package si.spletsis.security;

import M6.b;
import M6.c;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.xml.bind.DatatypeConverter;
import org.jasig.cas.client.validation.AssertionImpl;
import org.springframework.core.env.Environment;
import org.springframework.security.cas.authentication.CasAuthenticationToken;
import org.springframework.security.core.authority.mapping.NullAuthoritiesMapper;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.GenericFilterBean;
import si.spletsis.app.ConfigSettings;
import si.spletsis.app.Settings;

/* loaded from: classes2.dex */
public class StatelessAuthenticationFilter extends GenericFilterBean {
    private static final b log = c.c(StatelessAuthenticationFilter.class);
    private boolean isClient;
    private final TokenAuthenticationService tokenAuthenticationService;
    private byte[] tokenSecret;

    public StatelessAuthenticationFilter(TokenAuthenticationService tokenAuthenticationService, Environment environment) {
        this.isClient = false;
        this.tokenAuthenticationService = tokenAuthenticationService;
        this.isClient = "CLIENT".equals(environment.getProperty(ConfigSettings.APP_MODE));
        this.tokenSecret = DatatypeConverter.parseBase64Binary(environment.getProperty(ConfigSettings.APP_TOKEN_SECRET));
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if (httpServletRequest.getSession(false) != null) {
            httpServletRequest.getSession(false).invalidate();
            log.e("Startup HTTP session invalidated.");
        }
        if (this.isClient) {
            SecurityContextHolder.getContext().setAuthentication(this.tokenAuthenticationService.getAuthentication(httpServletRequest));
        } else {
            Cookie[] cookies = httpServletRequest.getCookies();
            if (cookies != null) {
                String str = null;
                for (Cookie cookie : cookies) {
                    if (Settings.SSO_TOKEN_NAME.equals(cookie.getName())) {
                        if (str == null) {
                            str = cookie.getValue();
                        } else if (cookie.getValue().length() > str.length()) {
                            str = cookie.getValue();
                        }
                    }
                }
                if (str != null) {
                    ClientUserDetails clientUserDetails = (ClientUserDetails) new TokenHandler(this.tokenSecret).parseUserFromToken(str, ClientUserDetails.class);
                    clientUserDetails.postFromJson();
                    SecurityContextHolder.getContext().setAuthentication(new CasAuthenticationToken("casAuthProviderKey", clientUserDetails, clientUserDetails.getCasCredentials(), new NullAuthoritiesMapper().mapAuthorities(clientUserDetails.getAuthorities()), clientUserDetails, new AssertionImpl(clientUserDetails.getUsername())));
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }
}
