package com.evolveum.midpoint.authentication.impl.filter;

import com.evolveum.midpoint.authentication.api.config.MidpointAuthentication;
import com.evolveum.midpoint.authentication.api.util.AuthUtil;
import com.evolveum.midpoint.authentication.impl.filter.RemoteModuleAuthorizationFilter;
import com.evolveum.midpoint.model.api.ModelAuditRecorder;
import com.evolveum.midpoint.schema.constants.SchemaConstants;
import com.evolveum.midpoint.security.api.ConnectionEnvironment;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.util.Assert;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:BOOT-INF/lib/authentication-impl-4.10-SNAPSHOT.jar:com/evolveum/midpoint/authentication/impl/filter/RemoteModuleAuthorizationFilter.class */
public abstract class RemoteModuleAuthorizationFilter<T extends RemoteModuleAuthorizationFilter<T>> extends OncePerRequestFilter {
    private final ModelAuditRecorder auditProvider;
    private AuthenticationFailureHandler failureHandler;
    private final SecurityContextRepository securityContextRepository;
    private RequestCache requestCache = new HttpSessionRequestCache();
    private final RedirectStrategy authorizationRedirectStrategy = new DefaultRedirectStrategy();

    /* JADX INFO: Access modifiers changed from: protected */
    public RemoteModuleAuthorizationFilter(ModelAuditRecorder modelAuditRecorder, SecurityContextRepository securityContextRepository) {
        this.auditProvider = modelAuditRecorder;
        this.securityContextRepository = securityContextRepository;
    }

    protected final ModelAuditRecorder getAuditProvider() {
        return this.auditProvider;
    }

    protected final AuthenticationFailureHandler getAuthenticationFailureHandler() {
        return this.failureHandler;
    }

    public final T setAuthenticationFailureHandler(AuthenticationFailureHandler authenticationFailureHandler) {
        Assert.notNull(authenticationFailureHandler, "failureHandler cannot be null");
        this.failureHandler = authenticationFailureHandler;
        return this;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final RequestCache getRequestCache() {
        return this.requestCache;
    }

    public final T setRequestCache(RequestCache requestCache) {
        Assert.notNull(requestCache, "requestCache cannot be null");
        this.requestCache = requestCache;
        return this;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final SecurityContextRepository getSecurityContextRepository() {
        return this.securityContextRepository;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final void unsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        MidpointAuthentication midpointAuthentication = AuthUtil.getMidpointAuthentication();
        this.auditProvider.auditLoginFailure("unknown user", null, ConnectionEnvironment.create(midpointAuthentication.getAuthenticationChannel() != null ? midpointAuthentication.getAuthenticationChannel().getChannelId() : SchemaConstants.CHANNEL_USER_URI), getAuthenticationType() + " authentication module: " + authenticationException.getMessage());
        this.failureHandler.onAuthenticationFailure(httpServletRequest, httpServletResponse, authenticationException);
    }

    protected abstract String getAuthenticationType();

    /* JADX INFO: Access modifiers changed from: protected */
    public final RedirectStrategy getAuthorizationRedirectStrategy() {
        return this.authorizationRedirectStrategy;
    }
}
