package com.hazelcast.webmonitor.security;

import com.hazelcast.internal.auditlog.AuditlogService;
import com.hazelcast.webmonitor.auditlog.impl.EventLogTypeIds;
import com.hazelcast.webmonitor.repositories.sql.UserDAO;
import com.hazelcast.webmonitor.service.Clock;
import java.io.IOException;
import java.util.Iterator;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
import org.springframework.stereotype.Service;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/classes/com/hazelcast/webmonitor/security/CustomAuthenticationSuccessHandler.class
 */
@Service
/* loaded from: input_file:com/hazelcast/webmonitor/security/CustomAuthenticationSuccessHandler.class */
public class CustomAuthenticationSuccessHandler extends SimpleUrlAuthenticationSuccessHandler {
    private final UserDAO userDAO;
    private final AuditlogService auditService;
    private final Clock clock;

    @Autowired
    public CustomAuthenticationSuccessHandler(UserDAO userDAO, AuditlogService auditlogService, Clock clock) {
        super("/");
        this.userDAO = userDAO;
        this.auditService = auditlogService;
        this.clock = clock;
    }

    /* JADX WARN: Type inference failed for: r0v7, types: [com.hazelcast.internal.auditlog.EventBuilder] */
    @Override // org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler, org.springframework.security.web.authentication.AuthenticationSuccessHandler
    public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
        addSameSiteToCookies(httpServletResponse);
        super.onAuthenticationSuccess(httpServletRequest, httpServletResponse, authentication);
        this.userDAO.updateLoginTime(authentication.getName(), this.clock.currentLocalDateTime());
        this.auditService.eventBuilder(EventLogTypeIds.USER_LOGGED_IN).message("User logged in").addParameter("username", authentication.getName()).log();
    }

    private void addSameSiteToCookies(HttpServletResponse httpServletResponse) {
        boolean z = true;
        Iterator<String> it = httpServletResponse.getHeaders("Set-Cookie").iterator();
        while (it.hasNext()) {
            String format = String.format("%s; %s", it.next(), "SameSite=Lax");
            if (z) {
                httpServletResponse.setHeader("Set-Cookie", format);
                z = false;
            } else {
                httpServletResponse.addHeader("Set-Cookie", format);
            }
        }
    }
}
