package org.egov.infra.config.security.authentication.filter;

import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import org.egov.infra.config.security.authentication.userdetail.CurrentUser;
import org.egov.infra.exception.ApplicationRuntimeException;
import org.egov.infra.security.utils.SecurityConstants;
import org.egov.infra.utils.ApplicationConstant;
import org.jsoup.Jsoup;
import org.jsoup.safety.Whitelist;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/* loaded from: input_file:org/egov/infra/config/security/authentication/filter/ApplicationAuthenticationFilter.class */
public class ApplicationAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
    private static final Logger LOG = Logger.getLogger(ApplicationAuthenticationFilter.class);
    private List<String> credentialFields = new ArrayList();

    public void setCredentialFields(List<String> list) {
        this.credentialFields = list;
    }

    protected void setDetails(HttpServletRequest httpServletRequest, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) {
        usernamePasswordAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
    }

    protected void successfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, Authentication authentication) {
        try {
            String parameter = httpServletRequest.getParameter(SecurityConstants.LOCATION_FIELD);
            HttpSession session = httpServletRequest.getSession();
            if (!Jsoup.isValid(parameter, Whitelist.basic())) {
                throw new ApplicationRuntimeException("Invalid location");
            }
            if (StringUtils.isNotBlank(parameter)) {
                session.setAttribute(SecurityConstants.LOCATION_FIELD, parameter);
            }
            if (authentication != null) {
                CurrentUser currentUser = (CurrentUser) authentication.getPrincipal();
                session.setAttribute(ApplicationConstant.USERID_KEY, currentUser.getUserId());
                session.setAttribute(ApplicationConstant.USERNAME_KEY, currentUser.getUsername());
            }
            super.successfulAuthentication(httpServletRequest, httpServletResponse, filterChain, authentication);
        } catch (IOException | ServletException | RuntimeException e) {
            LOG.error("Eror occurred while on login authentication", e);
        }
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HashMap hashMap = new HashMap();
        for (String str : this.credentialFields) {
            hashMap.put(str, org.egov.infra.utils.StringUtils.emptyIfNull(httpServletRequest.getParameter(str)));
        }
        String parameter = httpServletRequest.getParameter(SecurityConstants.USERNAME_FIELD);
        if (!Jsoup.isValid(parameter, Whitelist.basic())) {
            throw new ApplicationRuntimeException("Invalid username");
        }
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(parameter, hashMap);
        httpServletRequest.getSession().setAttribute(SecurityConstants.USERNAME_FIELD, parameter);
        setDetails(httpServletRequest, usernamePasswordAuthenticationToken);
        return getAuthenticationManager().authenticate(usernamePasswordAuthenticationToken);
    }
}
