package hudson.security;

import hudson.Util;
import hudson.model.User;
import java.io.IOException;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import jenkins.security.SecurityListener;
import jenkins.security.seed.UserSeedProperty;
import org.acegisecurity.Authentication;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter;

/* loaded from: input_file:WEB-INF/lib/jenkins-core-2.222-rc29376.9c21870ee829.jar:hudson/security/AuthenticationProcessingFilter2.class */
public class AuthenticationProcessingFilter2 extends AuthenticationProcessingFilter {
    private static final Logger LOGGER = Logger.getLogger(AuthenticationProcessingFilter2.class.getName());

    @Override // org.acegisecurity.ui.AbstractProcessingFilter
    protected String determineTargetUrl(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("from");
        httpServletRequest.getSession().setAttribute("from", parameter);
        return parameter == null ? getDefaultTargetUrl() : !Util.isSafeToRedirectTo(parameter) ? "." : parameter.startsWith(httpServletRequest.getContextPath()) ? parameter.substring(httpServletRequest.getContextPath().length()) : parameter;
    }

    @Override // org.acegisecurity.ui.AbstractProcessingFilter
    protected String determineFailureUrl(HttpServletRequest httpServletRequest, AuthenticationException authenticationException) {
        Properties exceptionMappings = getExceptionMappings();
        String name = authenticationException.getClass().getName();
        httpServletRequest.getSession().setAttribute("from", httpServletRequest.getParameter("from"));
        return exceptionMappings.getProperty(name, getAuthenticationFailureUrl());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.acegisecurity.ui.AbstractProcessingFilter
    public void onSuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException {
        super.onSuccessfulAuthentication(httpServletRequest, httpServletResponse, authentication);
        httpServletRequest.getSession().invalidate();
        HttpSession session = httpServletRequest.getSession();
        if (!UserSeedProperty.DISABLE_USER_SEED) {
            session.setAttribute(UserSeedProperty.USER_SESSION_SEED, ((UserSeedProperty) User.getById(authentication.getName(), true).getProperty(UserSeedProperty.class)).getSeed());
        }
        SecurityListener.fireLoggedIn(authentication.getName());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.acegisecurity.ui.AbstractProcessingFilter
    public void onUnsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException {
        super.onUnsuccessfulAuthentication(httpServletRequest, httpServletResponse, authenticationException);
        LOGGER.log(Level.FINE, "Login attempt failed", (Throwable) authenticationException);
        Authentication authentication = authenticationException.getAuthentication();
        if (authentication != null) {
            SecurityListener.fireFailedToLogIn(authentication.getName());
        }
    }
}
