package org.spark_project.jetty.security.authentication;

import java.io.IOException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Locale;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
import org.spark_project.jetty.http.HttpHeader;
import org.spark_project.jetty.http.HttpHeaderValue;
import org.spark_project.jetty.http.HttpMethod;
import org.spark_project.jetty.http.HttpVersion;
import org.spark_project.jetty.http.MimeTypes;
import org.spark_project.jetty.security.Authenticator;
import org.spark_project.jetty.security.ServerAuthException;
import org.spark_project.jetty.security.UserAuthentication;
import org.spark_project.jetty.server.Authentication;
import org.spark_project.jetty.server.Request;
import org.spark_project.jetty.server.Response;
import org.spark_project.jetty.server.UserIdentity;
import org.spark_project.jetty.util.MultiMap;
import org.spark_project.jetty.util.StringUtil;
import org.spark_project.jetty.util.URIUtil;
import org.spark_project.jetty.util.log.Log;
import org.spark_project.jetty.util.log.Logger;

/* loaded from: input_file:org/spark_project/jetty/security/authentication/FormAuthenticator.class */
public class FormAuthenticator extends LoginAuthenticator {
    private static final Logger LOG = Log.getLogger((Class<?>) FormAuthenticator.class);
    public static final String __FORM_LOGIN_PAGE = "org.spark_project.jetty.security.form_login_page";
    public static final String __FORM_ERROR_PAGE = "org.spark_project.jetty.security.form_error_page";
    public static final String __FORM_DISPATCH = "org.spark_project.jetty.security.dispatch";
    public static final String __J_URI = "org.spark_project.jetty.security.form_URI";
    public static final String __J_POST = "org.spark_project.jetty.security.form_POST";
    public static final String __J_METHOD = "org.spark_project.jetty.security.form_METHOD";
    public static final String __J_SECURITY_CHECK = "/j_security_check";
    public static final String __J_USERNAME = "j_username";
    public static final String __J_PASSWORD = "j_password";
    private String _formErrorPage;
    private String _formErrorPath;
    private String _formLoginPage;
    private String _formLoginPath;
    private boolean _dispatch;
    private boolean _alwaysSaveUri;

    /* loaded from: input_file:org/spark_project/jetty/security/authentication/FormAuthenticator$FormAuthentication.class */
    public static class FormAuthentication extends UserAuthentication implements Authentication.ResponseSent {
        public FormAuthentication(String str, UserIdentity userIdentity) {
            super(str, userIdentity);
        }

        @Override // org.spark_project.jetty.security.UserAuthentication
        public String toString() {
            return "Form" + super.toString();
        }
    }

    /* loaded from: input_file:org/spark_project/jetty/security/authentication/FormAuthenticator$FormRequest.class */
    protected static class FormRequest extends HttpServletRequestWrapper {
        public FormRequest(HttpServletRequest httpServletRequest) {
            super(httpServletRequest);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public long getDateHeader(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return -1L;
            }
            return super.getDateHeader(str);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public String getHeader(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return null;
            }
            return super.getHeader(str);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public Enumeration<String> getHeaderNames() {
            return Collections.enumeration(Collections.list(super.getHeaderNames()));
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public Enumeration<String> getHeaders(String str) {
            return str.toLowerCase(Locale.ENGLISH).startsWith("if-") ? Collections.enumeration(Collections.emptyList()) : super.getHeaders(str);
        }
    }

