppServerNotAvailableDispatchException;
import lsfusion.http.controller.ExternalRequestHandler;
import lsfusion.http.provider.logics.LogicsProvider;
import lsfusion.interop.base.exception.LockedException;
import lsfusion.interop.base.exception.RemoteMessageException;
import lsfusion.interop.connection.AuthenticationToken;
import lsfusion.interop.connection.authentication.OAuth2Authentication;
import org.springframework.lang.NonNull;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:WEB-INF/classes/lsfusion/http/authentication/OAuth2ToLSFTokenFilter.class */
public class OAuth2ToLSFTokenFilter extends OncePerRequestFilter {
    public static final String AUTH_SECRET_KEY = "authSecret";
    private LogicsProvider logicsProvider;
    private ServletContext thisServletContext;
    private LSFClientRegistrationRepository clientRegistrations;

    public void setLogicsProvider(LogicsProvider logicsProvider) {
        this.logicsProvider = logicsProvider;
    }

    public void setThisServletContext(ServletContext servletContext) {
        this.thisServletContext = servletContext;
    }

    public void setClientRegistrations(LSFClientRegistrationRepository lSFClientRegistrationRepository) {
        this.clientRegistrations = lSFClientRegistrationRepository;
    }

    @Override // org.springframework.web.filter.OncePerRequestFilter
    protected void doFilterInternal(@NonNull HttpServletRequest httpServletRequest, @NonNull HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        convertToken(this.logicsProvider, httpServletRequest, httpServletResponse, SecurityContextHolder.getContext().getAuthentication(), this.thisServletContext, this.clientRegistrations);
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static Authentication convertToken(LogicsProvider logicsProvider, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication, ServletContext servletContext, LSFClientRegistrationRepository lSFClientRegistrationRepository) throws IOException {
        LSFAuthenticationToken lSFAuthenticationToken;
        if (!(authentication instanceof OAuth2AuthenticationToken) || lSFClientRegistrationRepository == null) {
            return authentication;
        }
        String authorizedClientRegistrationId = ((OAuth2AuthenticationToken) authentication).getAuthorizedClientRegistrationId();
        String userNameAttributeName = lSFClientRegistrationRepository.findByRegistrationId(authorizedClientRegistrationId).getProviderDetails().getUserInfoEndpoint().getUserNameAttributeName();
        OAuth2User oAuth2User = (OAuth2User) authentication.getPrincipal();
        String str = String.valueOf(authorizedClientRegistrationId) + ":" + oAuth2User.getAttribute(userNameAttributeName);
        String initParameter = servletContext.getInitParameter(AUTH_SECRET_KEY);
        try {
            Pair pair = (Pair) logicsProvider.runRequest(httpServletRequest, (logicsSessionObject, z) -> {
                try {
                    AuthenticationToken authenticateUser = logicsSessionObject.remoteLogics.authenticateUser(new OAuth2Authentication(str, initParameter, new HashMap(oAuth2User.getAttributes())));
                    return new Pair(authenticateUser, LSFRemoteAuthenticationProvider.getUserLocale(logicsSessionObject, authentication, authenticateUser, httpServletRequest));
                } catch (LockedException e) {
                    throw new org.springframework.security.authentication.LockedException(e.getMessage());
                }
            });
            lSFAuthenticationToken = new LSFAuthenticationToken(str, null, (AuthenticationToken) pair.first, (Locale) pair.second);
        } catch (AppServerNotAvailableDispatchException e) {
            throw Throwables.propagate(e);
        } catch (RemoteMessageException | org.springframework.security.authentication.LockedException e2) {
            ExternalRequestHandler.processFailedAuthentication(httpServletRequest, httpServletResponse, e2, null);
            lSFAuthenticationToken = null;
        }
        SecurityContextHolder.getContext().setAuthentication(lSFAuthenticationToken);
        return lSFAuthenticationToken;
    }
}
