package org.geonode.security;

import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.geoserver.security.filter.GeoServerAuthenticationFilter;
import org.geoserver.security.filter.GeoServerSecurityFilter;
import org.geotools.util.logging.Logging;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:WEB-INF/classes/org/geonode/security/GeoNodeCookieProcessingFilter.class */
public class GeoNodeCookieProcessingFilter extends GeoServerSecurityFilter implements GeoServerAuthenticationFilter {
    static final Logger LOGGER = Logging.getLogger((Class<?>) GeoNodeCookieProcessingFilter.class);
    static final String GEONODE_COOKIE_NAME = "sessionid";

    @Override // org.geoserver.security.filter.GeoServerSecurityFilter, javax.servlet.Filter
    public void destroy() {
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        Object principal;
        SecurityContext context = SecurityContextHolder.getContext();
        Authentication authentication = context.getAuthentication();
        String geoNodeCookieValue = getGeoNodeCookieValue((HttpServletRequest) servletRequest);
        boolean z = authentication != null && authentication.isAuthenticated();
        boolean z2 = authentication == null || (authentication instanceof AnonymousAuthenticationToken);
        boolean z3 = (authentication instanceof UsernamePasswordAuthenticationToken) && z;
        boolean z4 = (authentication instanceof GeoNodeSessionAuthToken) && authentication.getCredentials().equals(geoNodeCookieValue);
        if (z4) {
            authentication.setAuthenticated(true);
        }
        boolean z5 = (z && !z2 && z4) ? false : true;
        if (!z3 && z5 && geoNodeCookieValue != null) {
            if (authentication == null) {
                principal = null;
            } else {
                try {
                    principal = authentication.getPrincipal();
                } catch (AuthenticationException e) {
                    LOGGER.log(Level.WARNING, "Error connecting to the GeoNode server for authentication purposes", (Throwable) e);
                }
            }
            Authentication authenticate = getSecurityManager().authenticate(new GeoNodeSessionAuthToken(principal, geoNodeCookieValue, authentication == null ? null : authentication.getAuthorities()));
            LOGGER.log(Level.FINE, "authResult : {0}", authenticate);
            context.setAuthentication(authenticate);
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private String getGeoNodeCookieValue(HttpServletRequest httpServletRequest) {
        if (httpServletRequest.getCookies() == null) {
            return null;
        }
        for (Cookie cookie : httpServletRequest.getCookies()) {
            if (GEONODE_COOKIE_NAME.equals(cookie.getName())) {
                return cookie.getValue();
            }
        }
        return null;
    }

    @Override // org.geoserver.security.filter.GeoServerAuthenticationFilter
    public boolean applicableForHtml() {
        return true;
    }

    @Override // org.geoserver.security.filter.GeoServerAuthenticationFilter
    public boolean applicableForServices() {
        return true;
    }
}