    /* loaded from: input_file:org/spark_project/jetty/security/authentication/FormAuthenticator$FormResponse.class */
    protected static class FormResponse extends HttpServletResponseWrapper {
        public FormResponse(HttpServletResponse httpServletResponse) {
            super(httpServletResponse);
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void addDateHeader(String str, long j) {
            if (notIgnored(str)) {
                super.addDateHeader(str, j);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void addHeader(String str, String str2) {
            if (notIgnored(str)) {
                super.addHeader(str, str2);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void setDateHeader(String str, long j) {
            if (notIgnored(str)) {
                super.setDateHeader(str, j);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void setHeader(String str, String str2) {
            if (notIgnored(str)) {
                super.setHeader(str, str2);
            }
        }

        private boolean notIgnored(String str) {
            return (HttpHeader.CACHE_CONTROL.is(str) || HttpHeader.PRAGMA.is(str) || HttpHeader.ETAG.is(str) || HttpHeader.EXPIRES.is(str) || HttpHeader.LAST_MODIFIED.is(str) || HttpHeader.AGE.is(str)) ? false : true;
        }
    }

    public FormAuthenticator() {
    }

    public FormAuthenticator(String str, String str2, boolean z) {
        this();
        if (str != null) {
            setLoginPage(str);
        }
        if (str2 != null) {
            setErrorPage(str2);
        }
        this._dispatch = z;
    }

    public void setAlwaysSaveUri(boolean z) {
        this._alwaysSaveUri = z;
    }

    public boolean getAlwaysSaveUri() {
        return this._alwaysSaveUri;
    }

    @Override // org.spark_project.jetty.security.authentication.LoginAuthenticator, org.spark_project.jetty.security.Authenticator
    public void setConfiguration(Authenticator.AuthConfiguration authConfiguration) {
        super.setConfiguration(authConfiguration);
        String initParameter = authConfiguration.getInitParameter(__FORM_LOGIN_PAGE);
        if (initParameter != null) {
            setLoginPage(initParameter);
        }
        String initParameter2 = authConfiguration.getInitParameter(__FORM_ERROR_PAGE);
        if (initParameter2 != null) {
            setErrorPage(initParameter2);
        }
        String initParameter3 = authConfiguration.getInitParameter(__FORM_DISPATCH);
        this._dispatch = initParameter3 == null ? this._dispatch : Boolean.valueOf(initParameter3).booleanValue();
    }

    @Override // org.spark_project.jetty.security.Authenticator
    public String getAuthMethod() {
        return "FORM";
    }

    private void setLoginPage(String str) {
        if (!str.startsWith("/")) {
            LOG.warn("form-login-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this._formLoginPage = str;
        this._formLoginPath = str;
        if (this._formLoginPath.indexOf(63) > 0) {
            this._formLoginPath = this._formLoginPath.substring(0, this._formLoginPath.indexOf(63));
        }
    }

    private void setErrorPage(String str) {
        if (str == null || str.trim().length() == 0) {
            this._formErrorPath = null;
            this._formErrorPage = null;
            return;
        }
        if (!str.startsWith("/")) {
            LOG.warn("form-error-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this._formErrorPage = str;
        this._formErrorPath = str;
        if (this._formErrorPath.indexOf(63) > 0) {
            this._formErrorPath = this._formErrorPath.substring(0, this._formErrorPath.indexOf(63));
        }
    }

    @Override // org.spark_project.jetty.security.authentication.LoginAuthenticator
    public UserIdentity login(String str, Object obj, ServletRequest servletRequest) {
        UserIdentity login = super.login(str, obj, servletRequest);
        if (login != null) {
            ((HttpServletRequest) servletRequest).getSession(true).setAttribute(SessionAuthentication.__J_AUTHENTICATED, new SessionAuthentication(getAuthMethod(), login, obj));
        }
        return login;
    }

    @Override // org.spark_project.jetty.security.authentication.LoginAuthenticator, org.spark_project.jetty.security.Authenticator
    public void prepareRequest(ServletRequest servletRequest) {
        String str;
        String str2;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null || session.getAttribute(SessionAuthentication.__J_AUTHENTICATED) == null || (str = (String) session.getAttribute(__J_URI)) == null || str.length() == 0 || (str2 = (String) session.getAttribute(__J_METHOD)) == null || str2.length() == 0) {
            return;
        }
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        if (httpServletRequest.getQueryString() != null) {
            requestURL.append("?").append(httpServletRequest.getQueryString());
        }
        if (str.equals(requestURL.toString())) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Restoring original method {} for {} with method {}", str2, str, httpServletRequest.getMethod());
            }
            Request.getBaseRequest(servletRequest).setMethod(str2);
        }
    }

