package org.codehaus.groovy.grails.plugins.springsecurity;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.PortResolver;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.savedrequest.DefaultSavedRequest;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/classes/org/codehaus/groovy/grails/plugins/springsecurity/AjaxAwareAccessDeniedHandler.class */
public class AjaxAwareAccessDeniedHandler implements AccessDeniedHandler, InitializingBean {
    private String errorPage;
    private String ajaxErrorPage;
    private PortResolver portResolver;
    private AuthenticationTrustResolver authenticationTrustResolver;

    @Override // org.springframework.security.web.access.AccessDeniedHandler
    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        if (accessDeniedException != null && isLoggedIn() && this.authenticationTrustResolver.isRememberMe(getAuthentication())) {
            httpServletRequest.getSession().setAttribute("SPRING_SECURITY_SAVED_REQUEST_KEY", new DefaultSavedRequest(httpServletRequest, this.portResolver));
        }
        if (httpServletResponse.isCommitted()) {
            return;
        }
        boolean z = this.ajaxErrorPage != null && SpringSecurityUtils.isAjax(httpServletRequest);
        if (this.errorPage == null && !z) {
            httpServletResponse.sendError(403, accessDeniedException.getMessage());
            return;
        }
        boolean z2 = true;
        String scheme = httpServletRequest.getScheme();
        String serverName = httpServletRequest.getServerName();
        int serverPort = this.portResolver.getServerPort(httpServletRequest);
        String contextPath = httpServletRequest.getContextPath();
        boolean equals = "http".equals(scheme.toLowerCase());
        boolean equals2 = "https".equals(scheme.toLowerCase());
        if (equals && serverPort == 80) {
            z2 = false;
        } else if (equals2 && serverPort == 443) {
            z2 = false;
        }
        String str = scheme + "://" + serverName + (z2 ? ":" + serverPort : "") + contextPath;
        if (z) {
            str = str + this.ajaxErrorPage;
        } else if (this.errorPage != null) {
            str = str + this.errorPage;
        }
        httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(str));
    }

    private Authentication getAuthentication() {
        if (SecurityContextHolder.getContext() == null) {
            return null;
        }
        return SecurityContextHolder.getContext().getAuthentication();
    }

    private boolean isLoggedIn() {
        Authentication authentication = getAuthentication();
        return (authentication == null || this.authenticationTrustResolver.isAnonymous(authentication)) ? false : true;
    }

    public void setErrorPage(String str) {
        Assert.isTrue(str == null || str.startsWith("/"), "ErrorPage must begin with '/'");
        this.errorPage = str;
    }

    public void setAjaxErrorPage(String str) {
        Assert.isTrue(str == null || str.startsWith("/"), "Ajax ErrorPage must begin with '/'");
        this.ajaxErrorPage = str;
    }

    public void setPortResolver(PortResolver portResolver) {
        this.portResolver = portResolver;
    }

    public void setAuthenticationTrustResolver(AuthenticationTrustResolver authenticationTrustResolver) {
        this.authenticationTrustResolver = authenticationTrustResolver;
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() {
        Assert.notNull(this.portResolver, "portResolver is required");
        Assert.notNull(this.authenticationTrustResolver, "authenticationTrustResolver is required");
    }
}
