package org.broadleafcommerce.profile.web.core.security;

import java.util.HashMap;
import java.util.Map;
import javax.annotation.Resource;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.broadleafcommerce.common.extension.ExtensionResultHolder;
import org.broadleafcommerce.common.util.BLCRequestUtils;
import org.broadleafcommerce.common.web.AbstractBroadleafWebRequestProcessor;
import org.broadleafcommerce.common.web.BroadleafRequestCustomerResolverImpl;
import org.broadleafcommerce.profile.core.domain.Customer;
import org.broadleafcommerce.profile.core.service.CustomerService;
import org.broadleafcommerce.profile.web.core.CustomerState;
import org.springframework.context.ApplicationEvent;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.ApplicationEventPublisherAware;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.RememberMeAuthenticationToken;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.WebRequest;

@Component("blCustomerStateRequestProcessor")
/* loaded from: input_file:org/broadleafcommerce/profile/web/core/security/CustomerStateRequestProcessor.class */
public class CustomerStateRequestProcessor extends AbstractBroadleafWebRequestProcessor implements ApplicationEventPublisherAware {
    protected final Log logger = LogFactory.getLog(getClass());
    public static final String BLC_RULE_MAP_PARAM = "blRuleMap";

    @Resource(name = "blCustomerService")
    protected CustomerService customerService;

    @Resource(name = "blCustomerMergeExtensionManager")
    protected CustomerMergeExtensionManager customerMergeExtensionManager;
    protected ApplicationEventPublisher eventPublisher;
    public static final String ANONYMOUS_CUSTOMER_SESSION_ATTRIBUTE_NAME = "_blc_anonymousCustomer";
    public static final String ANONYMOUS_CUSTOMER_ID_SESSION_ATTRIBUTE_NAME = "_blc_anonymousCustomerId";
    private static final String LAST_PUBLISHED_EVENT_SESSION_ATTRIBUTED_NAME = "_blc_lastPublishedEvent";
    public static final String OVERRIDE_CUSTOMER_SESSION_ATTR_NAME = "_blc_overrideCustomerId";
    public static final String ANONYMOUS_CUSTOMER_MERGED_SESSION_ATTRIBUTE_NAME = "_blc_anonymousCustomerMerged";

    public void process(WebRequest webRequest) {
        Customer customer = null;
        Long l = null;
        if (BLCRequestUtils.isOKtoUseSession(webRequest)) {
            l = (Long) webRequest.getAttribute(OVERRIDE_CUSTOMER_SESSION_ATTR_NAME, 2);
        }
        if (l != null) {
            customer = this.customerService.readCustomerById(l);
            if (customer != null && !customer.isRegistered() && !customer.isLoggedIn() && !customer.isCookied()) {
                customer.setAnonymous(true);
            }
        } else {
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            if (authentication != null && !(authentication instanceof AnonymousAuthenticationToken)) {
                String name = authentication.getName();
                customer = (Customer) BroadleafRequestCustomerResolverImpl.getRequestCustomerResolver().getCustomer(webRequest);
                if (name != null && (customer == null || !name.equals(customer.getUsername()))) {
                    customer = this.customerService.readCustomerByUsername(name);
                    if (this.logger.isDebugEnabled() && customer != null) {
                        this.logger.debug("Customer found by username " + name);
                    }
                }
                if (customer != null) {
                    ApplicationEvent applicationEvent = (ApplicationEvent) BLCRequestUtils.getSessionAttributeIfOk(webRequest, LAST_PUBLISHED_EVENT_SESSION_ATTRIBUTED_NAME);
                    if (authentication instanceof RememberMeAuthenticationToken) {
                        customer.setCookied(true);
                        boolean z = true;
                        if (applicationEvent != null && (applicationEvent instanceof CustomerAuthenticatedFromCookieEvent) && name.equals(((CustomerAuthenticatedFromCookieEvent) applicationEvent).getCustomer().getUsername())) {
                            z = false;
                        }
                        if (z) {
                            CustomerAuthenticatedFromCookieEvent customerAuthenticatedFromCookieEvent = new CustomerAuthenticatedFromCookieEvent(customer, getClass().getName());
                            this.eventPublisher.publishEvent(customerAuthenticatedFromCookieEvent);
                            BLCRequestUtils.setSessionAttributeIfOk(webRequest, LAST_PUBLISHED_EVENT_SESSION_ATTRIBUTED_NAME, customerAuthenticatedFromCookieEvent);
                        }
                    } else if (authentication instanceof UsernamePasswordAuthenticationToken) {
                        customer.setLoggedIn(true);
                        boolean z2 = true;
                        if (applicationEvent != null && (applicationEvent instanceof CustomerLoggedInEvent) && name.equals(((CustomerLoggedInEvent) applicationEvent).getCustomer().getUsername())) {
                            z2 = false;
                        }
                        if (z2) {
                            CustomerLoggedInEvent customerLoggedInEvent = new CustomerLoggedInEvent(customer, getClass().getName());
                            this.eventPublisher.publishEvent(customerLoggedInEvent);
                            BLCRequestUtils.setSessionAttributeIfOk(webRequest, LAST_PUBLISHED_EVENT_SESSION_ATTRIBUTED_NAME, customerLoggedInEvent);
                        }
                    } else {
                        customer = resolveAuthenticatedCustomer(authentication);
                    }
                }
            }
        }
        Customer resolveAnonymousCustomer = customer == null ? resolveAnonymousCustomer(webRequest) : mergeCustomerIfRequired(webRequest, customer);
        CustomerState.setCustomer(resolveAnonymousCustomer);
        Map map = (Map) webRequest.getAttribute(BLC_RULE_MAP_PARAM, 0);
        if (map == null) {
            map = new HashMap();
        }
        map.put("customer", resolveAnonymousCustomer);
        webRequest.setAttribute(BLC_RULE_MAP_PARAM, map, 0);
    }

