package it.geosolutions.geostore.services.rest.security;

import it.geosolutions.geostore.core.model.User;
import it.geosolutions.geostore.core.model.enums.Role;
import it.geosolutions.geostore.core.security.UserMapper;
import it.geosolutions.geostore.services.UserService;
import it.geosolutions.geostore.services.exception.BadRequestServiceEx;
import it.geosolutions.geostore.services.exception.NotFoundServiceEx;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:WEB-INF/lib/geostore-rest-impl-2.2.0.jar:it/geosolutions/geostore/services/rest/security/GeoStoreAuthenticationFilter.class */
public abstract class GeoStoreAuthenticationFilter extends GenericFilterBean {
    public static final String USER_NOT_FOUND_MSG = "User not found. Please check your credentials";
    private static final Logger LOGGER = LogManager.getLogger((Class<?>) GeoStoreAuthenticationFilter.class);

    @Autowired
    protected UserService userService;
    private boolean autoCreateUser = false;
    private boolean enableAutoCreatedUsers = true;
    private UserMapper userMapper;

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (servletRequest instanceof HttpServletRequest) {
            authenticate((HttpServletRequest) servletRequest);
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    protected abstract void authenticate(HttpServletRequest httpServletRequest);

    /* JADX INFO: Access modifiers changed from: protected */
    public Authentication createAuthenticationForUser(String str, String str2, Object obj) {
        User user = null;
        try {
            user = this.userService.get(str);
        } catch (NotFoundServiceEx e) {
            if (this.autoCreateUser) {
                try {
                    user = createUser(str, str2, obj);
                } catch (BadRequestServiceEx e2) {
                    LOGGER.error("Error creating user for " + str, (Throwable) e);
                } catch (NotFoundServiceEx e3) {
                    LOGGER.error("Error creating user for " + str, (Throwable) e);
                }
            } else {
                LOGGER.error("User not found: " + str, (Throwable) e);
            }
        }
        return createAuthenticationForUser(user);
    }

    protected User createUser(String str, String str2, Object obj) throws BadRequestServiceEx, NotFoundServiceEx {
        User user = new User();
        user.setName(str);
        user.setNewPassword(str2);
        user.setEnabled(this.enableAutoCreatedUsers);
        user.setRole(Role.USER);
        user.setGroups(Collections.EMPTY_SET);
        if (this.userMapper != null) {
            this.userMapper.mapUser(obj, user);
        }
        if (this.userService != null) {
            this.userService.insert(user);
        }
        return user;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Authentication createAuthenticationForUser(User user) {
        if (user == null) {
            LOGGER.error("User not found. Please check your credentials");
            return null;
        }
        String role = user.getRole().toString();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new SimpleGrantedAuthority("ROLE_" + role));
        return new UsernamePasswordAuthenticationToken(user, user.getPassword(), arrayList);
    }

    public void setUserService(UserService userService) {
        this.userService = userService;
    }

    public void setUserMapper(UserMapper userMapper) {
        this.userMapper = userMapper;
    }

    public void setAutoCreateUser(boolean z) {
        this.autoCreateUser = z;
    }

    public void setEnableAutoCreatedUsers(boolean z) {
        this.enableAutoCreatedUsers = z;
    }
}
