package org.springframework.security.web.jaasapi;

import java.io.IOException;
import java.security.PrivilegedActionException;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.springframework.core.log.LogMessage;
import org.springframework.security.authentication.jaas.JaasAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:ingrid-interface-csw-7.2.3/lib/spring-security-web-5.7.11.jar:org/springframework/security/web/jaasapi/JaasApiIntegrationFilter.class */
public class JaasApiIntegrationFilter extends GenericFilterBean {
    private boolean createEmptySubject;

    @Override // javax.servlet.Filter
    public final void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {
        Subject obtainSubject = obtainSubject(servletRequest);
        if (obtainSubject == null && this.createEmptySubject) {
            this.logger.debug("Subject returned was null and createEmptySubject is true; creating new empty subject to run as.");
            obtainSubject = new Subject();
        }
        if (obtainSubject == null) {
            this.logger.debug("Subject is null continue running with no Subject.");
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            this.logger.debug(LogMessage.format("Running as Subject %s", obtainSubject));
            try {
                Subject.doAs(obtainSubject, () -> {
                    filterChain.doFilter(servletRequest, servletResponse);
                    return null;
                });
            } catch (PrivilegedActionException e) {
                throw new ServletException(e.getMessage(), e);
            }
        }
    }

    protected Subject obtainSubject(ServletRequest servletRequest) {
        LoginContext loginContext;
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        this.logger.debug(LogMessage.format("Attempting to obtainSubject using authentication : %s", authentication));
        if (authentication != null && authentication.isAuthenticated() && (authentication instanceof JaasAuthenticationToken) && (loginContext = ((JaasAuthenticationToken) authentication).getLoginContext()) != null) {
            return loginContext.getSubject();
        }
        return null;
    }

    public final void setCreateEmptySubject(boolean z) {
        this.createEmptySubject = z;
    }
}
