package org.apache.ranger.security.web.authentication;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.apache.ranger.biz.SessionMgr;
import org.apache.ranger.biz.XUserMgr;
import org.apache.ranger.common.JSONUtil;
import org.apache.ranger.common.PropertiesUtil;
import org.apache.ranger.view.VXResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.authentication.WebAuthenticationDetails;

/* loaded from: input_file:org/apache/ranger/security/web/authentication/RangerAuthSuccessHandler.class */
public class RangerAuthSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
    private static final Logger logger = Logger.getLogger(RangerAuthSuccessHandler.class);
    String ajaxLoginSuccessPage;

    @Autowired
    SessionMgr sessionMgr;

    @Autowired
    JSONUtil jsonUtil;

    @Autowired
    XUserMgr xUserMgr;

    public RangerAuthSuccessHandler() {
        this.ajaxLoginSuccessPage = null;
        if (this.ajaxLoginSuccessPage == null) {
            this.ajaxLoginSuccessPage = PropertiesUtil.getProperty("ranger.ajax.auth.success.page", "/ajax_success.html");
        }
    }

    public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws ServletException, IOException {
        new RangerSessionFixationProtectionStrategy().onAuthentication(authentication, httpServletRequest, httpServletResponse);
        WebAuthenticationDetails webAuthenticationDetails = (WebAuthenticationDetails) authentication.getDetails();
        String remoteAddress = webAuthenticationDetails != null ? webAuthenticationDetails.getRemoteAddress() : "";
        String sessionId = webAuthenticationDetails != null ? webAuthenticationDetails.getSessionId() : "";
        boolean isValidXAUser = this.sessionMgr.isValidXAUser(authentication.getName());
        String property = PropertiesUtil.getProperty("ranger.authentication.method", "NONE");
        if (!isValidXAUser && !"NONE".equalsIgnoreCase(property)) {
            this.xUserMgr.createServiceConfigUser(authentication.getName());
            isValidXAUser = this.sessionMgr.isValidXAUser(authentication.getName());
        }
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setHeader("X-Frame-Options", "DENY");
        VXResponse vXResponse = new VXResponse();
        if (!isValidXAUser) {
            this.sessionMgr.processFailureLogin(6, 1, authentication.getName(), remoteAddress, sessionId);
            authentication.setAuthenticated(false);
            vXResponse.setStatusCode(412);
            vXResponse.setMsgDesc("Auth Succeeded but user is not synced yet for " + authentication.getName());
            httpServletResponse.setStatus(412);
            httpServletResponse.getWriter().write(this.jsonUtil.writeObjectAsString(vXResponse));
            logger.info("Auth Succeeded but user is not synced yet for " + authentication.getName());
            return;
        }
        String header = httpServletRequest.getHeader("X-Requested-With");
        if (logger.isDebugEnabled()) {
            logger.debug("commence() X-Requested-With=" + header);
        }
        if (header == null || !"XMLHttpRequest".equalsIgnoreCase(header)) {
            String str = "";
            try {
                vXResponse.setStatusCode(200);
                vXResponse.setMsgDesc("Login Successful");
                httpServletResponse.setStatus(200);
                str = this.jsonUtil.writeObjectAsString(vXResponse);
                httpServletResponse.getWriter().write(str);
            } catch (IOException e) {
                logger.info("Error while writing JSON in HttpServletResponse");
            }
            if (logger.isDebugEnabled()) {
                logger.debug("Sending login success response : " + str);
                return;
            }
            return;
        }
        String str2 = "";
        try {
            vXResponse.setStatusCode(200);
            vXResponse.setMsgDesc("Login Successful");
            httpServletResponse.setStatus(200);
            str2 = this.jsonUtil.writeObjectAsString(vXResponse);
            httpServletResponse.getWriter().write(str2);
        } catch (IOException e2) {
            logger.info("Error while writing JSON in HttpServletResponse");
        }
        if (logger.isDebugEnabled()) {
            logger.debug("Sending login success response : " + str2);
        }
        clearAuthenticationAttributes(httpServletRequest);
    }
}
