package org.geoserver.security.filter;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.geoserver.security.GeoServerSecurityFilterChain;
import org.geoserver.security.config.SecurityNamedServiceConfig;
import org.geoserver.security.config.UsernamePasswordAuthenticationFilterConfig;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/* loaded from: input_file:WEB-INF/lib/gs-main-2.15.1.jar:org/geoserver/security/filter/GeoServerUserNamePasswordAuthenticationFilter.class */
public class GeoServerUserNamePasswordAuthenticationFilter extends GeoServerCompositeFilter implements GeoServerAuthenticationFilter {
    public static final String URL_LOGIN_SUCCCESS = "/web";
    public static final String URL_LOGIN_FAILURE = "/web/wicket/bookmarkable/org.geoserver.web.GeoServerLoginPage?error=true";
    public static final String URL_LOGIN_FORM = "/web/wicket/bookmarkable/org.geoserver.web.GeoServerLoginPage?error=false";
    private LoginUrlAuthenticationEntryPoint aep;
    String[] pathInfos;

    @Override // org.geoserver.security.impl.AbstractGeoServerSecurityService, org.geoserver.security.GeoServerSecurityService
    public void initializeFromConfig(SecurityNamedServiceConfig securityNamedServiceConfig) throws IOException {
        super.initializeFromConfig(securityNamedServiceConfig);
        this.pathInfos = GeoServerSecurityFilterChain.FORM_LOGIN_CHAIN.split(",");
        UsernamePasswordAuthenticationFilterConfig usernamePasswordAuthenticationFilterConfig = (UsernamePasswordAuthenticationFilterConfig) securityNamedServiceConfig;
        this.aep = new LoginUrlAuthenticationEntryPoint(URL_LOGIN_FORM);
        this.aep.setForceHttps(false);
        try {
            this.aep.afterPropertiesSet();
            RememberMeServices rememberMeService = this.securityManager.getRememberMeService();
            UsernamePasswordAuthenticationFilter usernamePasswordAuthenticationFilter = new UsernamePasswordAuthenticationFilter() { // from class: org.geoserver.security.filter.GeoServerUserNamePasswordAuthenticationFilter.1
                @Override // org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
                protected boolean requiresAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
                    for (String str : GeoServerUserNamePasswordAuthenticationFilter.this.pathInfos) {
                        if (GeoServerUserNamePasswordAuthenticationFilter.this.getRequestPath(httpServletRequest).startsWith(str)) {
                            return true;
                        }
                    }
                    return false;
                }
            };
            usernamePasswordAuthenticationFilter.setPasswordParameter(usernamePasswordAuthenticationFilterConfig.getPasswordParameterName());
            usernamePasswordAuthenticationFilter.setUsernameParameter(usernamePasswordAuthenticationFilterConfig.getUsernameParameterName());
            usernamePasswordAuthenticationFilter.setAuthenticationManager(getSecurityManager().authenticationManager());
            usernamePasswordAuthenticationFilter.setRememberMeServices(rememberMeService);
            usernamePasswordAuthenticationFilter.setAuthenticationDetailsSource(new GeoServerWebAuthenticationDetailsSource());
            usernamePasswordAuthenticationFilter.setAllowSessionCreation(false);
            SimpleUrlAuthenticationSuccessHandler simpleUrlAuthenticationSuccessHandler = new SimpleUrlAuthenticationSuccessHandler();
            simpleUrlAuthenticationSuccessHandler.setDefaultTargetUrl(URL_LOGIN_SUCCCESS);
            usernamePasswordAuthenticationFilter.setAuthenticationSuccessHandler(simpleUrlAuthenticationSuccessHandler);
            SimpleUrlAuthenticationFailureHandler simpleUrlAuthenticationFailureHandler = new SimpleUrlAuthenticationFailureHandler();
            simpleUrlAuthenticationFailureHandler.setDefaultFailureUrl(URL_LOGIN_FAILURE);
            usernamePasswordAuthenticationFilter.setAuthenticationFailureHandler(simpleUrlAuthenticationFailureHandler);
            getNestedFilters().add(usernamePasswordAuthenticationFilter);
        } catch (Exception e) {
            throw new IOException(e);
        }
    }

    @Override // org.geoserver.security.impl.AbstractGeoServerSecurityService
    public AuthenticationEntryPoint getAuthenticationEntryPoint() {
        return this.aep;
    }

    @Override // org.geoserver.security.filter.GeoServerCompositeFilter, javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        servletRequest.setAttribute(GeoServerSecurityFilter.AUTHENTICATION_ENTRY_POINT_HEADER, this.aep);
        super.doFilter(servletRequest, servletResponse, filterChain);
    }

    @Override // org.geoserver.security.filter.GeoServerAuthenticationFilter
    public boolean applicableForHtml() {
        return true;
    }

    @Override // org.geoserver.security.filter.GeoServerAuthenticationFilter
    public boolean applicableForServices() {
        return false;
    }
}
