package net.solarnetwork.web.jakarta.security;

import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import net.solarnetwork.codec.JsonUtils;
import net.solarnetwork.util.ByteUtils;
import net.solarnetwork.web.jakarta.domain.Response;
import net.solarnetwork.web.jakarta.service.HttpRequestCustomizerService;
import org.springframework.core.Ordered;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.web.servlet.HandlerExceptionResolver;

/* loaded from: input_file:net/solarnetwork/web/jakarta/security/SecurityTokenAuthenticationEntryPoint.class */
public class SecurityTokenAuthenticationEntryPoint implements AuthenticationEntryPoint, Ordered, AccessDeniedHandler {
    private int order = Integer.MAX_VALUE;
    private Map<String, String> httpHeaders = defaultHttpHeaders();
    private HandlerExceptionResolver handlerExceptionResolver;

    private static Map<String, String> defaultHttpHeaders() {
        HashMap hashMap = new HashMap(2);
        hashMap.put("Access-Control-Allow-Origin", "*");
        hashMap.put("Access-Control-Allow-Methods", "GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH");
        hashMap.put("Access-Control-Allow-Headers", "Authorization, Content-MD5, Content-Type, Digest, X-SN-Date");
        return hashMap;
    }

    public int getOrder() {
        return this.order;
    }

    private static String securityTokenAuthenticationScheme(String str) {
        int indexOf;
        if (str != null && (indexOf = str.indexOf(32)) > 0) {
            String substring = str.substring(0, indexOf);
            if (AuthenticationScheme.V1.getSchemeName().equals(substring)) {
                return substring;
            }
        }
        return AuthenticationScheme.V2.getSchemeName();
    }

    public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        String securityTokenAuthenticationScheme = securityTokenAuthenticationScheme(httpServletRequest.getHeader(HttpRequestCustomizerService.AUTHORIZATION_GROUP_UID));
        if (httpServletResponse.getHeader("WWW-Authenticate") == null) {
            httpServletResponse.addHeader("WWW-Authenticate", securityTokenAuthenticationScheme);
        }
        httpServletResponse.setStatus(401);
        httpServletResponse.addHeader(WebConstants.HEADER_ERROR_MESSAGE, authenticationException.getMessage());
        if (this.httpHeaders != null) {
            for (Map.Entry<String, String> entry : this.httpHeaders.entrySet()) {
                if (httpServletResponse.getHeader(entry.getKey()) == null) {
                    httpServletResponse.addHeader(entry.getKey(), entry.getValue());
                }
            }
        }
        if (handleWithResolver(httpServletRequest, httpServletResponse, authenticationException)) {
            return;
        }
        httpServletResponse.setContentType("application/json");
        byte[] bytes = JsonUtils.getJSONString(new Response(Boolean.FALSE, String.valueOf(401), authenticationException.getMessage(), null), "{\"success\":false}").getBytes(ByteUtils.UTF8);
        httpServletResponse.setContentLength(bytes.length);
        httpServletResponse.getOutputStream().write(bytes);
    }

    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        if (handleWithResolver(httpServletRequest, httpServletResponse, accessDeniedException)) {
            return;
        }
        httpServletResponse.sendError(403);
    }

    public void handleTransientResourceException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Exception exc) throws IOException, ServletException {
        if (handleWithResolver(httpServletRequest, httpServletResponse, exc)) {
            return;
        }
        httpServletResponse.sendError(HttpStatus.TOO_MANY_REQUESTS.value(), "Try again later.");
    }

    private boolean handleWithResolver(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Exception exc) throws ServletException {
        if (this.handlerExceptionResolver == null) {
            return false;
        }
        try {
            return this.handlerExceptionResolver.resolveException(httpServletRequest, httpServletResponse, (Object) null, exc) != null;
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            throw new ServletException(e2);
        }
    }

    public void setOrder(int i) {
        this.order = i;
    }

    public Map<String, String> getHttpHeaders() {
        return this.httpHeaders;
    }

    public void setHttpHeaders(Map<String, String> map) {
        this.httpHeaders = map;
    }

    public void setHandlerExceptionResolver(HandlerExceptionResolver handlerExceptionResolver) {
        this.handlerExceptionResolver = handlerExceptionResolver;
    }
}
