package org.vaadin.spring.security;

import java.util.ArrayList;
import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.aop.support.AopUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.annotation.AnnotationUtils;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextImpl;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.util.Assert;
import org.vaadin.spring.http.HttpService;
import org.vaadin.spring.security.web.VaadinRedirectStrategy;

/* loaded from: input_file:BOOT-INF/lib/vaadin-spring-ext-security-0.0.6.RELEASE.jar:org/vaadin/spring/security/GenericVaadinSecurity.class */
public class GenericVaadinSecurity extends AbstractVaadinSecurity implements VaadinSecurity {
    public static final String SPRING_SECURITY_CONTEXT_KEY = "SPRING_SECURITY_CONTEXT";
    private final Logger logger = LoggerFactory.getLogger(getClass());
    private String springSecurityContextKey = "SPRING_SECURITY_CONTEXT";
    private String logoutProcessingUrl = "/logout";

    @Autowired
    private HttpService httpRequestResponseHolder;

    @Autowired
    private VaadinRedirectStrategy redirectStrategy;

    @Autowired(required = false)
    private RememberMeServices rememberMeService;

    @Override // org.vaadin.spring.security.VaadinSecurity
    public boolean isAuthenticated() {
        Authentication authentication = getAuthentication();
        return authentication != null && authentication.isAuthenticated();
    }

    @Override // org.vaadin.spring.security.VaadinSecurity
    public void login(Authentication authentication, boolean z) throws AuthenticationException, Exception {
        SecurityContext context = SecurityContextHolder.getContext();
        HttpServletRequest currentRequest = this.httpRequestResponseHolder.getCurrentRequest();
        HttpServletResponse currentResponse = this.httpRequestResponseHolder.getCurrentResponse();
        try {
            try {
                Authentication authenticate = getAuthenticationManager().authenticate(authentication);
                context.setAuthentication(authenticate);
                if (z) {
                    if (this.rememberMeService != null) {
                        this.logger.debug("Registering RememberMe in request");
                        currentRequest.setAttribute("_spring_security_remember_me", Boolean.valueOf(z));
                        this.rememberMeService.loginSuccess(currentRequest, currentResponse, authentication);
                    } else {
                        this.logger.error("RememberMe Request while no <RememberMeServices> found within <ApplicationContext>");
                    }
                }
                getSessionAuthenticationStrategy().onAuthentication(authenticate, currentRequest, currentResponse);
                if (hasAuthenticationSuccessHandlerConfigured()) {
                    getAuthenticationSuccessHandler().onAuthenticationSuccess(authentication);
                }
            } catch (AuthenticationException e) {
                SecurityContext generateNewContext = generateNewContext();
                if (this.rememberMeService != null) {
                    this.rememberMeService.loginFail(currentRequest, currentResponse);
                }
                if (!hasAuthenticationFailureHandlerConfigured()) {
                    throw e;
                }
                getAuthenticationFailureHandler().onAuthenticationFailure(e);
                this.httpRequestResponseHolder.getCurrentRequest().getSession().setAttribute(this.springSecurityContextKey, generateNewContext);
            }
        } finally {
            this.httpRequestResponseHolder.getCurrentRequest().getSession().setAttribute(this.springSecurityContextKey, context);
        }
    }

    @Override // org.vaadin.spring.security.VaadinSecurity
    public void login(Authentication authentication) throws AuthenticationException, Exception {
        login(authentication, false);
    }

    @Override // org.vaadin.spring.security.VaadinSecurity
    public void login(String str, String str2, boolean z) throws AuthenticationException, Exception {
        login(new UsernamePasswordAuthenticationToken(str, str2), z);
    }

    @Override // org.vaadin.spring.security.VaadinSecurity
    public void login(String str, String str2) throws AuthenticationException, Exception {
        login(new UsernamePasswordAuthenticationToken(str, str2));
    }

    @Override // org.vaadin.spring.security.VaadinSecurity
    public void setLogoutProcessingUrl(String str) {
        this.logoutProcessingUrl = str;
    }

    @Override // org.vaadin.spring.security.VaadinSecurity
    public void logout() {
        this.redirectStrategy.sendRedirect(this.logoutProcessingUrl);
    }

    @Override // org.vaadin.spring.security.VaadinSecurity
    public boolean hasAuthority(String str) {
        Authentication authentication = getAuthentication();
        if (authentication == null || !authentication.isAuthenticated()) {
            return false;
        }
        Iterator<? extends GrantedAuthority> it = authentication.getAuthorities().iterator();
        while (it.hasNext()) {
            if (str.equals(it.next().getAuthority())) {
                return true;
            }
        }
        return false;
    }

    @Override // org.vaadin.spring.security.VaadinSecurity
    public Authentication getAuthentication() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            authentication = ((SecurityContextImpl) this.httpRequestResponseHolder.getCurrentRequest().getSession().getAttribute(this.springSecurityContextKey)).getAuthentication();
        }
        return authentication;
    }

    @Override // org.vaadin.spring.security.VaadinSecurity
    public boolean hasAccessToObject(Object obj, String... strArr) {
        Authentication authentication = getAuthentication();
        if (getAccessDecisionManager() == null || authentication == null || !authentication.isAuthenticated()) {
            if (getAccessDecisionManager() != null) {
                return false;
            }
            this.logger.warn("Access was denied to object because there was no AccessDecisionManager set!");
            return false;
        }
        ArrayList arrayList = new ArrayList(strArr.length);
        for (String str : strArr) {
            arrayList.add(new SecurityConfig(str));
        }
        try {
            getAccessDecisionManager().decide(authentication, obj, arrayList);
            return true;
        } catch (AccessDeniedException e) {
            return false;
        } catch (InsufficientAuthenticationException e2) {
            return false;
        }
    }

    @Override // org.vaadin.spring.security.VaadinSecurity
    public boolean hasAccessToSecuredObject(Object obj) {
        Secured secured = (Secured) AopUtils.getTargetClass(obj).getAnnotation(Secured.class);
        Assert.notNull(secured, "securedObject did not have @Secured annotation");
        return hasAccessToObject(obj, secured.value());
    }

    @Override // org.vaadin.spring.security.VaadinSecurity
    public boolean hasAccessToSecuredMethod(Object obj, String str, Class<?>... clsArr) {
        try {
            Secured secured = (Secured) AnnotationUtils.findAnnotation(obj.getClass().getMethod(str, clsArr), Secured.class);
            Assert.notNull(secured, "securedObject did not have @Secured annotation");
            return hasAccessToObject(obj, secured.value());
        } catch (NoSuchMethodException e) {
            throw new IllegalArgumentException("Method " + str + " does not exist", e);
        }
    }

    @Override // org.vaadin.spring.security.VaadinSecurity
    public boolean hasAuthorities(String... strArr) {
        for (String str : strArr) {
            if (!hasAuthority(str)) {
                return false;
            }
        }
        return true;
    }

    @Override // org.vaadin.spring.security.VaadinSecurity
    public boolean hasAnyAuthority(String... strArr) {
        for (String str : strArr) {
            if (hasAuthority(str)) {
                return true;
            }
        }
        return false;
    }

    @Override // org.vaadin.spring.security.VaadinSecurity
    public void setSpringSecurityContextKey(String str) {
        Assert.hasText(str, "springSecurityContextKey cannot be empty");
        this.springSecurityContextKey = str;
    }

    private SecurityContext generateNewContext() {
        return SecurityContextHolder.createEmptyContext();
    }
}
