package org.cloudfoundry.identity.uaa.login;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.cloudfoundry.identity.uaa.authentication.PasswordChangeRequiredException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.logout.LogoutHandler;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-4.5.6.jar:org/cloudfoundry/identity/uaa/login/UaaAuthenticationFailureHandler.class */
public class UaaAuthenticationFailureHandler implements AuthenticationFailureHandler, LogoutHandler {
    private AuthenticationFailureHandler delegate;

    public UaaAuthenticationFailureHandler(AuthenticationFailureHandler authenticationFailureHandler) {
        this.delegate = authenticationFailureHandler;
    }

    @Override // org.springframework.security.web.authentication.AuthenticationFailureHandler
    public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        if (authenticationException != null && (authenticationException instanceof PasswordChangeRequiredException)) {
            httpServletRequest.getSession().setAttribute(ForcePasswordChangeController.FORCE_PASSWORD_EXPIRED_USER, ((PasswordChangeRequiredException) authenticationException).getAuthentication());
            addCookie(httpServletResponse, httpServletRequest.getContextPath());
            httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/force_password_change");
        } else {
            addCookie(httpServletResponse, httpServletRequest.getContextPath());
            if (this.delegate != null) {
                this.delegate.onAuthenticationFailure(httpServletRequest, httpServletResponse, authenticationException);
            }
        }
    }

    @Override // org.springframework.security.web.authentication.logout.LogoutHandler
    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        addCookie(httpServletResponse, httpServletRequest.getContextPath());
    }

    private void addCookie(HttpServletResponse httpServletResponse, String str) {
        Cookie cookie = new Cookie("Current-User", (String) null);
        cookie.setHttpOnly(false);
        cookie.setMaxAge(0);
        cookie.setPath(str);
        httpServletResponse.addCookie(cookie);
    }
}
