package ru.curs.showcase.security.esia;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import ru.curs.showcase.app.api.UserInfo;
import ru.curs.showcase.app.server.AppAndSessionEventsListener;
import ru.curs.showcase.runtime.AppInfoSingleton;
import ru.curs.showcase.security.AuthFailureHandler;
import ru.curs.showcase.security.logging.Event;
import ru.curs.showcase.security.logging.SecurityLoggingCommand;
import ru.curs.showcase.util.UserAndSessionDetails;
import ru.curs.showcase.util.xml.CompositeContextOnBasisOfUserAndSessionDetails;
import ru.curs.showcase.util.xml.GeneralXMLHelper;

/* loaded from: input_file:WEB-INF/classes/ru/curs/showcase/security/esia/ESIAAuthenticationProcessingFilter.class */
public class ESIAAuthenticationProcessingFilter extends AbstractAuthenticationProcessingFilter {
    private static final Logger LOGGER = LoggerFactory.getLogger(ESIAAuthenticationProcessingFilter.class);

    protected ESIAAuthenticationProcessingFilter() {
        super("/esia");
    }

    @Override // org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        ESIAAuthenticationToken eSIAAuthenticationToken;
        boolean z;
        String parameter = httpServletRequest.getParameter("auth");
        if (parameter != null && !parameter.isEmpty()) {
            httpServletResponse.sendRedirect(ESIAManager.getAuthorizationURL());
            return null;
        }
        String parameter2 = httpServletRequest.getParameter("code");
        UserAndSessionDetails userAndSessionDetails = new UserAndSessionDetails(httpServletRequest);
        if (parameter2 != null) {
            ESIAUserInfo userInfo = ESIAManager.getUserInfo(parameter2);
            UserInfo userInfo2 = new UserInfo(userInfo.getLogin(), String.valueOf(userInfo.getOid()), userInfo.getLastName() + " " + userInfo.getFirstName() + " " + userInfo.getMiddleName(), userInfo.getEmail(), userInfo.getPhone(), (String) null);
            userInfo2.setSnils(userInfo.getSnils());
            userInfo2.setGender(userInfo.getGender());
            userInfo2.setBirthDate(userInfo.getBirthDate());
            userInfo2.setBirthPlace(userInfo.getBirthPlace());
            userInfo2.setFirstName(userInfo.getFirstName());
            userInfo2.setLastName(userInfo.getLastName());
            userInfo2.setMiddleName(userInfo.getMiddleName());
            userInfo2.setTrusted(userInfo.isTrusted());
            userAndSessionDetails.setUserInfo(userInfo2);
            eSIAAuthenticationToken = new ESIAAuthenticationToken(userInfo.getSnils());
            eSIAAuthenticationToken.setDetails(userAndSessionDetails);
            httpServletRequest.getSession(false).setAttribute(GeneralXMLHelper.USERNAME_TAG, userInfo2.getLogin());
            z = !ESIAManager.isAllowAuthenticateOnlyTrustedUser() || userInfo.isTrusted();
        } else {
            eSIAAuthenticationToken = new ESIAAuthenticationToken("notAuthenticated");
            eSIAAuthenticationToken.setDetails(userAndSessionDetails);
            if (AppInfoSingleton.getAppInfo().isEnableLogLevelError()) {
                LOGGER.error("Ошибка аутентификации через ESIA: " + httpServletRequest.getParameter("error") + ", " + httpServletRequest.getParameter("error_description"));
            }
            z = false;
        }
        AuthFailureHandler authFailureHandler = new AuthFailureHandler("ESIA");
        authFailureHandler.add("code", "notAuthenticated");
        setAuthenticationFailureHandler(authFailureHandler);
        Authentication authenticate = getAuthenticationManager().authenticate(eSIAAuthenticationToken);
        if (z) {
            httpServletRequest.getSession(false).setAttribute("newSession", httpServletRequest.getSession(false));
            httpServletRequest.getSession(false).setAttribute("esiaAuthenticated", "true");
            authenticate.setAuthenticated(true);
            AppInfoSingleton.getAppInfo().getOrInitSessionInfoObject(httpServletRequest.getSession(false).getId()).setAuthViaESIA(true);
        } else {
            httpServletRequest.getSession(false).setAttribute("esiaAuthenticated", "false");
            authenticate.setAuthenticated(false);
        }
        if (authenticate.isAuthenticated()) {
            AppAndSessionEventsListener.incrementingAuthenticatedSessions();
            new SecurityLoggingCommand(new CompositeContextOnBasisOfUserAndSessionDetails(userAndSessionDetails), httpServletRequest, httpServletRequest.getSession(), Event.TypeEvent.LOGIN).execute();
        }
        return authenticate;
    }
}
