package com.vaadin.flow.spring.security;

import com.vaadin.flow.server.auth.ViewAccessChecker;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.csrf.CsrfToken;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;

/* loaded from: input_file:BOOT-INF/lib/vaadin-spring-23.2.0.jar:com/vaadin/flow/spring/security/VaadinSavedRequestAwareAuthenticationSuccessHandler.class */
public class VaadinSavedRequestAwareAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
    private static final String SOURCE_HEADER = "source";
    private static final String RESULT_HEADER = "Result";
    private static final String DEFAULT_URL_HEADER = "Default-url";
    private static final String SAVED_URL_HEADER = "Saved-url";
    private static final String SPRING_CSRF_HEADER = "Spring-CSRF-header";
    private static final String SPRING_CSRF_TOKEN = "Spring-CSRF-token";
    private RequestCache requestCache = new HttpSessionRequestCache();

    /* loaded from: input_file:BOOT-INF/lib/vaadin-spring-23.2.0.jar:com/vaadin/flow/spring/security/VaadinSavedRequestAwareAuthenticationSuccessHandler$RedirectStrategy.class */
    public static class RedirectStrategy extends DefaultRedirectStrategy {
        @Override // org.springframework.security.web.DefaultRedirectStrategy, org.springframework.security.web.RedirectStrategy
        public void sendRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
            String header = httpServletResponse.getHeader(VaadinSavedRequestAwareAuthenticationSuccessHandler.SAVED_URL_HEADER);
            String str2 = header != null ? header : str;
            if (!VaadinSavedRequestAwareAuthenticationSuccessHandler.isTypescriptLogin(httpServletRequest)) {
                super.sendRedirect(httpServletRequest, httpServletResponse, str2);
                return;
            }
            httpServletResponse.setHeader(VaadinSavedRequestAwareAuthenticationSuccessHandler.RESULT_HEADER, "success");
            Object attribute = httpServletRequest.getAttribute(CsrfToken.class.getName());
            if (attribute instanceof CsrfToken) {
                CsrfToken csrfToken = (CsrfToken) attribute;
                httpServletResponse.setHeader(VaadinSavedRequestAwareAuthenticationSuccessHandler.SPRING_CSRF_HEADER, csrfToken.getHeaderName());
                httpServletResponse.setHeader(VaadinSavedRequestAwareAuthenticationSuccessHandler.SPRING_CSRF_TOKEN, csrfToken.getToken());
            }
        }
    }

    public VaadinSavedRequestAwareAuthenticationSuccessHandler() {
        setRedirectStrategy(new RedirectStrategy());
    }

    @Override // org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler, org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler, org.springframework.security.web.authentication.AuthenticationSuccessHandler
    public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws ServletException, IOException {
        SavedRequest request = this.requestCache.getRequest(httpServletRequest, httpServletResponse);
        String storedServerNavigation = getStoredServerNavigation(httpServletRequest);
        if (storedServerNavigation != null) {
            if (!"".equals(httpServletRequest.getContextPath())) {
                storedServerNavigation = "/" + storedServerNavigation;
            }
            httpServletResponse.setHeader(SAVED_URL_HEADER, storedServerNavigation);
        } else if (request != null) {
            httpServletResponse.setHeader(SAVED_URL_HEADER, request.getRedirectUrl());
        }
        if (isTypescriptLogin(httpServletRequest)) {
            httpServletResponse.setHeader(DEFAULT_URL_HEADER, determineTargetUrl(httpServletRequest, httpServletResponse));
        }
        super.onAuthenticationSuccess(httpServletRequest, httpServletResponse, authentication);
    }

    private static String getStoredServerNavigation(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            return null;
        }
        return (String) session.getAttribute(ViewAccessChecker.SESSION_STORED_REDIRECT);
    }

    static boolean isTypescriptLogin(HttpServletRequest httpServletRequest) {
        return "typescript".equals(httpServletRequest.getHeader(SOURCE_HEADER));
    }

    @Override // org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler
    public void setRequestCache(RequestCache requestCache) {
        super.setRequestCache(requestCache);
        this.requestCache = requestCache;
    }
}
