package cn.home1.oss.lib.security.internal.template;

import cn.home1.oss.lib.common.CodecUtils;
import cn.home1.oss.lib.errorhandle.api.ExceptionResolver;
import cn.home1.oss.lib.errorhandle.api.ResolvedError;
import cn.home1.oss.lib.webmvc.api.TypeSafeCookie;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.util.UrlUtils;
import org.springframework.util.Assert;

/* loaded from: input_file:cn/home1/oss/lib/security/internal/template/TemplateAuthenticationFailureHandler.class */
public class TemplateAuthenticationFailureHandler implements AuthenticationFailureHandler {
    private static final Logger log = LoggerFactory.getLogger(TemplateAuthenticationFailureHandler.class);
    private String defaultFailureUrl;
    private boolean forwardToDestination = false;
    private boolean allowSessionCreation = true;
    private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
    private ExceptionResolver<Throwable> exceptionResolver;
    private TypeSafeCookie<ResolvedError> resolvedErrorCookie;

    public TemplateAuthenticationFailureHandler(String str, ExceptionResolver<Throwable> exceptionResolver, TypeSafeCookie<ResolvedError> typeSafeCookie) {
        setDefaultFailureUrl(str);
        this.exceptionResolver = exceptionResolver;
        this.resolvedErrorCookie = typeSafeCookie;
    }

    public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        ResolvedError resolve = this.exceptionResolver.resolve(httpServletRequest, authenticationException);
        if (this.resolvedErrorCookie != null) {
            this.resolvedErrorCookie.setCookie(httpServletRequest, httpServletResponse, resolve.eraseTraces());
        }
        if (this.defaultFailureUrl == null) {
            log.debug("No failure URL set, sending 401 Unauthorized error");
            httpServletResponse.sendError(401, "Authentication Failed: " + authenticationException.getMessage());
            return;
        }
        saveException(httpServletRequest, authenticationException);
        if (this.forwardToDestination) {
            log.debug("Forwarding to " + this.defaultFailureUrl);
            httpServletRequest.getRequestDispatcher(this.defaultFailureUrl).forward(httpServletRequest, httpServletResponse);
        } else {
            String str = this.defaultFailureUrl + "?error=" + CodecUtils.urlEncode(resolve.getLocalizedMessage());
            log.debug("Redirecting to " + str);
            this.redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, str);
        }
    }

    protected final void saveException(HttpServletRequest httpServletRequest, AuthenticationException authenticationException) {
        if (this.forwardToDestination) {
            httpServletRequest.setAttribute("SPRING_SECURITY_LAST_EXCEPTION", authenticationException);
        } else if (httpServletRequest.getSession(false) != null || this.allowSessionCreation) {
            httpServletRequest.getSession().setAttribute("SPRING_SECURITY_LAST_EXCEPTION", authenticationException);
        }
    }

    public void setDefaultFailureUrl(String str) {
        Assert.isTrue(UrlUtils.isValidRedirectUrl(str), "'" + str + "' is not a valid redirect URL");
        this.defaultFailureUrl = str;
    }

    protected boolean isUseForward() {
        return this.forwardToDestination;
    }

    public void setUseForward(boolean z) {
        this.forwardToDestination = z;
    }

    public void setRedirectStrategy(RedirectStrategy redirectStrategy) {
        this.redirectStrategy = redirectStrategy;
    }

    protected RedirectStrategy getRedirectStrategy() {
        return this.redirectStrategy;
    }

    protected boolean isAllowSessionCreation() {
        return this.allowSessionCreation;
    }

    public void setAllowSessionCreation(boolean z) {
        this.allowSessionCreation = z;
    }

    public static TemplateAuthenticationFailureHandler templateFailureHandler(String str, ExceptionResolver<Throwable> exceptionResolver, TypeSafeCookie<ResolvedError> typeSafeCookie) {
        TemplateAuthenticationFailureHandler templateAuthenticationFailureHandler = new TemplateAuthenticationFailureHandler(str, exceptionResolver, typeSafeCookie);
        templateAuthenticationFailureHandler.setUseForward(false);
        templateAuthenticationFailureHandler.setRedirectStrategy(new SmartRedirectStrategy());
        return templateAuthenticationFailureHandler;
    }
}
