package org.kaizen4j.integration.spring.security.web.authentication;

import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.util.Assert;

/* loaded from: input_file:org/kaizen4j/integration/spring/security/web/authentication/VerificationCodeAuthenticationFilter.class */
public final class VerificationCodeAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    public static final String SPRING_SECURITY_FORM_USERNAME_KEY = "username";
    public static final String SPRING_SECURITY_FORM_PASSWORD_KEY = "password";
    public static final String SPRING_SECURITY_FORM_VERIFICATION_CODE_KEY = "verification_code";
    private String usernameParameter;
    private String passwordParameter;
    private String verificationCodeParameter;
    private boolean postOnly;

    public VerificationCodeAuthenticationFilter() {
        super("/j_spring_security_check");
        this.usernameParameter = SPRING_SECURITY_FORM_USERNAME_KEY;
        this.passwordParameter = SPRING_SECURITY_FORM_PASSWORD_KEY;
        this.verificationCodeParameter = SPRING_SECURITY_FORM_VERIFICATION_CODE_KEY;
        this.postOnly = true;
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
        if (this.postOnly && !httpServletRequest.getMethod().equals("POST")) {
            throw new AuthenticationServiceException("Authentication method not supported: " + httpServletRequest.getMethod());
        }
        String obtainUsername = obtainUsername(httpServletRequest);
        String obtainPassword = obtainPassword(httpServletRequest);
        String obtainVerificationCode = obtainVerificationCode(httpServletRequest);
        if (Objects.isNull(obtainUsername)) {
            obtainUsername = "";
        }
        if (Objects.isNull(obtainPassword)) {
            obtainPassword = "";
        }
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(obtainUsername.trim(), obtainPassword);
        setDetails(httpServletRequest, usernamePasswordAuthenticationToken);
        if (StringUtils.isEmpty(obtainVerificationCode) || VerificationCode.validate(httpServletRequest, obtainVerificationCode)) {
            return getAuthenticationManager().authenticate(usernamePasswordAuthenticationToken);
        }
        this.logger.info("Authentication failed: verification code does not match");
        throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad verification code"));
    }

    protected String obtainPassword(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.passwordParameter);
    }

    protected String obtainUsername(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.usernameParameter);
    }

    protected String obtainVerificationCode(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.verificationCodeParameter);
    }

    protected void setDetails(HttpServletRequest httpServletRequest, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) {
        usernamePasswordAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
    }

    public void setUsernameParameter(String str) {
        Assert.hasText(str, "Username parameter must not be empty or null");
        this.usernameParameter = str;
    }

    public void setPasswordParameter(String str) {
        Assert.hasText(str, "Password parameter must not be empty or null");
        this.passwordParameter = str;
    }

    public void setVerificationCodeParameter(String str) {
        Assert.hasText(str, "Verification code parameter must not be empty or null");
        this.verificationCodeParameter = str;
    }

    public void setPostOnly(boolean z) {
        this.postOnly = z;
    }

    public final String getUsernameParameter() {
        return this.usernameParameter;
    }

    public final String getPasswordParameter() {
        return this.passwordParameter;
    }

    public final String getVerificationCodeParameter() {
        return this.verificationCodeParameter;
    }
}
