package org.springframework.security.ui;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationTrustResolver;
import org.springframework.security.AuthenticationTrustResolverImpl;
import org.springframework.security.concurrent.SessionRegistry;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.util.SessionUtils;

/* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0.0-RC1.jar:org/springframework/security/ui/SessionFixationProtectionFilter.class */
public class SessionFixationProtectionFilter extends SpringSecurityFilter {
    static final String FILTER_APPLIED = "__spring_security_session_fixation_filter_applied";
    private SessionRegistry sessionRegistry;
    private boolean migrateSessionAttributes = true;
    private AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl();

    /* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0.0-RC1.jar:org/springframework/security/ui/SessionFixationProtectionFilter$SessionFixationProtectionResponseWrapper.class */
    class SessionFixationProtectionResponseWrapper extends HttpServletResponseWrapper {
        private HttpServletRequest request;
        private boolean newSessionStarted;
        private final SessionFixationProtectionFilter this$0;

        SessionFixationProtectionResponseWrapper(SessionFixationProtectionFilter sessionFixationProtectionFilter, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
            super(httpServletResponse);
            this.this$0 = sessionFixationProtectionFilter;
            this.request = httpServletRequest;
        }

        public void sendError(int i) throws IOException {
            startNewSession();
            super.sendError(i);
        }

        public void sendError(int i, String str) throws IOException {
            startNewSession();
            super.sendError(i, str);
        }

        public void sendRedirect(String str) throws IOException {
            startNewSession();
            super.sendRedirect(str);
        }

        private void startNewSession() {
            if (this.newSessionStarted) {
                return;
            }
            this.this$0.startNewSessionIfRequired(this.request);
            this.newSessionStarted = true;
        }

        boolean isNewSessionStarted() {
            return this.newSessionStarted;
        }
    }

    @Override // org.springframework.security.ui.SpringSecurityFilter
    protected void doFilterHttp(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (httpServletRequest.getSession(false) == null || httpServletRequest.getAttribute(FILTER_APPLIED) != null) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        httpServletRequest.setAttribute(FILTER_APPLIED, Boolean.TRUE);
        if (isAuthenticated()) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        SessionFixationProtectionResponseWrapper sessionFixationProtectionResponseWrapper = new SessionFixationProtectionResponseWrapper(this, httpServletResponse, httpServletRequest);
        try {
            filterChain.doFilter(httpServletRequest, sessionFixationProtectionResponseWrapper);
            if (sessionFixationProtectionResponseWrapper.isNewSessionStarted()) {
                return;
            }
            startNewSessionIfRequired(httpServletRequest);
        } catch (Throwable th) {
            if (!sessionFixationProtectionResponseWrapper.isNewSessionStarted()) {
                startNewSessionIfRequired(httpServletRequest);
            }
            throw th;
        }
    }

    private boolean isAuthenticated() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return (authentication == null || this.authenticationTrustResolver.isAnonymous(authentication)) ? false : true;
    }

    public void setMigrateSessionAttributes(boolean z) {
        this.migrateSessionAttributes = z;
    }

    public void setSessionRegistry(SessionRegistry sessionRegistry) {
        this.sessionRegistry = sessionRegistry;
    }

    @Override // org.springframework.security.ui.SpringSecurityFilter, org.springframework.core.Ordered
    public int getOrder() {
        return FilterChainOrder.SESSION_FIXATION_FILTER;
    }

    protected void startNewSessionIfRequired(HttpServletRequest httpServletRequest) {
        if (isAuthenticated()) {
            SessionUtils.startNewSessionIfRequired(httpServletRequest, this.migrateSessionAttributes, this.sessionRegistry);
        }
    }
}
