package com.github.mkopylec.recaptcha.security;

import com.github.mkopylec.recaptcha.RecaptchaProperties;
import com.github.mkopylec.recaptcha.security.login.LoginFailuresClearingHandler;
import com.github.mkopylec.recaptcha.security.login.LoginFailuresCountingHandler;
import com.github.mkopylec.recaptcha.security.login.LoginFailuresManager;
import com.github.mkopylec.recaptcha.validation.ErrorCode;
import com.github.mkopylec.recaptcha.validation.RecaptchaValidationException;
import com.github.mkopylec.recaptcha.validation.RecaptchaValidator;
import com.github.mkopylec.recaptcha.validation.ValidationResult;
import java.util.Collections;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.util.Assert;

/* loaded from: input_file:com/github/mkopylec/recaptcha/security/RecaptchaAuthenticationFilter.class */
public class RecaptchaAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
    private static final Logger log = LoggerFactory.getLogger(RecaptchaAuthenticationFilter.class);
    protected final RecaptchaValidator recaptchaValidator;
    protected final RecaptchaProperties recaptcha;
    protected final LoginFailuresManager failuresManager;

    public RecaptchaAuthenticationFilter(RecaptchaValidator recaptchaValidator, RecaptchaProperties recaptchaProperties, LoginFailuresManager loginFailuresManager) {
        this.recaptchaValidator = recaptchaValidator;
        this.recaptcha = recaptchaProperties;
        this.failuresManager = loginFailuresManager;
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
        if (getUsernameParameter() == null) {
            throw new RecaptchaAuthenticationException(Collections.singletonList(ErrorCode.MISSING_USERNAME_REQUEST_PARAMETER));
        }
        if (this.failuresManager.isRecaptchaRequired(httpServletRequest)) {
            try {
                ValidationResult validate = this.recaptchaValidator.validate(obtainRecaptchaResponse(httpServletRequest), httpServletRequest.getRemoteAddr());
                if (validate.isFailure()) {
                    throw new RecaptchaAuthenticationException(validate.getErrorCodes());
                }
            } catch (RecaptchaValidationException e) {
                boolean isContinueOnValidationHttpError = this.recaptcha.getSecurity().isContinueOnValidationHttpError();
                log.error("reCAPTCHA validation HTTP error. Continuing user authentication: " + isContinueOnValidationHttpError, e);
                if (!isContinueOnValidationHttpError) {
                    throw new RecaptchaAuthenticationException(Collections.singletonList(ErrorCode.VALIDATION_HTTP_ERROR));
                }
            }
        }
        return super.attemptAuthentication(httpServletRequest, httpServletResponse);
    }

    public void setAuthenticationSuccessHandler(AuthenticationSuccessHandler authenticationSuccessHandler) {
        if (!LoginFailuresClearingHandler.class.isAssignableFrom(authenticationSuccessHandler.getClass())) {
            throw new IllegalArgumentException("Invalid login success handler. Handler must be an instance of " + LoginFailuresClearingHandler.class.getName() + " but is " + authenticationSuccessHandler);
        }
        super.setAuthenticationSuccessHandler(authenticationSuccessHandler);
    }

    public void setAuthenticationFailureHandler(AuthenticationFailureHandler authenticationFailureHandler) {
        if (!LoginFailuresCountingHandler.class.isAssignableFrom(authenticationFailureHandler.getClass())) {
            throw new IllegalArgumentException("Invalid login failure handler. Handler must be an instance of " + LoginFailuresCountingHandler.class.getName() + " but is " + authenticationFailureHandler);
        }
        super.setAuthenticationFailureHandler(authenticationFailureHandler);
    }

    public void setUsernameParameter(String str) {
        super.setUsernameParameter(str);
        this.failuresManager.setUsernameParameter(str);
    }

    public void afterPropertiesSet() {
        Assert.notNull(this.recaptchaValidator, "Missing recaptcha validator");
        Assert.notNull(this.recaptcha, "Missing recaptcha validation configuration properties");
        Assert.notNull(this.failuresManager, "Missing login failure manager");
    }

    protected String obtainRecaptchaResponse(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.recaptcha.getValidation().getResponseParameter());
    }
}
