package org.linagora.linshare.auth;

import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/classes/org/linagora/linshare/auth/PreAuthenticationHeader.class */
public class PreAuthenticationHeader extends RequestHeaderAuthenticationFilter {
    private String principalRequestHeader;
    private List<String> authorizedAddresses;
    private static Logger logger = LoggerFactory.getLogger(PreAuthenticationHeader.class);

    @Override // org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter, org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter
    protected Object getPreAuthenticatedPrincipal(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(this.principalRequestHeader);
        if (header == null || this.authorizedAddresses.contains(httpServletRequest.getRemoteAddr())) {
            return header;
        }
        logger.error("SECURITY ALERT: Unauthorized header value '" + header + "' from IP: " + httpServletRequest.getRemoteAddr() + ":" + httpServletRequest.getRemotePort());
        return null;
    }

    @Override // org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter
    public void setPrincipalRequestHeader(String str) {
        Assert.hasText(str, "principalRequestHeader must not be empty or null");
        this.principalRequestHeader = str;
    }

    public void setAuthorizedAddresses(List<String> list) {
        Assert.hasText(list.toString(), "authorizedAddresses must not be empty or null");
        this.authorizedAddresses = list;
    }
}
