package inc.yukawa.chain.security.jwt.token.json;

import inc.yukawa.chain.security.service.TokenExtractor;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.util.matcher.RequestMatcher;

/* loaded from: input_file:inc/yukawa/chain/security/jwt/token/json/JwtTokenAuthenticationProcessingFilter.class */
public class JwtTokenAuthenticationProcessingFilter extends AbstractAuthenticationProcessingFilter {
    private final AuthenticationFailureHandler failureHandler;
    private final TokenExtractor tokenExtractor;
    private boolean clearContext;

    @Autowired
    public JwtTokenAuthenticationProcessingFilter(AuthenticationFailureHandler authenticationFailureHandler, TokenExtractor tokenExtractor, RequestMatcher requestMatcher) {
        super(requestMatcher);
        this.clearContext = true;
        this.failureHandler = authenticationFailureHandler;
        this.tokenExtractor = tokenExtractor;
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException {
        String extract = this.tokenExtractor.extract(httpServletRequest.getHeader("Authorization"));
        if (this.logger.isTraceEnabled()) {
            this.logger.trace("attemptAuthentication with tokenPayload " + extract);
        }
        return getAuthenticationManager().authenticate(new JsonWebAuthenticationToken(extract));
    }

    protected void successfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, Authentication authentication) throws IOException, ServletException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("successfulAuthentication: " + httpServletRequest.getMethod() + " " + httpServletRequest.getRequestURI() + " -> " + authentication.getName() + " " + authentication.getAuthorities() + " " + authentication.getDetails());
        }
        SecurityContext createEmptyContext = SecurityContextHolder.createEmptyContext();
        createEmptyContext.setAuthentication(authentication);
        SecurityContextHolder.setContext(createEmptyContext);
        httpServletRequest.setAttribute("auth", authentication);
        filterChain.doFilter(httpServletRequest, httpServletResponse);
        if (this.clearContext) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("successfulAuthentication: clear context " + authentication.getName());
            }
            SecurityContextHolder.clearContext();
        }
    }

    protected void unsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("unsuccessfulAuthentication " + httpServletRequest.getMethod() + " " + httpServletRequest.getServletPath());
        }
        SecurityContextHolder.clearContext();
        this.failureHandler.onAuthenticationFailure(httpServletRequest, httpServletResponse, authenticationException);
    }

    public boolean isClearContext() {
        return this.clearContext;
    }

    public void setClearContext(boolean z) {
        this.clearContext = z;
    }
}