    @Override // org.spark_project.jetty.security.Authenticator
    public Authentication validateRequest(ServletRequest servletRequest, ServletResponse servletResponse, boolean z) throws ServerAuthException {
        String str;
        FormAuthentication formAuthentication;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        Request baseRequest = Request.getBaseRequest(httpServletRequest);
        Response response = baseRequest.getResponse();
        String requestURI = httpServletRequest.getRequestURI();
        if (requestURI == null) {
            requestURI = "/";
        }
        if (!z && !isJSecurityCheck(requestURI)) {
            return new DeferredAuthentication(this);
        }
        if (isLoginOrErrorPage(URIUtil.addPaths(httpServletRequest.getServletPath(), httpServletRequest.getPathInfo())) && !DeferredAuthentication.isDeferred(httpServletResponse)) {
            return new DeferredAuthentication(this);
        }
        HttpSession session = httpServletRequest.getSession(true);
        try {
            if (isJSecurityCheck(requestURI)) {
                String parameter = httpServletRequest.getParameter("j_username");
                UserIdentity login = login(parameter, httpServletRequest.getParameter("j_password"), httpServletRequest);
                LOG.debug("jsecuritycheck {} {}", parameter, login);
                HttpSession session2 = httpServletRequest.getSession(true);
                if (login != null) {
                    synchronized (session2) {
                        str = (String) session2.getAttribute(__J_URI);
                        if (str == null || str.length() == 0) {
                            str = httpServletRequest.getContextPath();
                            if (str.length() == 0) {
                                str = "/";
                            }
                        }
                        formAuthentication = new FormAuthentication(getAuthMethod(), login);
                    }
                    LOG.debug("authenticated {}->{}", formAuthentication, str);
                    httpServletResponse.setContentLength(0);
                    response.sendRedirect(baseRequest.getHttpVersion().getVersion() < HttpVersion.HTTP_1_1.getVersion() ? 302 : 303, httpServletResponse.encodeRedirectURL(str));
                    return formAuthentication;
                }
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Form authentication FAILED for " + StringUtil.printable(parameter), new Object[0]);
                }
                if (this._formErrorPage == null) {
                    LOG.debug("auth failed {}->403", parameter);
                    if (httpServletResponse != null) {
                        httpServletResponse.sendError(403);
                    }
                } else if (this._dispatch) {
                    LOG.debug("auth failed {}=={}", parameter, this._formErrorPage);
                    RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher(this._formErrorPage);
                    httpServletResponse.setHeader(HttpHeader.CACHE_CONTROL.asString(), HttpHeaderValue.NO_CACHE.asString());
                    httpServletResponse.setDateHeader(HttpHeader.EXPIRES.asString(), 1L);
                    requestDispatcher.forward(new FormRequest(httpServletRequest), new FormResponse(httpServletResponse));
                } else {
                    LOG.debug("auth failed {}->{}", parameter, this._formErrorPage);
                    response.sendRedirect(baseRequest.getHttpVersion().getVersion() < HttpVersion.HTTP_1_1.getVersion() ? 302 : 303, httpServletResponse.encodeRedirectURL(URIUtil.addPaths(httpServletRequest.getContextPath(), this._formErrorPage)));
                }
                return Authentication.SEND_FAILURE;
            }
            Authentication authentication = (Authentication) session.getAttribute(SessionAuthentication.__J_AUTHENTICATED);
            if (authentication != null) {
                if (!(authentication instanceof Authentication.User) || this._loginService == null || this._loginService.validate(((Authentication.User) authentication).getUserIdentity())) {
                    synchronized (session) {
                        String str2 = (String) session.getAttribute(__J_URI);
                        if (str2 != null) {
                            LOG.debug("auth retry {}->{}", authentication, str2);
