package org.onetwo.boot.module.oauth2.authorize;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.onetwo.boot.core.web.utils.BootWebUtils;
import org.onetwo.boot.core.web.view.ExtJackson2HttpMessageConverter;
import org.onetwo.common.exception.BaseException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpInputMessage;
import org.springframework.http.InvalidMediaTypeException;
import org.springframework.http.MediaType;
import org.springframework.http.server.ServletServerHttpRequest;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter;
import org.springframework.web.HttpRequestMethodNotSupportedException;

@Deprecated
/* loaded from: input_file:org/onetwo/boot/module/oauth2/authorize/CustomClientCredentialsTokenEndpointFilter.class */
public class CustomClientCredentialsTokenEndpointFilter extends ClientCredentialsTokenEndpointFilter {
    private boolean allowOnlyPost;

    @Autowired
    private ExtJackson2HttpMessageConverter httpMessageConverter;
    private Class<? extends ClientDetailRequest> bodyType;

    public CustomClientCredentialsTokenEndpointFilter(String str) {
        super(str);
        this.allowOnlyPost = false;
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException, ServletException {
        if (this.allowOnlyPost && !"POST".equalsIgnoreCase(httpServletRequest.getMethod())) {
            throw new HttpRequestMethodNotSupportedException(httpServletRequest.getMethod(), new String[]{"POST"});
        }
        HttpInputMessage servletServerHttpRequest = new ServletServerHttpRequest(httpServletRequest);
        if (!this.httpMessageConverter.canRead(this.bodyType, getMediaType(servletServerHttpRequest))) {
            return super.attemptAuthentication(httpServletRequest, httpServletResponse);
        }
        ClientDetailRequest clientDetailRequest = (ClientDetailRequest) this.httpMessageConverter.read(this.bodyType, servletServerHttpRequest);
        String clientId = clientDetailRequest.getClientId();
        String clientSecret = clientDetailRequest.getClientSecret();
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null && authentication.isAuthenticated()) {
            return authentication;
        }
        if (clientId == null) {
            throw new BadCredentialsException("No client credentials presented");
        }
        if (clientSecret == null) {
            clientSecret = BootWebUtils.CONTROLLER_PREFIX;
        }
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(clientId.trim(), clientSecret);
        usernamePasswordAuthenticationToken.setDetails(clientDetailRequest);
        return getAuthenticationManager().authenticate(usernamePasswordAuthenticationToken);
    }

    protected MediaType getMediaType(ServletServerHttpRequest servletServerHttpRequest) {
        try {
            MediaType contentType = servletServerHttpRequest.getHeaders().getContentType();
            if (contentType == null) {
                contentType = MediaType.APPLICATION_OCTET_STREAM;
            }
            return contentType;
        } catch (InvalidMediaTypeException e) {
            throw new BaseException(e.getMessage());
        }
    }

    public void setAllowOnlyPost(boolean z) {
        this.allowOnlyPost = z;
        super.setAllowOnlyPost(z);
    }
}
