package com.gitlab.credit_reference_platform.crp.gateway.security.configuration;

import com.gitlab.credit_reference_platform.crp.gateway.system.activity.dto.ActivityDTO;
import com.gitlab.credit_reference_platform.crp.gateway.system.activity.enum_type.ActivityActionType;
import com.gitlab.credit_reference_platform.crp.gateway.system.activity.enum_type.ActivityCategory;
import com.gitlab.credit_reference_platform.crp.gateway.system.activity.enum_type.ActivityStatus;
import com.gitlab.credit_reference_platform.crp.gateway.system.activity.enum_type.ActivityType;
import com.gitlab.credit_reference_platform.crp.gateway.system.activity.service.IActivityService;
import com.gitlab.credit_reference_platform.crp.gateway.usermgmt.service.IUserService;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.time.Instant;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.CredentialsExpiredException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

@Component
/* loaded from: input_file:BOOT-INF/classes/com/gitlab/credit_reference_platform/crp/gateway/security/configuration/PortalAuthenticationFailureHandler.class */
public class PortalAuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {

    @Autowired
    private IUserService userService;

    @Autowired
    private IActivityService activityService;
    public static final String CREDENTIALS_EXPIRED_USERNAME = "LOGIN_CREDENTIALS_EXPIRED_USERNAME";

    @Override // org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler, org.springframework.security.web.authentication.AuthenticationFailureHandler
    public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        saveException(httpServletRequest, authenticationException);
        String parameter = httpServletRequest.getParameter("username");
        if (authenticationException instanceof CredentialsExpiredException) {
            saveUsername(httpServletRequest, parameter);
            setDefaultFailureUrl("/change-password");
        } else {
            this.userService.incrementLoginFailedCount(parameter);
            setDefaultFailureUrl("/login");
        }
        if (StringUtils.hasText(parameter)) {
            insertActivityRecord(parameter);
        }
        super.onAuthenticationFailure(httpServletRequest, httpServletResponse, authenticationException);
    }

    protected final void saveUsername(HttpServletRequest httpServletRequest, String str) {
        if (isUseForward()) {
            httpServletRequest.setAttribute(CREDENTIALS_EXPIRED_USERNAME, str);
        } else if (httpServletRequest.getSession(false) != null || isAllowSessionCreation()) {
            httpServletRequest.getSession().setAttribute(CREDENTIALS_EXPIRED_USERNAME, str);
        }
    }

    protected void insertActivityRecord(String str) {
        ActivityDTO activityDTO = new ActivityDTO();
        activityDTO.setCategory(ActivityCategory.SYSTEM);
        activityDTO.setType(ActivityType.USER_LOGIN);
        activityDTO.setActionType(ActivityActionType.ACTION);
        activityDTO.setActivityUsername(str);
        activityDTO.setActivityTime(Instant.now());
        activityDTO.setActivityMessage("Login attempt failed");
        activityDTO.setStatus(ActivityStatus.FAILED);
        this.activityService.insertActivityRecord(activityDTO);
    }
}
