package com.github.yingzhuo.carnival.security.core;

import com.github.yingzhuo.carnival.security.authentication.TokenAuthenticationManager;
import com.github.yingzhuo.carnival.security.token.Token;
import com.github.yingzhuo.carnival.security.token.resolver.TokenResolver;
import java.io.IOException;
import java.util.Objects;
import java.util.Optional;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.core.log.LogMessage;
import org.springframework.lang.NonNull;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.web.context.request.ServletWebRequest;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:com/github/yingzhuo/carnival/security/core/TokenAuthenticationFilter.class */
public class TokenAuthenticationFilter extends OncePerRequestFilter {
    private final TokenResolver tokenResolver;
    private final TokenAuthenticationManager authenticationManager;
    private AuthenticationEntryPoint authenticationEntryPoint;
    private RememberMeServices rememberMeServices;

    public TokenAuthenticationFilter(TokenResolver tokenResolver, TokenAuthenticationManager tokenAuthenticationManager) {
        this.tokenResolver = (TokenResolver) Objects.requireNonNull(tokenResolver);
        this.authenticationManager = (TokenAuthenticationManager) Objects.requireNonNull(tokenAuthenticationManager);
    }

    protected void doFilterInternal(@NonNull HttpServletRequest httpServletRequest, @NonNull HttpServletResponse httpServletResponse, @NonNull FilterChain filterChain) throws ServletException, IOException {
        if (authenticationIsRequired()) {
            Optional<Token> resolve = this.tokenResolver.resolve(new ServletWebRequest(httpServletRequest, httpServletResponse));
            if (resolve.isPresent()) {
                try {
                    AbstractAuthenticationToken authenticate = this.authenticationManager.authenticate(resolve.get());
                    authenticate.setAuthenticated(true);
                    if (authenticate instanceof AbstractAuthenticationToken) {
                        authenticate.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
                    }
                    SecurityContextHolder.getContext().setAuthentication(authenticate);
                    if (this.logger.isDebugEnabled()) {
                        this.logger.debug(LogMessage.format("Set SecurityContextHolder to %s", authenticate));
                    }
                    if (this.rememberMeServices != null) {
                        this.rememberMeServices.loginSuccess(httpServletRequest, httpServletResponse, authenticate);
                    }
                    onSuccessfulAuthentication(httpServletRequest, httpServletResponse, authenticate);
                } catch (AuthenticationException e) {
                    SecurityContextHolder.clearContext();
                    if (this.rememberMeServices != null) {
                        this.rememberMeServices.loginFail(httpServletRequest, httpServletResponse);
                    }
                    onUnsuccessfulAuthentication(httpServletRequest, httpServletResponse, e);
                    if (this.authenticationEntryPoint != null) {
                        this.authenticationEntryPoint.commence(httpServletRequest, httpServletResponse, e);
                        return;
                    }
                }
            } else if (this.logger.isDebugEnabled()) {
                this.logger.debug("Token cannot be resolved. Nothing to do.");
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    public TokenResolver getTokenResolver() {
        return this.tokenResolver;
    }

    public TokenAuthenticationManager getAuthenticationManager() {
        return this.authenticationManager;
    }

    public AuthenticationEntryPoint getAuthenticationEntryPoint() {
        return this.authenticationEntryPoint;
    }

    public void setAuthenticationEntryPoint(AuthenticationEntryPoint authenticationEntryPoint) {
        this.authenticationEntryPoint = authenticationEntryPoint;
    }

    public RememberMeServices getRememberMeServices() {
        return this.rememberMeServices;
    }

    public void setRememberMeServices(RememberMeServices rememberMeServices) {
        this.rememberMeServices = rememberMeServices;
    }

    protected void onSuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        this.logger.debug("Successful Authentication");
    }

    protected void onUnsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) {
        this.logger.debug("Unsuccessful Authentication");
    }

    protected final boolean authenticationIsRequired() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || !authentication.isAuthenticated()) {
            return true;
        }
        return authentication instanceof AnonymousAuthenticationToken;
    }
}
