package com.appiancorp.security.auth.mobile;

import com.appiancorp.ap2.ServletScopesKeys;
import com.appiancorp.common.monitoring.ProductMetricsAggregatedDataCollector;
import com.appiancorp.core.expr.portable.string.Strings;
import com.appiancorp.security.auth.AppianAuthenticationEventPublisher;
import com.appiancorp.security.auth.AuthenticationDetails;
import com.appiancorp.security.auth.LoginEntryPoint;
import com.appiancorp.security.auth.SessionUuidAttributeSetter;
import com.appiancorp.security.auth.rememberme.AppianPersistentTokenBasedRememberMeServices;
import com.appiancorp.suiteapi.common.spring.security.CompositeSessionAuthenticationStrategy;
import com.google.common.base.Preconditions;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.RememberMeServices;

/* loaded from: input_file:com/appiancorp/security/auth/mobile/MobileAuthTokenFilter.class */
public class MobileAuthTokenFilter extends AbstractAuthenticationProcessingFilter {
    private static final Logger LOG = Logger.getLogger(MobileAuthTokenFilter.class);
    private final MobileAuthTokenConverter tokenConverter;
    private final AppianAuthenticationEventPublisher appianAuthenticationEventPublisher;

    public MobileAuthTokenFilter(AuthenticationManager authenticationManager, MobileAuthTokenSuccessHandler mobileAuthTokenSuccessHandler, MobileAuthTokenFailureHandler mobileAuthTokenFailureHandler, CompositeSessionAuthenticationStrategy compositeSessionAuthenticationStrategy, AppianAuthenticationEventPublisher appianAuthenticationEventPublisher, MobileAuthTokenConverter mobileAuthTokenConverter, MobileAuthTokenRequestMatcher mobileAuthTokenRequestMatcher, RememberMeServices rememberMeServices) {
        super(mobileAuthTokenRequestMatcher);
        this.tokenConverter = (MobileAuthTokenConverter) Preconditions.checkNotNull(mobileAuthTokenConverter);
        this.appianAuthenticationEventPublisher = appianAuthenticationEventPublisher;
        setAuthenticationSuccessHandler(mobileAuthTokenSuccessHandler);
        setAuthenticationFailureHandler(mobileAuthTokenFailureHandler);
        setAuthenticationManager(authenticationManager);
        setSessionAuthenticationStrategy(compositeSessionAuthenticationStrategy);
        setRememberMeServices(rememberMeServices);
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
        String parameter = httpServletRequest.getParameter("token");
        String parameter2 = httpServletRequest.getParameter("codeVerifier");
        if (parameter == null) {
            LOG.debug("Authentication token is null.");
            throw new MobileAuthTokenException("Authentication token is null.");
        }
        if (parameter2 == null) {
            LOG.debug("PKCE code verifier is null.");
            throw new MobileAuthTokenException("PKCE code verifier is null.");
        }
        HttpSession session = httpServletRequest.getSession();
        try {
            MobileAuthToken mobileAuthToken = this.tokenConverter.getMobileAuthToken(parameter, parameter2);
            UsernamePasswordAuthenticationToken convertMobileAuthToken = this.tokenConverter.convertMobileAuthToken(mobileAuthToken);
            String siteUrlStub = mobileAuthToken.getSiteUrlStub();
            if (!Strings.isNullOrEmpty(siteUrlStub)) {
                session.setAttribute(MobileAuthConstants.MOBILE_AUTH_SITE_URL_STUB_KEY, siteUrlStub);
            }
            if (!Strings.isNullOrEmpty(mobileAuthToken.getSigninParameter())) {
                session.setAttribute(MobileAuthConstants.MOBILE_AUTH_PROVIDER_QUERY_PARAM_KEY, mobileAuthToken.getSigninParameter());
            }
            if (mobileAuthToken.isRememberMeEnabled()) {
                httpServletRequest.setAttribute(AppianPersistentTokenBasedRememberMeServices.REMEMBER_ME_REQUESTED, true);
            }
            SessionUuidAttributeSetter.setSessionUuidAttribute(session);
            convertMobileAuthToken.setDetails(new AuthenticationDetails(httpServletRequest, LoginEntryPoint.PORTAL));
            this.appianAuthenticationEventPublisher.publishApplicationEvent(new AppianMobileAuthenticationSuccessEvent(convertMobileAuthToken, (String) session.getAttribute(ServletScopesKeys.KEY_SESSION_UUID), mobileAuthToken.getTransactionId(), false), httpServletRequest);
            ProductMetricsAggregatedDataCollector.recordData("token.exchange.status.success");
            return convertMobileAuthToken;
        } catch (Exception e) {
            LOG.debug(e.getMessage());
            ProductMetricsAggregatedDataCollector.recordData("token.exchange.status.failure");
            throw new InternalAuthenticationServiceException("Error in authenticating with token and codeVerifier.", e);
        } catch (AuthenticationException e2) {
            LOG.debug(e2.getMessage());
            ProductMetricsAggregatedDataCollector.recordData("token.exchange.status.failure");
            throw e2;
        }
    }
}
