package org.zkoss.spring.security.ui;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.GenericFilterBean;
import org.zkoss.spring.security.ui.webapp.ZkAuthenticationEntryPoint;

/* loaded from: input_file:org/zkoss/spring/security/ui/ZkLoginOKFilter.class */
public class ZkLoginOKFilter extends GenericFilterBean {
    private AuthenticationTrustResolver _authResolver = new AuthenticationTrustResolverImpl();
    private String _defaultTargetUrl = "/";
    private String _authenticationFailureUrl;

    protected void doFilterHttp(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
    }

    private String getFullPath(HttpServletRequest httpServletRequest) {
        StringBuffer stringBuffer = new StringBuffer(httpServletRequest.getRequestURI());
        if (stringBuffer != null && stringBuffer.indexOf("zkau") != -1) {
            stringBuffer.delete(stringBuffer.indexOf("zkau"), stringBuffer.indexOf("zkau") + 4);
        }
        String queryString = httpServletRequest.getQueryString();
        return (queryString != null ? stringBuffer.append('?').append(queryString) : stringBuffer).toString();
    }

    public void setDefaultTargetUrl(String str) {
        this._defaultTargetUrl = str;
    }

    public void setAuthenticationFailureUrl(String str) {
        this._authenticationFailureUrl = str;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String str;
        HttpSession session = ((HttpServletRequest) servletRequest).getSession(false);
        if (session == null) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String str2 = (String) session.getAttribute(ZkAuthenticationEntryPoint.LOGIN_OK_URL);
        if (str2 != null) {
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            String fullPath = getFullPath((HttpServletRequest) servletRequest);
            String contextPath = ((HttpServletRequest) servletRequest).getContextPath();
            if (authentication != null && authentication.isAuthenticated() && !this._authResolver.isAnonymous(authentication)) {
                session.removeAttribute(ZkAuthenticationEntryPoint.LOGIN_OK_URL);
                if ((contextPath + this._defaultTargetUrl).equals(fullPath)) {
                    String str3 = (String) session.getAttribute(ZkAuthenticationEntryPoint.LOGIN_OK_TEMPLATE);
                    if (str3 == null) {
                        str3 = ZkAuthenticationEntryPoint.LOGIN_OK_TEMPLATE;
                    }
                    StringBuffer stringBuffer = new StringBuffer(128);
                    stringBuffer.append("?loginOKUrl=" + str2);
                    stringBuffer.append("&loginOKDelay=").append(session.getAttribute(ZkAuthenticationEntryPoint.LOGIN_OK_DELAY));
                    if (session.getAttribute(ZkAuthenticationEntryPoint.FORCE_HTTPS) != null) {
                        stringBuffer.append("&savedUrl=").append(session.getAttribute(ZkAuthenticationEntryPoint.SAVED_URL));
                        stringBuffer.append("&desktop=").append(session.getAttribute(ZkAuthenticationEntryPoint.SAVED_DESKTOP));
                        stringBuffer.append("&loginWin=").append(session.getAttribute(ZkAuthenticationEntryPoint.LOGIN_WIN));
                    }
                    ((HttpServletRequest) servletRequest).getRequestDispatcher(str3 + ((Object) stringBuffer)).forward(servletRequest, servletResponse);
                    return;
                }
            } else if ((contextPath + this._authenticationFailureUrl).equals(fullPath) && (str = (String) session.getAttribute(ZkAuthenticationEntryPoint.LOGIN_FAIL_URL)) != null) {
                ((HttpServletRequest) servletRequest).getRequestDispatcher(str).forward(servletRequest, servletResponse);
                return;
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }
}
