package org.apache.isis.security.spring.webmodule;

import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import javax.inject.Inject;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import org.apache.isis.applib.services.iactnlayer.InteractionContext;
import org.apache.isis.applib.services.iactnlayer.InteractionService;
import org.apache.isis.applib.services.user.UserMemento;
import org.apache.isis.security.spring.authconverters.AuthenticationConverter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:org/apache/isis/security/spring/webmodule/SpringSecurityFilter.class */
public class SpringSecurityFilter implements Filter {

    @Autowired
    private InteractionService interactionService;

    @Inject
    List<AuthenticationConverter> converters;

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || !authentication.isAuthenticated()) {
            httpServletResponse.setStatus(401);
            return;
        }
        UserMemento userMemento = null;
        Iterator<AuthenticationConverter> it = this.converters.iterator();
        while (it.hasNext()) {
            try {
                userMemento = it.next().convert(authentication);
            } catch (Exception e) {
            }
            if (userMemento != null) {
                break;
            }
        }
        if (userMemento == null) {
            httpServletResponse.setStatus(401);
        } else {
            this.interactionService.run(InteractionContext.ofUserWithSystemDefaults(userMemento.withRoleAdded("org.apache.isis.viewer.wicket.roles.USER").withAuthenticationSource(UserMemento.AuthenticationSource.EXTERNAL)), () -> {
                filterChain.doFilter(servletRequest, servletResponse);
            });
        }
    }
}
