package nl.b3p.commons.security.aselect;

import java.io.IOException;
import java.security.Principal;
import javax.servlet.FilterConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.securityfilter.authenticator.Authenticator;
import org.securityfilter.config.SecurityConfig;
import org.securityfilter.filter.SecurityRequestWrapper;
import org.securityfilter.filter.URLPatternMatcher;
import org.securityfilter.realm.SecurityRealmInterface;

/* loaded from: input_file:WEB-INF/lib/b3p-commons-core-5.0.5.jar:nl/b3p/commons/security/aselect/ASelectFilterAuthenticator.class */
public class ASelectFilterAuthenticator implements Authenticator {
    protected SecurityRealmInterface realm;
    protected String realmName;
    public static final String ERROR_NO_ASELECT_TICKET = "Geen A-Select ticket!";
    public static final String ERROR_USERNAME_NOT_AUTHORIZED = "A-Select gebruiker niet geauthoriseerd voor deze applicatie!";

    @Override // org.securityfilter.authenticator.Authenticator
    public void init(FilterConfig filterConfig, SecurityConfig securityConfig) throws Exception {
        this.realm = securityConfig.getRealm();
        this.realmName = securityConfig.getRealmName();
    }

    @Override // org.securityfilter.authenticator.Authenticator
    public String getAuthMethod() {
        return "ASELECTFILTER";
    }

    @Override // org.securityfilter.authenticator.Authenticator
    public boolean processLogin(SecurityRequestWrapper securityRequestWrapper, HttpServletResponse httpServletResponse) throws Exception {
        ASelectTicket fromSession;
        Principal authenticate;
        if (securityRequestWrapper.getUserPrincipal() != null || (fromSession = ASelectTicket.getFromSession(securityRequestWrapper.getSession())) == null || (authenticate = this.realm.authenticate(fromSession.getUid(), "")) == null) {
            return false;
        }
        securityRequestWrapper.setUserPrincipal(authenticate);
        return false;
    }

    @Override // org.securityfilter.authenticator.Authenticator
    public void showLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.sendError(403, ASelectTicket.getFromSession(httpServletRequest.getSession()) == null ? ERROR_NO_ASELECT_TICKET : ERROR_USERNAME_NOT_AUTHORIZED);
    }

    @Override // org.securityfilter.authenticator.Authenticator
    public boolean bypassSecurityForThisRequest(SecurityRequestWrapper securityRequestWrapper, URLPatternMatcher uRLPatternMatcher) {
        return false;
    }

    @Override // org.securityfilter.authenticator.Authenticator
    public boolean processLogout(SecurityRequestWrapper securityRequestWrapper, HttpServletResponse httpServletResponse, URLPatternMatcher uRLPatternMatcher) {
        return false;
    }
}
