package cn.herodotus.engine.oauth2.authentication.configurer;

import cn.herodotus.engine.oauth2.authentication.provider.OAuth2FormLoginAuthenticationToken;
import cn.herodotus.engine.oauth2.core.utils.SymmetricUtils;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/* loaded from: input_file:cn/herodotus/engine/oauth2/authentication/configurer/OAuth2FormLoginAuthenticationFilter.class */
public class OAuth2FormLoginAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
    private static final Logger log = LoggerFactory.getLogger(OAuth2FormLoginAuthenticationFilter.class);
    private boolean postOnly;

    public OAuth2FormLoginAuthenticationFilter() {
        this.postOnly = true;
    }

    public OAuth2FormLoginAuthenticationFilter(AuthenticationManager authenticationManager) {
        super(authenticationManager);
        this.postOnly = true;
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
        if (this.postOnly && !httpServletRequest.getMethod().equals("POST")) {
            throw new AuthenticationServiceException("Authentication method not supported: " + httpServletRequest.getMethod());
        }
        OAuth2FormLoginAuthenticationToken authenticationToken = getAuthenticationToken(httpServletRequest);
        setDetails(httpServletRequest, authenticationToken);
        return getAuthenticationManager().authenticate(authenticationToken);
    }

    private OAuth2FormLoginAuthenticationToken getAuthenticationToken(HttpServletRequest httpServletRequest) {
        String obtainUsername = obtainUsername(httpServletRequest);
        String obtainPassword = obtainPassword(httpServletRequest);
        String parameter = httpServletRequest.getParameter("symmetric");
        if (StringUtils.isBlank(obtainUsername)) {
            obtainUsername = "";
        }
        if (StringUtils.isBlank(obtainPassword)) {
            obtainPassword = "";
        }
        if (StringUtils.isNotBlank(parameter) && StringUtils.isNotBlank(obtainUsername) && StringUtils.isNotBlank(obtainPassword)) {
            byte[] decryptedSymmetricKey = SymmetricUtils.getDecryptedSymmetricKey(parameter);
            obtainUsername = SymmetricUtils.decrypt(obtainUsername, decryptedSymmetricKey);
            obtainPassword = SymmetricUtils.decrypt(obtainPassword, decryptedSymmetricKey);
            log.debug("[Herodotus] |- Decrypt Username is : [{}], Password is : [{}]", obtainUsername, obtainPassword);
        }
        return new OAuth2FormLoginAuthenticationToken(obtainUsername, obtainPassword);
    }

    public void setPostOnly(boolean z) {
        super.setPostOnly(z);
        this.postOnly = z;
    }

    protected void unsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        SecurityContextHolder.clearContext();
        getRememberMeServices().loginFail(httpServletRequest, httpServletResponse);
        getFailureHandler().onAuthenticationFailure(httpServletRequest, httpServletResponse, authenticationException);
    }
}
