package eu.openanalytics.containerproxy.auth.impl;

import eu.openanalytics.containerproxy.auth.IAuthenticationBackend;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import java.util.UUID;
import org.springframework.context.ApplicationEvent;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.session.Session;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

/* loaded from: input_file:BOOT-INF/lib/containerproxy-1.2.0.jar:eu/openanalytics/containerproxy/auth/impl/NoAuthenticationBackend.class */
public class NoAuthenticationBackend implements IAuthenticationBackend {
    public static final String NAME = "none";
    private static final String ANONYMOUS_USERID_SESSION_ATTRIBUTE = "ANONYMOUS_USER_ID";
    private final ApplicationEventPublisher applicationEventPublisher;

    /* loaded from: input_file:BOOT-INF/lib/containerproxy-1.2.0.jar:eu/openanalytics/containerproxy/auth/impl/NoAuthenticationBackend$Filter.class */
    private static class Filter extends AnonymousAuthenticationFilter {
        private final WebAuthenticationDetailsSource webAuthenticationDetailsSource;
        private final String key;
        private final ApplicationEventPublisher applicationEventPublisher;

        public Filter(ApplicationEventPublisher applicationEventPublisher, String str) {
            super(str);
            this.webAuthenticationDetailsSource = new WebAuthenticationDetailsSource();
            this.key = str;
            this.applicationEventPublisher = applicationEventPublisher;
        }

        @Override // org.springframework.security.web.authentication.AnonymousAuthenticationFilter
        protected Authentication createAuthentication(HttpServletRequest httpServletRequest) {
            String str;
            ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
            if (servletRequestAttributes == null) {
                AnonymousAuthenticationToken anonymousAuthenticationToken = new AnonymousAuthenticationToken(this.key, getPrincipal(), getAuthorities());
                anonymousAuthenticationToken.setDetails(this.webAuthenticationDetailsSource.buildDetails(httpServletRequest));
                return anonymousAuthenticationToken;
            }
            HttpSession session = servletRequestAttributes.getRequest().getSession(true);
            String str2 = (String) session.getAttribute(NoAuthenticationBackend.ANONYMOUS_USERID_SESSION_ATTRIBUTE);
            if (str2 == null) {
                str = UUID.randomUUID().toString();
                session.setAttribute(NoAuthenticationBackend.ANONYMOUS_USERID_SESSION_ATTRIBUTE, str);
            } else {
                str = str2;
            }
            AnonymousAuthenticationToken anonymousAuthenticationToken2 = new AnonymousAuthenticationToken(this.key, str, getAuthorities());
            anonymousAuthenticationToken2.setDetails(this.webAuthenticationDetailsSource.buildDetails(httpServletRequest));
            if (str2 == null) {
                this.applicationEventPublisher.publishEvent((ApplicationEvent) new AuthenticationSuccessEvent(anonymousAuthenticationToken2));
            }
            return anonymousAuthenticationToken2;
        }
    }

    public NoAuthenticationBackend(ApplicationEventPublisher applicationEventPublisher) {
        this.applicationEventPublisher = applicationEventPublisher;
    }

    public static String extractUserId(Session session) {
        return (String) session.getAttribute(ANONYMOUS_USERID_SESSION_ATTRIBUTE);
    }

    public static String extractUserId(io.undertow.server.session.Session session) {
        return (String) session.getAttribute(ANONYMOUS_USERID_SESSION_ATTRIBUTE);
    }

    public static String extractUserId(HttpSession httpSession) {
        return (String) httpSession.getAttribute(ANONYMOUS_USERID_SESSION_ATTRIBUTE);
    }

    @Override // eu.openanalytics.containerproxy.auth.IAuthenticationBackend
    public String getName() {
        return "none";
    }

    @Override // eu.openanalytics.containerproxy.auth.IAuthenticationBackend
    public boolean hasAuthorization() {
        return false;
    }

    @Override // eu.openanalytics.containerproxy.auth.IAuthenticationBackend
    public void configureHttpSecurity(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.anonymous(anonymousConfigurer -> {
            anonymousConfigurer.authenticationFilter(new Filter(this.applicationEventPublisher, UUID.randomUUID().toString()));
        });
    }

    @Override // eu.openanalytics.containerproxy.auth.IAuthenticationBackend
    public void configureAuthenticationManagerBuilder(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
        authenticationManagerBuilder.inMemoryAuthentication();
    }
}
