package org.cloudfoundry.identity.uaa.web;

import java.io.IOException;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.cloudfoundry.identity.uaa.util.UaaUrlUtils;
import org.springframework.http.HttpMethod;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.PortResolver;
import org.springframework.security.web.savedrequest.DefaultSavedRequest;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;
import org.springframework.security.web.util.UrlUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-4.8.0.jar:org/cloudfoundry/identity/uaa/web/UaaSavedRequestCache.class */
public class UaaSavedRequestCache extends HttpSessionRequestCache implements Filter {

    /* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-4.8.0.jar:org/cloudfoundry/identity/uaa/web/UaaSavedRequestCache$ClientRedirectSavedRequest.class */
    public static class ClientRedirectSavedRequest extends DefaultSavedRequest {
        private final String redirectUrl;
        private final Map<String, String[]> parameters;

        public ClientRedirectSavedRequest(HttpServletRequest httpServletRequest, String str) {
            super(httpServletRequest, servletRequest -> {
                return servletRequest.getServerPort();
            });
            this.redirectUrl = str;
            this.parameters = Collections.unmodifiableMap(UaaUrlUtils.getParameterMap(str));
        }

        @Override // org.springframework.security.web.savedrequest.DefaultSavedRequest, org.springframework.security.web.savedrequest.SavedRequest
        public String getRedirectUrl() {
            return this.redirectUrl;
        }

        @Override // org.springframework.security.web.savedrequest.DefaultSavedRequest, org.springframework.security.web.savedrequest.SavedRequest
        public List<Cookie> getCookies() {
            return Collections.emptyList();
        }

        @Override // org.springframework.security.web.savedrequest.DefaultSavedRequest, org.springframework.security.web.savedrequest.SavedRequest
        public String getMethod() {
            return HttpMethod.GET.name();
        }

        @Override // org.springframework.security.web.savedrequest.DefaultSavedRequest, org.springframework.security.web.savedrequest.SavedRequest
        public List<String> getHeaderValues(String str) {
            return Collections.emptyList();
        }

        @Override // org.springframework.security.web.savedrequest.DefaultSavedRequest, org.springframework.security.web.savedrequest.SavedRequest
        public Collection<String> getHeaderNames() {
            return Collections.emptyList();
        }

        @Override // org.springframework.security.web.savedrequest.DefaultSavedRequest, org.springframework.security.web.savedrequest.SavedRequest
        public List<Locale> getLocales() {
            return Collections.emptyList();
        }

        @Override // org.springframework.security.web.savedrequest.DefaultSavedRequest, org.springframework.security.web.savedrequest.SavedRequest
        public String[] getParameterValues(String str) {
            return this.parameters.get(str);
        }

        @Override // org.springframework.security.web.savedrequest.DefaultSavedRequest, org.springframework.security.web.savedrequest.SavedRequest
        public Map<String, String[]> getParameterMap() {
            return this.parameters;
        }

        @Override // org.springframework.security.web.savedrequest.DefaultSavedRequest
        public Collection<String> getParameterNames() {
            return this.parameters.keySet();
        }

        @Override // org.springframework.security.web.savedrequest.DefaultSavedRequest
        public boolean doesRequestMatch(HttpServletRequest httpServletRequest, PortResolver portResolver) {
            boolean equals = UrlUtils.buildFullRequestUrl(httpServletRequest).equals(this.redirectUrl);
            String parameter = httpServletRequest.getParameter(UaaSavedRequestAwareAuthenticationSuccessHandler.FORM_REDIRECT_PARAMETER);
            if (!equals && HttpMethod.POST.name().equals(httpServletRequest.getMethod()) && StringUtils.hasText(parameter)) {
                equals = parameter.equals(getRedirectUrl());
            }
            return equals;
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if (shouldSaveFormRedirectParameter(httpServletRequest) && notAuthenticated()) {
            saveClientRedirect(httpServletRequest, httpServletRequest.getParameter(UaaSavedRequestAwareAuthenticationSuccessHandler.FORM_REDIRECT_PARAMETER));
        }
        filterChain.doFilter(httpServletRequest, servletResponse);
    }

    public boolean notAuthenticated() {
        return SecurityContextHolder.getContext().getAuthentication() == null || !SecurityContextHolder.getContext().getAuthentication().isAuthenticated();
    }

    @Override // org.springframework.security.web.savedrequest.HttpSessionRequestCache, org.springframework.security.web.savedrequest.RequestCache
    public void saveRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (shouldSaveFormRedirectParameter(httpServletRequest)) {
            saveClientRedirect(httpServletRequest, httpServletRequest.getParameter(UaaSavedRequestAwareAuthenticationSuccessHandler.FORM_REDIRECT_PARAMETER));
        } else if (HttpMethod.GET.name().equals(httpServletRequest.getMethod())) {
            saveClientRedirect(httpServletRequest, UrlUtils.buildFullRequestUrl(httpServletRequest));
        } else {
            super.saveRequest(httpServletRequest, httpServletResponse);
        }
    }

    public void saveClientRedirect(HttpServletRequest httpServletRequest, String str) {
        httpServletRequest.getSession(true).setAttribute(UaaSavedRequestAwareAuthenticationSuccessHandler.SAVED_REQUEST_SESSION_ATTRIBUTE, new ClientRedirectSavedRequest(httpServletRequest, str));
    }

    protected boolean shouldSaveFormRedirectParameter(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(UaaSavedRequestAwareAuthenticationSuccessHandler.FORM_REDIRECT_PARAMETER);
        if (!HttpMethod.POST.name().equals(httpServletRequest.getMethod()) || StringUtils.isEmpty(parameter) || hasSavedRequest(httpServletRequest)) {
            return false;
        }
        return HttpMethod.POST.name().equals(httpServletRequest.getMethod());
    }

    protected static boolean hasSavedRequest(HttpServletRequest httpServletRequest) {
        return (httpServletRequest.getSession(false) == null || getSavedRequest(httpServletRequest) == null) ? false : true;
    }

    protected static SavedRequest getSavedRequest(HttpServletRequest httpServletRequest) {
        return (SavedRequest) httpServletRequest.getSession(false).getAttribute(UaaSavedRequestAwareAuthenticationSuccessHandler.SAVED_REQUEST_SESSION_ATTRIBUTE);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }
}
