package org.springframework.security.oauth.provider.filter;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth.provider.ConsumerAuthentication;
import org.springframework.security.oauth.provider.DefaultAuthenticationHandler;
import org.springframework.security.oauth.provider.ExtraTrustConsumerDetails;
import org.springframework.security.oauth.provider.InvalidOAuthParametersException;
import org.springframework.security.oauth.provider.OAuthAuthenticationHandler;
import org.springframework.security.oauth.provider.token.OAuthAccessProviderToken;
import org.springframework.security.oauth.provider.token.OAuthProviderToken;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/springframework/security/oauth/provider/filter/ProtectedResourceProcessingFilter.class */
public class ProtectedResourceProcessingFilter extends OAuthProviderProcessingFilter {
    private boolean allowAllMethods = true;
    private OAuthAuthenticationHandler authHandler = new DefaultAuthenticationHandler();

    public ProtectedResourceProcessingFilter() {
        setIgnoreMissingCredentials(true);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.springframework.security.oauth.provider.filter.OAuthProviderProcessingFilter
    public boolean allowMethod(String str) {
        return this.allowAllMethods || super.allowMethod(str);
    }

    @Override // org.springframework.security.oauth.provider.filter.OAuthProviderProcessingFilter
    protected void onValidSignature(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        ConsumerAuthentication authentication = SecurityContextHolder.getContext().getAuthentication();
        String token = authentication.getConsumerCredentials().getToken();
        OAuthAccessProviderToken oAuthAccessProviderToken = null;
        if (StringUtils.hasText(token)) {
            OAuthProviderToken token2 = getTokenServices().getToken(token);
            if (token2 == null) {
                throw new AccessDeniedException("Invalid access token.");
            }
            if (!token2.isAccessToken()) {
                throw new AccessDeniedException("Token should be an access token.");
            }
            if (token2 instanceof OAuthAccessProviderToken) {
                oAuthAccessProviderToken = (OAuthAccessProviderToken) token2;
            }
        } else if (!(authentication.getConsumerDetails() instanceof ExtraTrustConsumerDetails) || ((ExtraTrustConsumerDetails) authentication.getConsumerDetails()).isRequiredToObtainAuthenticatedToken()) {
            throw new InvalidOAuthParametersException(this.messages.getMessage("ProtectedResourceProcessingFilter.missingToken", "Missing auth token."));
        }
        SecurityContextHolder.getContext().setAuthentication(this.authHandler.createAuthentication(httpServletRequest, authentication, oAuthAccessProviderToken));
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    @Override // org.springframework.security.oauth.provider.filter.OAuthProviderProcessingFilter
    protected boolean requiresAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) {
        return true;
    }

    @Override // org.springframework.security.oauth.provider.filter.OAuthProviderProcessingFilter
    public void setFilterProcessesUrl(String str) {
        throw new UnsupportedOperationException("The OAuth protected resource processing filter doesn't support a filter processes URL.");
    }

    public boolean isAllowAllMethods() {
        return this.allowAllMethods;
    }

    public void setAllowAllMethods(boolean z) {
        this.allowAllMethods = z;
    }

    public OAuthAuthenticationHandler getAuthHandler() {
        return this.authHandler;
    }

    public void setAuthHandler(OAuthAuthenticationHandler oAuthAuthenticationHandler) {
        this.authHandler = oAuthAuthenticationHandler;
    }
}
