package com.evolveum.midpoint.web.security;

import com.evolveum.midpoint.gui.api.GuiConstants;
import com.evolveum.midpoint.model.api.authentication.MidpointAuthentication;
import com.evolveum.midpoint.model.api.authentication.StateOfModule;
import com.evolveum.midpoint.schema.util.SecurityPolicyUtil;
import com.evolveum.midpoint.web.security.util.SecurityUtils;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.saml.util.StringUtils;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;

/* loaded from: input_file:com/evolveum/midpoint/web/security/MidPointAuthenticationSuccessHandler.class */
public class MidPointAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
    private String defaultTargetUrl;
    private String prefix = "";
    private RequestCache requestCache;

    public MidPointAuthenticationSuccessHandler setPrefix(String str) {
        this.prefix = "/" + StringUtils.stripSlashes(str) + "/";
        return this;
    }

    public MidPointAuthenticationSuccessHandler() {
        setRequestCache(new HttpSessionRequestCache());
    }

    public void setRequestCache(RequestCache requestCache) {
        super.setRequestCache(requestCache);
        this.requestCache = requestCache;
    }

    public RequestCache getRequestCache() {
        return this.requestCache;
    }

    public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws ServletException, IOException {
        String str = GuiConstants.DEFAULT_PATH_AFTER_LOGIN;
        String str2 = null;
        if (authentication instanceof MidpointAuthentication) {
            MidpointAuthentication midpointAuthentication = (MidpointAuthentication) authentication;
            midpointAuthentication.getProcessingModuleAuthentication().setState(StateOfModule.SUCCESSFULLY);
            if (midpointAuthentication.getAuthenticationChannel() != null) {
                str2 = midpointAuthentication.getAuthenticationChannel().getChannelId();
                if (midpointAuthentication.isAuthenticated()) {
                    str = midpointAuthentication.getAuthenticationChannel().getPathAfterSuccessfulAuthentication();
                    midpointAuthentication.getAuthenticationChannel().postSuccessAuthenticationProcessing();
                    if (midpointAuthentication.getAuthenticationChannel().isPostAuthenticationEnabled()) {
                        getRedirectStrategy().sendRedirect(httpServletRequest, httpServletResponse, str);
                        return;
                    }
                } else {
                    str = midpointAuthentication.getAuthenticationChannel().getPathDuringProccessing();
                }
            }
        }
        SavedRequest request = this.requestCache.getRequest(httpServletRequest, httpServletResponse);
        if (request != null && request.getRedirectUrl().contains("/auth/")) {
            getRedirectStrategy().sendRedirect(httpServletRequest, httpServletResponse, request.getRedirectUrl().substring(0, request.getRedirectUrl().indexOf("/auth/")) + str);
            return;
        }
        if (request == null || str2 == null) {
            setDefaultTargetUrl(str);
        } else {
            int indexOf = request.getRedirectUrl().indexOf(httpServletRequest.getContextPath()) + httpServletRequest.getContextPath().length();
            int length = request.getRedirectUrl().length() - 1;
            String str3 = null;
            if (indexOf < length) {
                str3 = SecurityUtils.searchChannelByPath(request.getRedirectUrl().substring(indexOf, length));
            }
            if (str3 == null) {
                str3 = SecurityPolicyUtil.DEFAULT_CHANNEL;
            }
            if (!str3.equals(str2)) {
                getRedirectStrategy().sendRedirect(httpServletRequest, httpServletResponse, str);
                return;
            }
        }
        super.onAuthenticationSuccess(httpServletRequest, httpServletResponse, authentication);
    }

    protected String getTargetUrlParameter() {
        return this.defaultTargetUrl;
    }

    public void setDefaultTargetUrl(String str) {
        this.defaultTargetUrl = str;
    }

    protected String determineTargetUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return org.apache.commons.lang3.StringUtils.isEmpty(this.defaultTargetUrl) ? super.determineTargetUrl(httpServletRequest, httpServletResponse) : this.defaultTargetUrl;
    }
}
