package org.springframework.security.oauth2.provider;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.core.HttpHeaders;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.common.DefaultOAuth2SerializationService;
import org.springframework.security.oauth2.common.DefaultThrowableAnalyzer;
import org.springframework.security.oauth2.common.OAuth2SerializationService;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.web.util.ThrowableAnalyzer;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:WEB-INF/lib/spring-security-oauth-1.0.0.M2.jar:org/springframework/security/oauth2/provider/OAuth2ExceptionHandlerFilter.class */
public class OAuth2ExceptionHandlerFilter extends GenericFilterBean {
    private OAuth2SerializationService serializationService = new DefaultOAuth2SerializationService();
    private ThrowableAnalyzer throwableAnalyzer = new DefaultThrowableAnalyzer();

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Chain processed normally");
            }
        } catch (IOException e) {
            throw e;
        } catch (Exception e2) {
            Throwable[] determineCauseChain = getThrowableAnalyzer().determineCauseChain(e2);
            RuntimeException runtimeException = (AuthenticationException) getThrowableAnalyzer().getFirstThrowableOfType(AuthenticationException.class, determineCauseChain);
            if (runtimeException == null) {
                runtimeException = (AccessDeniedException) getThrowableAnalyzer().getFirstThrowableOfType(AccessDeniedException.class, determineCauseChain);
            }
            if (runtimeException != null) {
                handleSecurityException(httpServletRequest, httpServletResponse, filterChain, runtimeException);
            } else {
                if (e2 instanceof ServletException) {
                    throw e2;
                }
                if (!(e2 instanceof RuntimeException)) {
                    throw new RuntimeException((Throwable) e2);
                }
                throw ((RuntimeException) e2);
            }
        }
    }

    protected void handleSecurityException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, RuntimeException runtimeException) throws IOException {
        if (!(runtimeException instanceof OAuth2Exception)) {
            throw runtimeException;
        }
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("OAuth error.", runtimeException);
        }
        String serialize = getSerializationService().serialize((OAuth2Exception) runtimeException);
        httpServletResponse.setStatus(((OAuth2Exception) runtimeException).getHttpErrorCode());
        httpServletResponse.setHeader(HttpHeaders.CACHE_CONTROL, "no-store");
        httpServletResponse.setContentType("application/json");
        httpServletResponse.getWriter().write(serialize);
        httpServletResponse.flushBuffer();
    }

    public ThrowableAnalyzer getThrowableAnalyzer() {
        return this.throwableAnalyzer;
    }

    @Autowired(required = false)
    public void setThrowableAnalyzer(ThrowableAnalyzer throwableAnalyzer) {
        this.throwableAnalyzer = throwableAnalyzer;
    }

    public OAuth2SerializationService getSerializationService() {
        return this.serializationService;
    }

    public void setSerializationService(OAuth2SerializationService oAuth2SerializationService) {
        this.serializationService = oAuth2SerializationService;
    }
}