    protected Customer mergeCustomerIfRequired(WebRequest webRequest, Customer customer) {
        if (BLCRequestUtils.isOKtoUseSession(webRequest) && webRequest.getAttribute(getAnonymousCustomerMergedSessionAttributeName(), 2) == null) {
            webRequest.setAttribute(getAnonymousCustomerMergedSessionAttributeName(), Boolean.TRUE, 2);
            customer = copyAnonymousCustomerInfoToCustomer(webRequest, getAnonymousCustomer(webRequest), customer);
        }
        return customer;
    }

    protected Customer copyAnonymousCustomerInfoToCustomer(WebRequest webRequest, Customer customer, Customer customer2) {
        if (this.customerMergeExtensionManager == null) {
            return customer2;
        }
        ExtensionResultHolder<Customer> extensionResultHolder = new ExtensionResultHolder<>();
        extensionResultHolder.setResult(customer2);
        ((CustomerMergeExtensionHandler) this.customerMergeExtensionManager.getProxy()).merge(extensionResultHolder, webRequest, customer);
        if (extensionResultHolder.getThrowable() == null) {
            return this.customerService.saveCustomer((Customer) extensionResultHolder.getResult());
        }
        if (extensionResultHolder.getThrowable() instanceof RuntimeException) {
            throw ((RuntimeException) extensionResultHolder.getThrowable());
        }
        throw new RuntimeException("An unexpected error occured merging the anonymous customer", extensionResultHolder.getThrowable());
    }

    public Customer resolveAuthenticatedCustomer(Authentication authentication) {
        return null;
    }

    public Customer resolveAnonymousCustomer(WebRequest webRequest) {
        Customer anonymousCustomer = getAnonymousCustomer(webRequest);
        if (anonymousCustomer == null) {
            anonymousCustomer = this.customerService.createNewCustomer();
            if (BLCRequestUtils.isOKtoUseSession(webRequest)) {
                webRequest.setAttribute(getAnonymousCustomerSessionAttributeName(), anonymousCustomer, 2);
            }
        }
        anonymousCustomer.setAnonymous(true);
        return anonymousCustomer;
    }

    public Customer getAnonymousCustomer(WebRequest webRequest) {
        Long l;
        if (!BLCRequestUtils.isOKtoUseSession(webRequest)) {
            return null;
        }
        Customer customer = (Customer) webRequest.getAttribute(getAnonymousCustomerSessionAttributeName(), 2);
        if (customer == null && (l = (Long) webRequest.getAttribute(getAnonymousCustomerIdSessionAttributeName(), 2)) != null) {
            customer = this.customerService.readCustomerById(l);
        }
        return customer;
    }

    public static String getAnonymousCustomerSessionAttributeName() {
        return ANONYMOUS_CUSTOMER_SESSION_ATTRIBUTE_NAME;
    }

    public static String getAnonymousCustomerIdSessionAttributeName() {
        return ANONYMOUS_CUSTOMER_ID_SESSION_ATTRIBUTE_NAME;
    }

    public void setApplicationEventPublisher(ApplicationEventPublisher applicationEventPublisher) {
        this.eventPublisher = applicationEventPublisher;
    }

    public static String getCustomerRequestAttributeName() {
        return BroadleafRequestCustomerResolverImpl.getRequestCustomerResolver().getCustomerRequestAttributeName();
    }

    public static String getAnonymousCustomerMergedSessionAttributeName() {
        return ANONYMOUS_CUSTOMER_MERGED_SESSION_ATTRIBUTE_NAME;
    }
}
