package org.n52.security.service.web.authn;

import java.util.Iterator;
import org.n52.security.authentication.AuthenticationContext;
import org.n52.security.authentication.AuthenticationException;
import org.n52.security.authentication.AuthenticationService;
import org.n52.security.authentication.AuthenticationTerminationException;
import org.n52.security.service.authentication.servlet.AuthenticationProcessorFactory;
import org.n52.security.service.authentication.servlet.ServletRequestResponseContext;
import org.n52.security.service.web.WebContext;
import org.n52.security.service.web.WebSecurityProcessingContext;
import org.n52.security.service.web.WebSecurityProcessor;
import org.n52.security.service.web.WebSecurityProcessorChain;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/n52/security/service/web/authn/AuthenticationWebSecurityProcessor.class */
public class AuthenticationWebSecurityProcessor implements WebSecurityProcessor {
    private static final Logger LOG = LoggerFactory.getLogger(AuthenticationWebSecurityProcessor.class);
    private Iterable<AuthenticationProcessorFactory> m_logonProcessors;
    private AuthenticationService m_authenticationService;

    @Override // org.n52.security.service.web.WebSecurityProcessor
    public void processSecure(WebSecurityProcessingContext webSecurityProcessingContext, WebContext webContext, WebSecurityProcessorChain webSecurityProcessorChain) {
        LOG.info("[AUTHENTICATION_STARTED]@" + webContext.getRequestLocation());
        AuthenticationContext authenticationContext = null;
        ServletRequestResponseContext servletRequestResponseContext = new ServletRequestResponseContext(webContext.getRequest(), webContext.getResponse());
        try {
            authenticationContext = logon(servletRequestResponseContext);
        } catch (AuthenticationTerminationException e) {
            LOG.info("Authentication process terminated by authentication processor: " + e.getMessage());
        } catch (Exception e2) {
            LOG.error("Login failed. Proceeding with anonymous context.", e2);
        } catch (AuthenticationException e3) {
            if (LOG.isTraceEnabled()) {
                LOG.trace("Login failed with message <" + e3.getMessage() + ">. Proceeding with anonymous context.", e3);
            } else {
                LOG.info("Login failed with message <" + e3.getMessage() + ">. Proceeding with anonymous context.");
            }
        }
        if (authenticationContext == null) {
            authenticationContext = createAnonymousAuthenticationContext();
        }
        if (servletRequestResponseContext.getResponse().isCommitted()) {
            return;
        }
        webSecurityProcessingContext.setAuthenticationContext(authenticationContext);
        WebContext decorate = webContext.decorate(servletRequestResponseContext.getRequest(), servletRequestResponseContext.getResponse());
        LOG.info("[AUTHENTICATION_FINISHED]@" + decorate.getRequestLocation());
        webSecurityProcessorChain.performAccessControl(decorate);
    }

    private AuthenticationContext createAnonymousAuthenticationContext() {
        return this.m_authenticationService.createAuthenticationContext();
    }

    private AuthenticationContext logon(ServletRequestResponseContext servletRequestResponseContext) {
        Iterator<AuthenticationProcessorFactory> it = this.m_logonProcessors.iterator();
        while (it.hasNext()) {
            AuthenticationContext authenticate = it.next().getProcessor().authenticate(servletRequestResponseContext, this.m_authenticationService);
            if (authenticate != null && authenticate.isAuthenticated()) {
                return authenticate;
            }
        }
        return createAnonymousAuthenticationContext();
    }

    public Iterable<AuthenticationProcessorFactory> getLogonProcessors() {
        return this.m_logonProcessors;
    }

    public void setLogonProcessors(Iterable<AuthenticationProcessorFactory> iterable) {
        this.m_logonProcessors = iterable;
    }

    public AuthenticationService getAuthenticationService() {
        return this.m_authenticationService;
    }

    public void setAuthenticationService(AuthenticationService authenticationService) {
        this.m_authenticationService = authenticationService;
    }
}
