package eu.openanalytics.containerproxy.auth.impl;

import eu.openanalytics.containerproxy.auth.IAuthenticationBackend;
import eu.openanalytics.containerproxy.auth.impl.customHeader.CustomHeaderAuthenticationFilter;
import eu.openanalytics.containerproxy.auth.impl.customHeader.CustomHeaderAuthenticationProvider;
import jakarta.servlet.Filter;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.core.env.Environment;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.authentication.AnonymousAuthenticationFilter;
import org.springframework.web.servlet.support.ServletUriComponentsBuilder;

/* loaded from: input_file:BOOT-INF/lib/containerproxy-1.2.0.jar:eu/openanalytics/containerproxy/auth/impl/CustomHeaderAuthenticationBackend.class */
public class CustomHeaderAuthenticationBackend implements IAuthenticationBackend {
    public static final String NAME = "customHeader";
    private static final String PROP_CUSTOM_AUTH_USERNAME_HEADER_NAME = "proxy.custom-header.username-header-name";
    private static final String PROP_CUSTOM_AUTH_GROUPS_HEADER_NAME = "proxy.custom-header.groups-header-name";
    private static final String DEFAULT_USERNAME_HEADER_NAME = "REMOTE_USER";
    private final CustomHeaderAuthenticationFilter filter;

    public CustomHeaderAuthenticationBackend(Environment environment, ApplicationEventPublisher applicationEventPublisher) {
        this.filter = new CustomHeaderAuthenticationFilter(new ProviderManager(new CustomHeaderAuthenticationProvider()), applicationEventPublisher, environment.getProperty(PROP_CUSTOM_AUTH_USERNAME_HEADER_NAME, DEFAULT_USERNAME_HEADER_NAME), environment.getProperty(PROP_CUSTOM_AUTH_GROUPS_HEADER_NAME));
    }

    @Override // eu.openanalytics.containerproxy.auth.IAuthenticationBackend
    public String getName() {
        return NAME;
    }

    @Override // eu.openanalytics.containerproxy.auth.IAuthenticationBackend
    public boolean hasAuthorization() {
        return true;
    }

    @Override // eu.openanalytics.containerproxy.auth.IAuthenticationBackend
    public void configureHttpSecurity(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.formLogin((v0) -> {
            v0.disable();
        });
        httpSecurity.addFilterBefore((Filter) this.filter, AnonymousAuthenticationFilter.class).exceptionHandling(exceptionHandlingConfigurer -> {
            exceptionHandlingConfigurer.authenticationEntryPoint((httpServletRequest, httpServletResponse, authenticationException) -> {
                httpServletResponse.sendRedirect(ServletUriComponentsBuilder.fromCurrentContextPath().path("/auth-error").build().toUriString());
            });
        });
    }

    @Override // eu.openanalytics.containerproxy.auth.IAuthenticationBackend
    public void configureAuthenticationManagerBuilder(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
    }

    @Override // eu.openanalytics.containerproxy.auth.IAuthenticationBackend
    public String getLogoutSuccessURL() {
        return "/logout-success";
    }
}
