package org.springframework.security.web.server.authentication;

import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.core.log.LogMessage;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.security.core.context.SecurityContextImpl;
import org.springframework.util.Assert;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import reactor.core.publisher.Mono;

/* loaded from: input_file:WEB-INF/lib/spring-security-web-5.7.11.jar:org/springframework/security/web/server/authentication/AnonymousAuthenticationWebFilter.class */
public class AnonymousAuthenticationWebFilter implements WebFilter {
    private static final Log logger = LogFactory.getLog(AnonymousAuthenticationWebFilter.class);
    private String key;
    private Object principal;
    private List<GrantedAuthority> authorities;

    public AnonymousAuthenticationWebFilter(String str) {
        this(str, "anonymousUser", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"));
    }

    public AnonymousAuthenticationWebFilter(String str, Object obj, List<GrantedAuthority> list) {
        Assert.hasLength(str, "key cannot be null or empty");
        Assert.notNull(obj, "Anonymous authentication principal must be set");
        Assert.notNull(list, "Anonymous authorities must be set");
        this.key = str;
        this.principal = obj;
        this.authorities = list;
    }

    @Override // org.springframework.web.server.WebFilter
    public Mono<Void> filter(ServerWebExchange serverWebExchange, WebFilterChain webFilterChain) {
        return ReactiveSecurityContextHolder.getContext().switchIfEmpty(Mono.defer(() -> {
            Authentication createAuthentication = createAuthentication(serverWebExchange);
            SecurityContextImpl securityContextImpl = new SecurityContextImpl(createAuthentication);
            logger.debug(LogMessage.format("Populated SecurityContext with anonymous token: '%s'", createAuthentication));
            return webFilterChain.filter(serverWebExchange).subscriberContext(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContextImpl))).then(Mono.empty());
        })).flatMap(securityContext -> {
            logger.debug(LogMessage.format("SecurityContext contains anonymous token: '%s'", securityContext.getAuthentication()));
            return webFilterChain.filter(serverWebExchange);
        });
    }

    protected Authentication createAuthentication(ServerWebExchange serverWebExchange) {
        return new AnonymousAuthenticationToken(this.key, this.principal, this.authorities);
    }
}
