package org.springframework.security.providers.anonymous;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.Authentication;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.ui.AuthenticationDetailsSource;
import org.springframework.security.ui.FilterChainOrder;
import org.springframework.security.ui.SpringSecurityFilter;
import org.springframework.security.ui.WebAuthenticationDetailsSource;
import org.springframework.security.userdetails.memory.UserAttribute;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/spring-security-core-2.0.0.jar:org/springframework/security/providers/anonymous/AnonymousProcessingFilter.class */
public class AnonymousProcessingFilter extends SpringSecurityFilter implements InitializingBean {
    private String key;
    private UserAttribute userAttribute;
    private AuthenticationDetailsSource authenticationDetailsSource = new WebAuthenticationDetailsSource();
    private boolean removeAfterRequest = true;

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.userAttribute);
        Assert.hasLength(this.key);
    }

    protected boolean applyAnonymousForThisRequest(HttpServletRequest httpServletRequest) {
        return true;
    }

    protected Authentication createAuthentication(HttpServletRequest httpServletRequest) {
        AnonymousAuthenticationToken anonymousAuthenticationToken = new AnonymousAuthenticationToken(this.key, this.userAttribute.getPassword(), this.userAttribute.getAuthorities());
        anonymousAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
        return anonymousAuthenticationToken;
    }

    @Override // org.springframework.security.ui.SpringSecurityFilter
    protected void doFilterHttp(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        boolean z = false;
        if (applyAnonymousForThisRequest(httpServletRequest)) {
            if (SecurityContextHolder.getContext().getAuthentication() == null) {
                SecurityContextHolder.getContext().setAuthentication(createAuthentication(httpServletRequest));
                z = true;
                if (this.logger.isDebugEnabled()) {
                    this.logger.debug(new StringBuffer().append("Populated SecurityContextHolder with anonymous token: '").append(SecurityContextHolder.getContext().getAuthentication()).append("'").toString());
                }
            } else if (this.logger.isDebugEnabled()) {
                this.logger.debug(new StringBuffer().append("SecurityContextHolder not populated with anonymous token, as it already contained: '").append(SecurityContextHolder.getContext().getAuthentication()).append("'").toString());
            }
        }
        try {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            if (z && this.removeAfterRequest && createAuthentication(httpServletRequest).equals(SecurityContextHolder.getContext().getAuthentication())) {
                SecurityContextHolder.getContext().setAuthentication(null);
            }
        } catch (Throwable th) {
            if (z && this.removeAfterRequest && createAuthentication(httpServletRequest).equals(SecurityContextHolder.getContext().getAuthentication())) {
                SecurityContextHolder.getContext().setAuthentication(null);
            }
            throw th;
        }
    }

    @Override // org.springframework.security.ui.SpringSecurityFilter, org.springframework.core.Ordered
    public int getOrder() {
        return FilterChainOrder.ANONYMOUS_FILTER;
    }

    public String getKey() {
        return this.key;
    }

    public UserAttribute getUserAttribute() {
        return this.userAttribute;
    }

    public boolean isRemoveAfterRequest() {
        return this.removeAfterRequest;
    }

    public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource) {
        Assert.notNull(authenticationDetailsSource, "AuthenticationDetailsSource required");
        this.authenticationDetailsSource = authenticationDetailsSource;
    }

    public void setKey(String str) {
        this.key = str;
    }

    public void setRemoveAfterRequest(boolean z) {
        this.removeAfterRequest = z;
    }

    public void setUserAttribute(UserAttribute userAttribute) {
        this.userAttribute = userAttribute;
    }
}
