package com.gentics.contentnode.activiti.authentication;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:WEB-INF/lib/contentnode-activiti-integration-5.39.12.jar:com/gentics/contentnode/activiti/authentication/SsoTokenAuthenticationFilter.class */
public class SsoTokenAuthenticationFilter extends GenericFilterBean {
    public static final String SESSION_SECRET_COOKIE = "GCN_SESSION_SECRET";
    public static final String SID_PARAM_NAME = "sid";
    protected AuthenticationManager authenticationManager;

    public SsoTokenAuthenticationFilter(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            httpServletResponse.sendError(401, "No cookies found");
            return;
        }
        String str = null;
        String parameter = httpServletRequest.getParameter(SID_PARAM_NAME);
        int length = cookies.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            Cookie cookie = cookies[i];
            if (SESSION_SECRET_COOKIE.equals(cookie.getName())) {
                str = cookie.getValue();
                break;
            }
            i++;
        }
        if (str == null || parameter == null) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        try {
            GcnSessionSecretCredentials gcnSessionSecretCredentials = new GcnSessionSecretCredentials(parameter, str);
            if (authenticationIsRequired(gcnSessionSecretCredentials)) {
                SecurityContextHolder.getContext().setAuthentication(this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(parameter, gcnSessionSecretCredentials)));
            }
            filterChain.doFilter(servletRequest, servletResponse);
        } catch (AuthenticationException e) {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    private boolean authenticationIsRequired(GcnSessionSecretCredentials gcnSessionSecretCredentials) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || !authentication.isAuthenticated()) {
            return true;
        }
        return (authentication instanceof UsernamePasswordAuthenticationToken) && !authentication.getCredentials().equals(gcnSessionSecretCredentials);
    }
}
