package org.craftercms.security.impl.processors;

import org.apache.ivy.osgi.core.BundleInfo;
import org.craftercms.security.api.AuthenticationService;
import org.craftercms.security.api.RequestContext;
import org.craftercms.security.api.RequestSecurityProcessor;
import org.craftercms.security.api.RequestSecurityProcessorChain;
import org.craftercms.security.api.UserProfile;
import org.craftercms.security.authentication.AuthenticationToken;
import org.craftercms.security.authentication.AuthenticationTokenCache;
import org.craftercms.security.utils.SecurityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Required;

/* loaded from: input_file:WEB-INF/lib/crafter-security-provider-v2.4.1-RC3.jar:org/craftercms/security/impl/processors/AuthenticationTokenResolvingProcessor.class */
public class AuthenticationTokenResolvingProcessor implements RequestSecurityProcessor {
    public static final Logger logger = LoggerFactory.getLogger(AuthenticationTokenResolvingProcessor.class);
    protected AuthenticationService authenticationService;
    protected AuthenticationTokenCache authenticationTokenCache;

    @Required
    public void setAuthenticationService(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }

    @Required
    public void setAuthenticationTokenCache(AuthenticationTokenCache authenticationTokenCache) {
        this.authenticationTokenCache = authenticationTokenCache;
    }

    @Override // org.craftercms.security.api.RequestSecurityProcessor
    public void processRequest(RequestContext requestContext, RequestSecurityProcessorChain requestSecurityProcessorChain) throws Exception {
        if (requestContext.getAuthenticationToken() == null) {
            if (logger.isDebugEnabled()) {
                logger.debug("Retrieving authentication token for request '" + requestContext.getRequestUri() + "' from cache");
            }
            AuthenticationToken token = this.authenticationTokenCache.getToken(requestContext);
            if (token != null && (token.getProfile() == null || token.isProfileOutdated())) {
                if (logger.isDebugEnabled()) {
                    if (token.getProfile() == null) {
                        logger.debug("No authentication token cached for request '" + requestContext.getRequestUri() + "'");
                    }
                    if (token.isProfileOutdated()) {
                        logger.debug("Profile for user '" + token.getProfile().getUserName() + "' is outdated and needs to be refreshed");
                    }
                    logger.debug("Retrieving profile for ticket '" + token.getTicket() + "' from authentication " + BundleInfo.SERVICE_TYPE);
                }
                UserProfile profile = this.authenticationService.getProfile(token.getTicket());
                if (profile != null) {
                    token.setProfile(profile);
                    if (logger.isDebugEnabled()) {
                        logger.debug("Caching authentication token " + token);
                    }
                    this.authenticationTokenCache.saveToken(requestContext, token);
                } else {
                    if (logger.isDebugEnabled()) {
                        logger.debug("No profile found for ticket '" + token.getTicket() + "'");
                    }
                    if (token.isProfileOutdated()) {
                        if (logger.isDebugEnabled()) {
                            logger.debug("Authentication expired: removing authentication token " + token + " from cache");
                        }
                        this.authenticationTokenCache.removeToken(requestContext, token);
                    }
                    token.setTicket(null);
                    token.setProfile(SecurityUtils.getAnonymousProfile());
                }
            }
            if (token == null) {
                if (logger.isDebugEnabled()) {
                    logger.debug("No ticket found in request '" + requestContext.getRequestUri() + "'");
                }
                token = new AuthenticationToken();
                token.setProfile(SecurityUtils.getAnonymousProfile());
            }
            requestContext.setAuthenticationToken(token);
            if (logger.isDebugEnabled()) {
                logger.debug("Authentication token for current request: " + token);
            }
        }
        requestSecurityProcessorChain.processRequest(requestContext);
    }
}