                            StringBuffer requestURL = httpServletRequest.getRequestURL();
                            if (httpServletRequest.getQueryString() != null) {
                                requestURL.append("?").append(httpServletRequest.getQueryString());
                            }
                            if (str2.equals(requestURL.toString())) {
                                MultiMap<String> multiMap = (MultiMap) session.getAttribute(__J_POST);
                                if (multiMap != null) {
                                    LOG.debug("auth rePOST {}->{}", authentication, str2);
                                    baseRequest.setContentParameters(multiMap);
                                }
                                session.removeAttribute(__J_URI);
                                session.removeAttribute(__J_METHOD);
                                session.removeAttribute(__J_POST);
                            }
                        }
                    }
                    LOG.debug("auth {}", authentication);
                    return authentication;
                }
                LOG.debug("auth revoked {}", authentication);
                session.removeAttribute(SessionAuthentication.__J_AUTHENTICATED);
            }
            if (DeferredAuthentication.isDeferred(httpServletResponse)) {
                LOG.debug("auth deferred {}", session.getId());
                return Authentication.UNAUTHENTICATED;
            }
            synchronized (session) {
                if (session.getAttribute(__J_URI) == null || this._alwaysSaveUri) {
                    StringBuffer requestURL2 = httpServletRequest.getRequestURL();
                    if (httpServletRequest.getQueryString() != null) {
                        requestURL2.append("?").append(httpServletRequest.getQueryString());
                    }
                    session.setAttribute(__J_URI, requestURL2.toString());
                    session.setAttribute(__J_METHOD, httpServletRequest.getMethod());
                    if (MimeTypes.Type.FORM_ENCODED.is(servletRequest.getContentType()) && HttpMethod.POST.is(httpServletRequest.getMethod())) {
                        MultiMap<String> multiMap2 = new MultiMap<>();
                        baseRequest.extractFormParameters(multiMap2);
                        session.setAttribute(__J_POST, multiMap2);
                    }
                }
            }
            if (this._dispatch) {
                LOG.debug("challenge {}=={}", session.getId(), this._formLoginPage);
                RequestDispatcher requestDispatcher2 = httpServletRequest.getRequestDispatcher(this._formLoginPage);
                httpServletResponse.setHeader(HttpHeader.CACHE_CONTROL.asString(), HttpHeaderValue.NO_CACHE.asString());
                httpServletResponse.setDateHeader(HttpHeader.EXPIRES.asString(), 1L);
                requestDispatcher2.forward(new FormRequest(httpServletRequest), new FormResponse(httpServletResponse));
            } else {
                LOG.debug("challenge {}->{}", session.getId(), this._formLoginPage);
                response.sendRedirect(baseRequest.getHttpVersion().getVersion() < HttpVersion.HTTP_1_1.getVersion() ? 302 : 303, httpServletResponse.encodeRedirectURL(URIUtil.addPaths(httpServletRequest.getContextPath(), this._formLoginPage)));
            }
            return Authentication.SEND_CONTINUE;
        } catch (IOException | ServletException e) {
            throw new ServerAuthException(e);
        }
    }

    public boolean isJSecurityCheck(String str) {
        char charAt;
        int indexOf = str.indexOf("/j_security_check");
        if (indexOf < 0) {
            return false;
        }
        int length = indexOf + "/j_security_check".length();
        return length == str.length() || (charAt = str.charAt(length)) == ';' || charAt == '#' || charAt == '/' || charAt == '?';
    }

    public boolean isLoginOrErrorPage(String str) {
        return str != null && (str.equals(this._formErrorPath) || str.equals(this._formLoginPath));
    }

    @Override // org.spark_project.jetty.security.Authenticator
    public boolean secureResponse(ServletRequest servletRequest, ServletResponse servletResponse, boolean z, Authentication.User user) throws ServerAuthException {
        return true;
    }
}
