package org.craftercms.security.authentication.impl;

import java.io.IOException;
import org.apache.commons.lang3.StringUtils;
import org.craftercms.commons.http.RequestContext;
import org.craftercms.security.authentication.AuthenticationRequiredHandler;
import org.craftercms.security.exception.AuthenticationException;
import org.craftercms.security.exception.SecurityProviderException;
import org.craftercms.security.utils.RedirectUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;

/* loaded from: input_file:WEB-INF/lib/crafter-security-provider-2.5.0.1.e.jar:org/craftercms/security/authentication/impl/AuthenticationRequiredHandlerImpl.class */
public class AuthenticationRequiredHandlerImpl implements AuthenticationRequiredHandler {
    private static final Logger logger = LoggerFactory.getLogger(AuthenticationRequiredHandlerImpl.class);
    protected String loginFormUrl;
    protected RequestCache requestCache = new HttpSessionRequestCache();

    public void setLoginFormUrl(String str) {
        this.loginFormUrl = str;
    }

    protected String getLoginFormUrl() {
        return this.loginFormUrl;
    }

    public void setRequestCache(RequestCache requestCache) {
        this.requestCache = requestCache;
    }

    @Override // org.craftercms.security.authentication.AuthenticationRequiredHandler
    public void handle(RequestContext requestContext, AuthenticationException authenticationException) throws SecurityProviderException, IOException {
        saveRequest(requestContext);
        String loginFormUrl = getLoginFormUrl();
        if (StringUtils.isNotEmpty(loginFormUrl)) {
            RedirectUtils.redirect(requestContext.getRequest(), requestContext.getResponse(), loginFormUrl);
        } else {
            sendError(authenticationException, requestContext);
        }
    }

    protected void saveRequest(RequestContext requestContext) {
        logger.debug("Saving current request for use after login");
        this.requestCache.saveRequest(requestContext.getRequest(), requestContext.getResponse());
    }

    protected void sendError(AuthenticationException authenticationException, RequestContext requestContext) throws IOException {
        logger.debug("Sending 401 UNAUTHORIZED error");
        requestContext.getResponse().sendError(401, authenticationException.getMessage());
    }
}
