package org.opencastproject.kernel.security;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.util.ThrowableAnalyzer;
import org.springframework.security.web.util.ThrowableCauseExtractor;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:org/opencastproject/kernel/security/AsyncTimeoutRedirectFilter.class */
public class AsyncTimeoutRedirectFilter extends GenericFilterBean {
    private static final Logger logger = LoggerFactory.getLogger(AsyncTimeoutRedirectFilter.class);
    private ThrowableAnalyzer throwableAnalyzer = new DefaultThrowableAnalyzer();
    private AuthenticationTrustResolver authenticationTrustResolver = new AuthenticationTrustResolverImpl();
    private static final int TIMEOUT_ERROR_CODE = 419;

    /* loaded from: input_file:org/opencastproject/kernel/security/AsyncTimeoutRedirectFilter$DefaultThrowableAnalyzer.class */
    private static final class DefaultThrowableAnalyzer extends ThrowableAnalyzer {
        private DefaultThrowableAnalyzer() {
        }

        protected void initExtractorMap() {
            super.initExtractorMap();
            registerExtractor(ServletException.class, new ThrowableCauseExtractor() { // from class: org.opencastproject.kernel.security.AsyncTimeoutRedirectFilter.DefaultThrowableAnalyzer.1
                public Throwable extractCause(Throwable th) {
                    ThrowableAnalyzer.verifyThrowableHierarchy(th, ServletException.class);
                    return ((ServletException) th).getRootCause();
                }
            });
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        AccessDeniedException firstThrowableOfType;
        try {
            filterChain.doFilter(servletRequest, servletResponse);
            logger.debug("Chain processed normally");
        } catch (Exception e) {
            Throwable[] determineCauseChain = this.throwableAnalyzer.determineCauseChain(e);
            if (this.throwableAnalyzer.getFirstThrowableOfType(AuthenticationException.class, determineCauseChain) != null || (firstThrowableOfType = this.throwableAnalyzer.getFirstThrowableOfType(AccessDeniedException.class, determineCauseChain)) == null) {
                throw e;
            }
            if (this.authenticationTrustResolver.isAnonymous(SecurityContextHolder.getContext().getAuthentication())) {
                logger.debug("User session expired or not logged in yet");
                if ("XMLHttpRequest".equals(((HttpServletRequest) servletRequest).getHeader("X-Requested-With"))) {
                    logger.debug("Asynchronous call detected, send {} error code", Integer.valueOf(TIMEOUT_ERROR_CODE));
                    ((HttpServletResponse) servletResponse).sendError(TIMEOUT_ERROR_CODE);
                    return;
                }
            }
            logger.debug("Redirect to login page");
            throw firstThrowableOfType;
        }
    }
}
