package org.cloudfoundry.identity.uaa.login;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.cloudfoundry.identity.uaa.authentication.UaaPrincipal;
import org.cloudfoundry.identity.uaa.util.JsonUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-4.10.1.jar:org/cloudfoundry/identity/uaa/login/AccountSavingAuthenticationSuccessHandler.class */
public class AccountSavingAuthenticationSuccessHandler implements AuthenticationSuccessHandler {

    @Autowired
    public SavedRequestAwareAuthenticationSuccessHandler redirectingHandler;

    public SavedRequestAwareAuthenticationSuccessHandler getRedirectingHandler() {
        return this.redirectingHandler;
    }

    public void setRedirectingHandler(SavedRequestAwareAuthenticationSuccessHandler savedRequestAwareAuthenticationSuccessHandler) {
        this.redirectingHandler = savedRequestAwareAuthenticationSuccessHandler;
    }

    @Override // org.springframework.security.web.authentication.AuthenticationSuccessHandler
    public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
        setSavedAccountOptionCookie(httpServletRequest, httpServletResponse, authentication);
        this.redirectingHandler.onAuthenticationSuccess(httpServletRequest, httpServletResponse, authentication);
    }

    public void setSavedAccountOptionCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IllegalArgumentException {
        Object principal = authentication.getPrincipal();
        if (!(principal instanceof UaaPrincipal)) {
            throw new IllegalArgumentException("Unrecognized authentication principle.");
        }
        UaaPrincipal uaaPrincipal = (UaaPrincipal) principal;
        SavedAccountOption savedAccountOption = new SavedAccountOption();
        savedAccountOption.setEmail(uaaPrincipal.getEmail());
        savedAccountOption.setOrigin(uaaPrincipal.getOrigin());
        savedAccountOption.setUserId(uaaPrincipal.getId());
        savedAccountOption.setUsername(uaaPrincipal.getName());
        Cookie cookie = new Cookie("Saved-Account-" + uaaPrincipal.getId(), encodeCookieValue(JsonUtils.writeValueAsString(savedAccountOption)));
        cookie.setPath(httpServletRequest.getContextPath() + DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL);
        cookie.setHttpOnly(true);
        cookie.setSecure(httpServletRequest.isSecure());
        cookie.setMaxAge(31536000);
        httpServletResponse.addCookie(cookie);
        CurrentUserInformation currentUserInformation = new CurrentUserInformation();
        currentUserInformation.setUserId(uaaPrincipal.getId());
        Cookie cookie2 = new Cookie("Current-User", encodeCookieValue(JsonUtils.writeValueAsString(currentUserInformation)));
        cookie2.setMaxAge(31536000);
        cookie2.setHttpOnly(false);
        cookie2.setPath(httpServletRequest.getContextPath());
        httpServletResponse.addCookie(cookie2);
    }

    private static String encodeCookieValue(String str) throws IllegalArgumentException {
        try {
            return URLEncoder.encode(str, StandardCharsets.UTF_8.name());
        } catch (UnsupportedEncodingException e) {
            throw new IllegalArgumentException(e);
        }
    }
}
