package org.squashtest.tm.web.backend.controller;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import java.util.Map;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
import org.squashtest.tm.core.foundation.logger.Logger;
import org.squashtest.tm.core.foundation.logger.LoggerFactory;
import org.squashtest.tm.service.user.UserAdministrationService;

@Controller
/* loaded from: input_file:WEB-INF/classes/org/squashtest/tm/web/backend/controller/RootController.class */
public class RootController {
    public static final String REDIRECT_AFTER_AUTH = "redirect-after-auth";
    public static final String INTERNAL_LOGIN_URL = "/login";
    private static final Logger LOGGER = LoggerFactory.getLogger(RootController.class);
    private final UserAdministrationService userAdministrationService;

    @Value("${squash.security.preferred-auth-url:/login}")
    private String preferredAuthUrl = "/login";

    public RootController(UserAdministrationService userAdministrationService) {
        this.userAdministrationService = userAdministrationService;
    }

    @GetMapping({"/"})
    public String mainEntryPoint(HttpServletRequest httpServletRequest, RedirectAttributes redirectAttributes, HttpSession httpSession) {
        if (!isAuthenticated()) {
            redirectAttributes.addAllAttributes((Map<String, ?>) httpServletRequest.getParameterMap());
            httpSession.setAttribute(REDIRECT_AFTER_AUTH, httpServletRequest.getParameterMap().get(REDIRECT_AFTER_AUTH));
            LOGGER.info("Received GET request on \"/\". User is not authenticated, redirecting to {}", this.preferredAuthUrl);
            return "redirect:" + this.preferredAuthUrl;
        }
        String restoreRedirectionUrl = restoreRedirectionUrl(httpServletRequest, httpSession);
        if (!this.userAdministrationService.findPostLoginInformation().isEmpty()) {
            restoreRedirectionUrl = String.format("/information?%s=%s", REDIRECT_AFTER_AUTH, restoreRedirectionUrl);
        }
        LOGGER.info("Received GET request on \"/\". User is authenticated, redirecting to {}", restoreRedirectionUrl);
        return "redirect:" + restoreRedirectionUrl;
    }

    private String restoreRedirectionUrl(HttpServletRequest httpServletRequest, HttpSession httpSession) {
        String defaultAuthenticatedRedirectUrlForUserAuthority = this.userAdministrationService.getDefaultAuthenticatedRedirectUrlForUserAuthority();
        String[] strArr = httpServletRequest.getParameterMap().get(REDIRECT_AFTER_AUTH);
        if (strArr == null || strArr.length == 0) {
            Object attribute = httpSession.getAttribute(REDIRECT_AFTER_AUTH);
            if ((attribute instanceof String[]) && ((String[]) attribute).length > 0) {
                httpSession.removeAttribute(REDIRECT_AFTER_AUTH);
                defaultAuthenticatedRedirectUrlForUserAuthority = ((String[]) attribute)[0];
                LOGGER.info("Found a redirect-after-auth attribute is session. Redirect url is now set to {}", defaultAuthenticatedRedirectUrlForUserAuthority);
            }
        }
        return defaultAuthenticatedRedirectUrlForUserAuthority;
    }

    private boolean isAuthenticated() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return (authentication == null || !authentication.isAuthenticated() || (authentication instanceof AnonymousAuthenticationToken)) ? false : true;
    }
}
