package org.craftercms.security.authentication.impl;

import java.io.IOException;
import javax.servlet.http.HttpSession;
import org.codehaus.jackson.map.ObjectMapper;
import org.craftercms.security.api.RequestContext;
import org.craftercms.security.api.SecurityConstants;
import org.craftercms.security.api.UserProfile;
import org.craftercms.security.authentication.AuthenticationToken;
import org.craftercms.security.authentication.AuthenticationTokenCache;
import org.craftercms.security.authentication.BaseHandler;
import org.craftercms.security.authentication.LoginSuccessHandler;
import org.craftercms.security.exception.CrafterSecurityException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Required;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;

/* loaded from: input_file:WEB-INF/lib/crafter-security-provider-2.3.1.jar:org/craftercms/security/authentication/impl/LoginSuccessHandlerImpl.class */
public class LoginSuccessHandlerImpl extends BaseHandler implements LoginSuccessHandler {
    private static final Logger logger = LoggerFactory.getLogger(LoginSuccessHandlerImpl.class);
    protected AuthenticationTokenCache authenticationTokenCache;
    protected RequestCache requestCache = new HttpSessionRequestCache();
    protected String defaultTargetUrl;

    @Required
    public void setAuthenticationTokenCache(AuthenticationTokenCache authenticationTokenCache) {
        this.authenticationTokenCache = authenticationTokenCache;
    }

    public void setRequestCache(RequestCache requestCache) {
        this.requestCache = requestCache;
    }

    @Required
    public void setDefaultTargetUrl(String str) {
        this.defaultTargetUrl = str;
    }

    @Override // org.craftercms.security.authentication.LoginSuccessHandler
    public void onLoginSuccess(String str, UserProfile userProfile, RequestContext requestContext) throws CrafterSecurityException, IOException {
        AuthenticationToken authenticationToken = new AuthenticationToken();
        authenticationToken.setTicket(str);
        authenticationToken.setProfile(userProfile);
        requestContext.setAuthenticationToken(authenticationToken);
        clearException(requestContext);
        cacheAuthenticationToken(authenticationToken, requestContext);
        if (this.isRedirectRequired) {
            redirectToSavedUrl(requestContext);
        } else {
            sendResponseLogin(requestContext, userProfile);
        }
    }

    private void sendResponseLogin(RequestContext requestContext, UserProfile userProfile) {
        try {
            requestContext.getResponse().setContentType("application/json");
            requestContext.getResponse().setStatus(200);
            requestContext.getResponse().getWriter().write(new ObjectMapper().writeValueAsString(userProfile));
        } catch (IOException e) {
            logger.error(e.getMessage());
            requestContext.getResponse().setStatus(200, "Unable to include profile data");
        }
    }

    protected void clearException(RequestContext requestContext) {
        if (logger.isDebugEnabled()) {
            logger.debug("Removing any authentication exceptions from session, not needed anymore");
        }
        HttpSession session = requestContext.getRequest().getSession();
        session.removeAttribute(SecurityConstants.AUTHENTICATION_SYSTEM_EXCEPTION_ATTRIBUTE);
        session.removeAttribute(SecurityConstants.USER_AUTHENTICATION_EXCEPTION_ATTRIBUTE);
    }

    protected void cacheAuthenticationToken(AuthenticationToken authenticationToken, RequestContext requestContext) {
        if (logger.isDebugEnabled()) {
            logger.debug("Caching authentication token " + authenticationToken);
        }
        this.authenticationTokenCache.saveToken(requestContext, authenticationToken);
    }

    protected void redirectToSavedUrl(RequestContext requestContext) throws IOException {
        SavedRequest request = this.requestCache.getRequest(requestContext.getRequest(), requestContext.getResponse());
        if (request == null) {
            redirectToDefaultTargetUrl(requestContext);
            return;
        }
        String redirectUrl = request.getRedirectUrl();
        if (logger.isDebugEnabled()) {
            logger.debug("Redirecting to saved URL before login: " + redirectUrl);
        }
        requestContext.getResponse().sendRedirect(redirectUrl);
    }

    protected void redirectToDefaultTargetUrl(RequestContext requestContext) throws IOException {
        String str = requestContext.getRequest().getContextPath() + this.defaultTargetUrl;
        if (logger.isDebugEnabled()) {
            logger.debug("Redirecting to URL: " + str);
        }
        requestContext.getResponse().sendRedirect(str);
    }
}
