package com.dtt.ora.common.security.mobile;

import com.dtt.ora.common.core.constant.SecurityConstants;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationEventPublisher;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

/* loaded from: input_file:BOOT-INF/lib/ora-common-security-3.9.0.jar:com/dtt/ora/common/security/mobile/MobileAuthenticationFilter.class */
public class MobileAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    private static final String SPRING_SECURITY_FORM_MOBILE_KEY = "mobile";
    private String mobileParameter;
    private boolean postOnly;
    private AuthenticationEventPublisher eventPublisher;
    private AuthenticationEntryPoint authenticationEntryPoint;

    public MobileAuthenticationFilter() {
        super(new AntPathRequestMatcher(SecurityConstants.MOBILE_TOKEN_URL, "POST"));
        this.mobileParameter = SPRING_SECURITY_FORM_MOBILE_KEY;
        this.postOnly = true;
    }

    @Override // org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (this.postOnly && !httpServletRequest.getMethod().equals(HttpMethod.POST.name())) {
            throw new AuthenticationServiceException("Authentication method not supported: " + httpServletRequest.getMethod());
        }
        String obtainMobile = obtainMobile(httpServletRequest);
        if (obtainMobile == null) {
            obtainMobile = "";
        }
        MobileAuthenticationToken mobileAuthenticationToken = new MobileAuthenticationToken(obtainMobile.trim());
        setDetails(httpServletRequest, mobileAuthenticationToken);
        Authentication authentication = null;
        try {
            authentication = getAuthenticationManager().authenticate(mobileAuthenticationToken);
            this.logger.debug("Authentication success: " + authentication);
            SecurityContextHolder.getContext().setAuthentication(authentication);
        } catch (Exception e) {
            SecurityContextHolder.clearContext();
            this.logger.debug("Authentication request failed: " + e);
            this.eventPublisher.publishAuthenticationFailure(new BadCredentialsException(e.getMessage(), e), new PreAuthenticatedAuthenticationToken("access-token", "N/A"));
            try {
                this.authenticationEntryPoint.commence(httpServletRequest, httpServletResponse, new UsernameNotFoundException(e.getMessage(), e));
            } catch (Exception e2) {
                this.logger.error("authenticationEntryPoint handle error:{}", e);
            }
        }
        return authentication;
    }

    private String obtainMobile(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.mobileParameter);
    }

    private void setDetails(HttpServletRequest httpServletRequest, MobileAuthenticationToken mobileAuthenticationToken) {
        mobileAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
    }

    public String getMobileParameter() {
        return this.mobileParameter;
    }

    public void setMobileParameter(String str) {
        this.mobileParameter = str;
    }

    public boolean isPostOnly() {
        return this.postOnly;
    }

    public void setPostOnly(boolean z) {
        this.postOnly = z;
    }

    public AuthenticationEventPublisher getEventPublisher() {
        return this.eventPublisher;
    }

    public void setEventPublisher(AuthenticationEventPublisher authenticationEventPublisher) {
        this.eventPublisher = authenticationEventPublisher;
    }

    public AuthenticationEntryPoint getAuthenticationEntryPoint() {
        return this.authenticationEntryPoint;
    }

    public void setAuthenticationEntryPoint(AuthenticationEntryPoint authenticationEntryPoint) {
        this.authenticationEntryPoint = authenticationEntryPoint;
    }
}
