package tp.ms.cas.security.permission.filter;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jasig.cas.client.util.CommonUtils;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.util.UrlUtils;
import org.springframework.util.Assert;
import tp.ms.common.bean.support.context.MsEnvContextHolder;

/* loaded from: input_file:tp/ms/cas/security/permission/filter/UrlAuthenticationFailureHandler.class */
public class UrlAuthenticationFailureHandler implements AuthenticationFailureHandler {
    private String defaultFailureUrl;
    private String casServerUrl;
    private String serviceUrl;
    protected final Log logger = LogFactory.getLog(getClass());
    private boolean forwardToDestination = false;
    private boolean allowSessionCreation = true;
    private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();

    public UrlAuthenticationFailureHandler() {
    }

    public UrlAuthenticationFailureHandler(String str) {
        setDefaultFailureUrl(this.defaultFailureUrl);
    }

    public UrlAuthenticationFailureHandler(String str, String str2) {
        this.casServerUrl = str;
        this.serviceUrl = str2;
    }

    public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        if (this.casServerUrl != null) {
            String oUrl = MsEnvContextHolder.getContext().oUrl();
            if (oUrl == null) {
                oUrl = this.serviceUrl;
            }
            if (oUrl == null) {
                oUrl = getRootPath(httpServletRequest);
            }
            httpServletResponse.sendRedirect(CommonUtils.constructRedirectUrl(this.casServerUrl, "service", oUrl, true, false));
            return;
        }
        if (this.defaultFailureUrl == null) {
            this.logger.debug("No failure URL set, sending 401 Unauthorized error");
            httpServletResponse.sendError(HttpStatus.UNAUTHORIZED.value(), HttpStatus.UNAUTHORIZED.getReasonPhrase());
            return;
        }
        saveException(httpServletRequest, authenticationException);
        if (this.forwardToDestination) {
            this.logger.debug("Forwarding to " + this.defaultFailureUrl);
            httpServletRequest.getRequestDispatcher(this.defaultFailureUrl).forward(httpServletRequest, httpServletResponse);
        } else {
            this.logger.debug("Redirecting to " + this.defaultFailureUrl);
            this.redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, this.defaultFailureUrl);
        }
    }

    protected final void saveException(HttpServletRequest httpServletRequest, AuthenticationException authenticationException) {
        if (this.forwardToDestination) {
            httpServletRequest.setAttribute("SPRING_SECURITY_LAST_EXCEPTION", authenticationException);
        } else if (httpServletRequest.getSession(false) != null || this.allowSessionCreation) {
            httpServletRequest.getSession().setAttribute("SPRING_SECURITY_LAST_EXCEPTION", authenticationException);
        }
    }

    public void setDefaultFailureUrl(String str) {
        Assert.isTrue(UrlUtils.isValidRedirectUrl(str), "'" + str + "' is not a valid redirect URL");
        this.defaultFailureUrl = str;
    }

    protected boolean isUseForward() {
        return this.forwardToDestination;
    }

    public void setUseForward(boolean z) {
        this.forwardToDestination = z;
    }

    public void setRedirectStrategy(RedirectStrategy redirectStrategy) {
        this.redirectStrategy = redirectStrategy;
    }

    protected RedirectStrategy getRedirectStrategy() {
        return this.redirectStrategy;
    }

    protected boolean isAllowSessionCreation() {
        return this.allowSessionCreation;
    }

    public void setAllowSessionCreation(boolean z) {
        this.allowSessionCreation = z;
    }

    private String getRootPath(HttpServletRequest httpServletRequest) {
        httpServletRequest.getRemoteAddr();
        httpServletRequest.getRemoteHost();
        httpServletRequest.getRemotePort();
        String scheme = httpServletRequest.getScheme();
        String serverName = httpServletRequest.getServerName();
        int serverPort = httpServletRequest.getServerPort();
        httpServletRequest.getLocalAddr();
        httpServletRequest.getLocalName();
        httpServletRequest.getLocalPort();
        String contextPath = httpServletRequest.getContextPath();
        httpServletRequest.getServletPath();
        httpServletRequest.getRequestURL();
        return scheme + "://" + serverName + ":" + serverPort + "/" + contextPath;
    }
}
