package org.springframework.flex.security3;

import flex.messaging.FlexContext;
import flex.messaging.security.LoginCommand;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.NullRememberMeServices;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.session.NullAuthenticatedSessionStrategy;
import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy;
import org.springframework.util.Assert;
import org.springframework.util.ClassUtils;

/* loaded from: input_file:org/springframework/flex/security3/SpringSecurityLoginCommand.class */
public class SpringSecurityLoginCommand implements LoginCommand, InitializingBean {
    private final AuthenticationManager authManager;
    private List<LogoutHandler> logoutHandlers;
    private RememberMeServices rememberMeServices;
    private SessionAuthenticationStrategy sessionStrategy;
    private boolean perClientAuthentication = false;
    protected AuthenticationDetailsSource authenticationDetailsSource = new WebAuthenticationDetailsSource();

    public SpringSecurityLoginCommand(AuthenticationManager authenticationManager) {
        Assert.notNull(authenticationManager, "AuthenticationManager is required.");
        this.authManager = authenticationManager;
    }

    public void afterPropertiesSet() throws Exception {
        if (this.sessionStrategy == null) {
            this.sessionStrategy = new NullAuthenticatedSessionStrategy();
        }
        if (this.rememberMeServices == null) {
            this.rememberMeServices = new NullRememberMeServices();
        }
        if (this.logoutHandlers == null) {
            this.logoutHandlers = new ArrayList();
        }
        if (!ClassUtils.isAssignableValue(LogoutHandler.class, this.rememberMeServices) || this.logoutHandlers.contains(this.rememberMeServices)) {
            return;
        }
        this.logoutHandlers.add((LogoutHandler) this.rememberMeServices);
    }

    public Principal doAuthentication(String str, Object obj) {
        HttpServletRequest httpRequest = FlexContext.getHttpRequest();
        HttpServletResponse httpResponse = FlexContext.getHttpResponse();
        try {
            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(str, extractPassword(obj));
            setDetails(httpRequest, usernamePasswordAuthenticationToken);
            Authentication authenticate = this.authManager.authenticate(usernamePasswordAuthenticationToken);
            if (authenticate != null) {
                if (!isPerClientAuthentication() && httpRequest != null && httpResponse != null) {
                    this.sessionStrategy.onAuthentication(authenticate, httpRequest, httpResponse);
                    this.rememberMeServices.loginSuccess(httpRequest, httpResponse, authenticate);
                }
                SecurityContextHolder.getContext().setAuthentication(authenticate);
            }
            return authenticate;
        } catch (AuthenticationException e) {
            SecurityContextHolder.clearContext();
            if (httpRequest != null && httpResponse != null && !isPerClientAuthentication()) {
                this.rememberMeServices.loginFail(httpRequest, httpResponse);
            }
            throw e;
        }
    }

    public boolean doAuthorization(Principal principal, List list) {
        Assert.isInstanceOf(Authentication.class, principal, "This LoginCommand expects a Principal of type " + Authentication.class.getName());
        Authentication authentication = (Authentication) principal;
        if (authentication == null || authentication.getPrincipal() == null || authentication.getAuthorities() == null) {
            return false;
        }
        Iterator it = authentication.getAuthorities().iterator();
        while (it.hasNext()) {
            if (list.contains(((GrantedAuthority) it.next()).getAuthority())) {
                return true;
            }
        }
        return false;
    }

    public AuthenticationManager getAuthManager() {
        return this.authManager;
    }

    public boolean isPerClientAuthentication() {
        return this.perClientAuthentication;
    }

    public boolean logout(Principal principal) {
        HttpServletRequest httpRequest = FlexContext.getHttpRequest();
        HttpServletResponse httpResponse = FlexContext.getHttpResponse();
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (httpRequest == null || httpResponse == null) {
            SecurityContextHolder.clearContext();
            return true;
        }
        Iterator<LogoutHandler> it = this.logoutHandlers.iterator();
        while (it.hasNext()) {
            it.next().logout(httpRequest, httpResponse, authentication);
        }
        return true;
    }

    public void setLogoutHandlers(List<LogoutHandler> list) {
        this.logoutHandlers = list;
    }

    public void setPerClientAuthentication(boolean z) {
        this.perClientAuthentication = z;
    }

    public void setRememberMeServices(RememberMeServices rememberMeServices) {
        this.rememberMeServices = rememberMeServices;
    }

    public void setSessionAuthenticationStrategy(SessionAuthenticationStrategy sessionAuthenticationStrategy) {
        this.sessionStrategy = sessionAuthenticationStrategy;
    }

    public void start(ServletConfig servletConfig) {
    }

    public void stop() {
        SecurityContextHolder.clearContext();
    }

    protected String extractPassword(Object obj) {
        String str = null;
        if (obj instanceof String) {
            str = (String) obj;
        } else if (obj instanceof Map) {
            str = (String) ((Map) obj).get("password");
        }
        return str;
    }

    protected void setDetails(HttpServletRequest httpServletRequest, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) {
        try {
            usernamePasswordAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
        } catch (Exception e) {
        }
    }
}
