package de.iip_ecosphere.platform.support.aas.basyx.security;

import de.iip_ecosphere.platform.support.aas.AuthenticationDescriptor;
import java.io.IOException;
import java.util.List;
import java.util.regex.Pattern;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextHolderStrategy;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:BOOT-INF/lib/support.aas.basyx-0.7.1-SNAPSHOT.jar:de/iip_ecosphere/platform/support/aas/basyx/security/FailNoAuthorizationFilter.class */
public class FailNoAuthorizationFilter extends OncePerRequestFilter {
    private SecurityContextHolderStrategy securityContextHolderStrategy;
    private Pattern uriException;
    private boolean allowAnonymous;

    public FailNoAuthorizationFilter() {
        this(null, false);
    }

    public FailNoAuthorizationFilter(String str, boolean z) {
        this.securityContextHolderStrategy = SecurityContextHolder.getContextHolderStrategy();
        this.uriException = null == str ? null : Pattern.compile(str);
        this.allowAnonymous = z;
    }

    @Override // org.springframework.web.filter.OncePerRequestFilter
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (null != this.securityContextHolderStrategy.getContext().getAuthentication()) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (null != this.uriException && this.uriException.matcher(httpServletRequest.getRequestURI()).matches()) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (!this.allowAnonymous) {
            httpServletResponse.setStatus(401);
            return;
        }
        AuthenticationDescriptor.DefaultRole defaultRole = AuthenticationDescriptor.DefaultRole.NONE;
        AnonymousAuthenticationToken anonymousAuthenticationToken = new AnonymousAuthenticationToken(defaultRole.name(), defaultRole.name(), List.of(new SimpleGrantedAuthority(defaultRole.name())));
        anonymousAuthenticationToken.setDetails(defaultRole);
        this.securityContextHolderStrategy.getContext().setAuthentication(anonymousAuthenticationToken);
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }
}
