package org.acegisecurity.providers.anonymous;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import net.sf.json.util.JSONUtils;
import org.acegisecurity.Authentication;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.ui.AuthenticationDetailsSource;
import org.acegisecurity.ui.AuthenticationDetailsSourceImpl;
import org.acegisecurity.userdetails.memory.UserAttribute;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/acegi-security-1.0.7.jar:org/acegisecurity/providers/anonymous/AnonymousProcessingFilter.class */
public class AnonymousProcessingFilter implements Filter, InitializingBean {
    private static final Log logger;
    private String key;
    private UserAttribute userAttribute;
    static Class class$org$acegisecurity$providers$anonymous$AnonymousProcessingFilter;
    static Class class$javax$servlet$http$HttpServletRequest;
    private AuthenticationDetailsSource authenticationDetailsSource = new AuthenticationDetailsSourceImpl();
    private boolean removeAfterRequest = true;

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.userAttribute);
        Assert.hasLength(this.key);
    }

    protected boolean applyAnonymousForThisRequest(ServletRequest servletRequest) {
        return true;
    }

    protected Authentication createAuthentication(ServletRequest servletRequest) {
        Class cls;
        if (class$javax$servlet$http$HttpServletRequest == null) {
            cls = class$("javax.servlet.http.HttpServletRequest");
            class$javax$servlet$http$HttpServletRequest = cls;
        } else {
            cls = class$javax$servlet$http$HttpServletRequest;
        }
        Assert.isInstanceOf(cls, servletRequest, "ServletRequest must be an instance of HttpServletRequest");
        AnonymousAuthenticationToken anonymousAuthenticationToken = new AnonymousAuthenticationToken(this.key, this.userAttribute.getPassword(), this.userAttribute.getAuthorities());
        anonymousAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails((HttpServletRequest) servletRequest));
        return anonymousAuthenticationToken;
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        boolean z = false;
        if (applyAnonymousForThisRequest(servletRequest)) {
            if (SecurityContextHolder.getContext().getAuthentication() == null) {
                SecurityContextHolder.getContext().setAuthentication(createAuthentication(servletRequest));
                z = true;
                if (logger.isDebugEnabled()) {
                    logger.debug(new StringBuffer().append("Populated SecurityContextHolder with anonymous token: '").append(SecurityContextHolder.getContext().getAuthentication()).append(JSONUtils.SINGLE_QUOTE).toString());
                }
            } else if (logger.isDebugEnabled()) {
                logger.debug(new StringBuffer().append("SecurityContextHolder not populated with anonymous token, as it already contained: '").append(SecurityContextHolder.getContext().getAuthentication()).append(JSONUtils.SINGLE_QUOTE).toString());
            }
        }
        try {
            filterChain.doFilter(servletRequest, servletResponse);
            if (z && this.removeAfterRequest && createAuthentication(servletRequest).equals(SecurityContextHolder.getContext().getAuthentication())) {
                SecurityContextHolder.getContext().setAuthentication(null);
            }
        } catch (Throwable th) {
            if (z && this.removeAfterRequest && createAuthentication(servletRequest).equals(SecurityContextHolder.getContext().getAuthentication())) {
                SecurityContextHolder.getContext().setAuthentication(null);
            }
            throw th;
        }
    }

    public String getKey() {
        return this.key;
    }

    public UserAttribute getUserAttribute() {
        return this.userAttribute;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public boolean isRemoveAfterRequest() {
        return this.removeAfterRequest;
    }

    public void setAuthenticationDetailsSource(AuthenticationDetailsSource authenticationDetailsSource) {
        Assert.notNull(authenticationDetailsSource, "AuthenticationDetailsSource required");
        this.authenticationDetailsSource = authenticationDetailsSource;
    }

    public void setKey(String str) {
        this.key = str;
    }

    public void setRemoveAfterRequest(boolean z) {
        this.removeAfterRequest = z;
    }

    public void setUserAttribute(UserAttribute userAttribute) {
        this.userAttribute = userAttribute;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$acegisecurity$providers$anonymous$AnonymousProcessingFilter == null) {
            cls = class$("org.acegisecurity.providers.anonymous.AnonymousProcessingFilter");
            class$org$acegisecurity$providers$anonymous$AnonymousProcessingFilter = cls;
        } else {
            cls = class$org$acegisecurity$providers$anonymous$AnonymousProcessingFilter;
        }
        logger = LogFactory.getLog(cls);
    }
}
