package com.bssys.fk.ui.web.controller.esia;

import com.bssys.fk.common.ui.util.RedirectAwareMessageInfo;
import com.bssys.fk.ui.security.UserService;
import com.bssys.fk.ui.service.EsiaUserService;
import com.bssys.fk.ui.web.controller.login.LoginController;
import com.bssys.fk.ui.web.controller.login.model.LoginForm;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.config.BeanIds;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.WebAuthenticationDetails;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;

@Controller
/* loaded from: input_file:fk-ui-war-2.0.1.war:WEB-INF/classes/com/bssys/fk/ui/web/controller/esia/EsiaController.class */
public class EsiaController {
    private static final Logger LOGGER = LoggerFactory.getLogger(EsiaController.class);

    @Autowired
    private UserService userService;

    @Autowired
    private RedirectAwareMessageInfo redirectAwareMessageInfo;

    @Resource(name = BeanIds.AUTHENTICATION_MANAGER)
    private ProviderManager authenticationManager;

    @Autowired
    private EsiaUserService esiaUserService;

    @RequestMapping({"sso.html"})
    public ModelAndView esiaLogin(HttpServletRequest httpServletRequest) {
        return new ModelAndView("esia");
    }

    @RequestMapping(value = {"sso/post.html"}, method = {RequestMethod.POST})
    public ModelAndView esiaLoginResult(@RequestParam("SAMLResponse") String str, RedirectAttributes redirectAttributes, HttpServletRequest httpServletRequest) {
        LoginForm loginForm = (LoginForm) httpServletRequest.getSession().getAttribute(LoginController.USER_LOGIN_DATA);
        if (loginForm == null) {
            LOGGER.debug("Attempt to perform login without entered inn and kpp");
            return new ModelAndView("redirect:/login.html");
        }
        LOGGER.debug("Receive response from ESIA [{}]", str);
        if ("not.matched".equals(str)) {
            if (StringUtils.isNotBlank(loginForm.getKpp())) {
                this.redirectAwareMessageInfo.addUiMessage(redirectAttributes, "login.inn.kpp.not.matched", new Object[]{loginForm.getInn(), loginForm.getKpp()}, "error");
            } else {
                this.redirectAwareMessageInfo.addUiMessage(redirectAttributes, "login.inn.not.matched", new Object[]{loginForm.getInn()}, "error");
            }
            return new ModelAndView("redirect:/loginResult.html");
        }
        if ("wrong".equals(str)) {
            return new ModelAndView("redirect:/loginResult.html");
        }
        if ("no.permissions".equals(str)) {
            this.redirectAwareMessageInfo.addUiMessage(redirectAttributes, "login.not.enough.permissions", "error");
            return new ModelAndView("redirect:/loginResult.html");
        }
        UserDetails loadUserByUsername = this.userService.loadUserByUsername(this.esiaUserService.getByEsiaId(str).getGuid());
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loadUserByUsername.getUsername(), "", loadUserByUsername.getAuthorities());
        usernamePasswordAuthenticationToken.setDetails(new WebAuthenticationDetails(httpServletRequest));
        SecurityContextHolder.getContext().setAuthentication(this.authenticationManager.authenticate(usernamePasswordAuthenticationToken));
        httpServletRequest.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext());
        return new ModelAndView("redirect:/profile.html");
    }
}
