package org.craftercms.security.authentication.impl;

import java.io.IOException;
import org.apache.commons.lang.StringUtils;
import org.craftercms.security.api.RequestContext;
import org.craftercms.security.authentication.AuthenticationRequiredHandler;
import org.craftercms.security.authentication.BaseHandler;
import org.craftercms.security.exception.AuthenticationException;
import org.craftercms.security.exception.CrafterSecurityException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Required;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;

/* loaded from: input_file:org/craftercms/security/authentication/impl/AuthenticationRequiredHandlerImpl.class */
public class AuthenticationRequiredHandlerImpl extends BaseHandler implements AuthenticationRequiredHandler {
    private static final Logger logger = LoggerFactory.getLogger(AuthenticationRequiredHandlerImpl.class);
    protected String loginFormUrl;
    protected RequestCache requestCache = new HttpSessionRequestCache();

    @Required
    public void setLoginFormUrl(String str) {
        this.loginFormUrl = str;
    }

    public void setRequestCache(RequestCache requestCache) {
        this.requestCache = requestCache;
    }

    @Override // org.craftercms.security.authentication.AuthenticationRequiredHandler
    public void onAuthenticationRequired(AuthenticationException authenticationException, RequestContext requestContext) throws CrafterSecurityException, IOException {
        saveRequest(requestContext);
        if (this.isRedirectRequired && StringUtils.isNotEmpty(this.loginFormUrl)) {
            redirectToLoginForm(requestContext);
        } else {
            sendError(authenticationException, requestContext);
        }
    }

    protected void saveRequest(RequestContext requestContext) {
        if (logger.isDebugEnabled()) {
            logger.debug("Saving current request for use after login");
        }
        this.requestCache.saveRequest(requestContext.getRequest(), requestContext.getResponse());
    }

    protected void redirectToLoginForm(RequestContext requestContext) throws IOException {
        String str = requestContext.getRequest().getContextPath() + this.loginFormUrl;
        if (logger.isDebugEnabled()) {
            logger.debug("Redirecting to login form at " + str);
        }
        requestContext.getResponse().sendRedirect(str);
    }

    protected void sendError(AuthenticationException authenticationException, RequestContext requestContext) throws IOException {
        if (logger.isDebugEnabled()) {
            logger.debug("Sending 401 UNAUTHORIZED error");
        }
        requestContext.getResponse().setContentType("application/json");
        requestContext.getResponse().sendError(401, authenticationException.getMessage());
    }
}
