package org.eclipse.jetty.security.authentication;

import java.io.IOException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Locale;
import java.util.Properties;
import javax.servlet.ServletException;
import javax.servlet.s;
import javax.servlet.y;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.a;
import org.eclipse.jetty.security.j;
import org.eclipse.jetty.server.e;
import org.eclipse.jetty.server.i;
import org.eclipse.jetty.server.o;
import org.eclipse.jetty.server.w;
import org.eclipse.jetty.util.m;
import org.eclipse.jetty.util.u;

/* loaded from: classes4.dex */
public class e extends f {
    public static final org.eclipse.jetty.util.log.c i;
    public String d;
    public String e;
    public String f;
    public String g;
    public boolean h;

    /* loaded from: classes4.dex */
    public static class a extends j implements e.f {
        public a(String str, w wVar) {
            super(str, wVar);
        }

        @Override // org.eclipse.jetty.security.j
        public String toString() {
            return "Form" + super.toString();
        }
    }

    /* loaded from: classes4.dex */
    public static class b extends javax.servlet.http.d {
        public b(javax.servlet.http.c cVar) {
            super(cVar);
        }

        @Override // javax.servlet.http.c
        public Enumeration f(String str) {
            return str.toLowerCase(Locale.ENGLISH).startsWith("if-") ? Collections.enumeration(Collections.EMPTY_LIST) : ((javax.servlet.http.c) this.a).f(str);
        }

        @Override // javax.servlet.http.d, javax.servlet.http.c
        public Enumeration q() {
            return Collections.enumeration(Collections.list(super.q()));
        }

        @Override // javax.servlet.http.c
        public String u(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return null;
            }
            return ((javax.servlet.http.c) this.a).u(str);
        }
    }

    /* loaded from: classes4.dex */
    public static class c extends javax.servlet.http.f {
        public c(javax.servlet.http.e eVar) {
            super(eVar);
        }

        @Override // javax.servlet.http.e
        public void a(String str, long j) {
            if (m(str)) {
                ((javax.servlet.http.e) this.a).a(str, j);
            }
        }

        @Override // javax.servlet.http.e
        public void l(String str, String str2) {
            if (m(str)) {
                ((javax.servlet.http.e) this.a).l(str, str2);
            }
        }

        public final boolean m(String str) {
            return ("Cache-Control".equalsIgnoreCase(str) || "Pragma".equalsIgnoreCase(str) || "ETag".equalsIgnoreCase(str) || "Expires".equalsIgnoreCase(str) || "Last-Modified".equalsIgnoreCase(str) || "Age".equalsIgnoreCase(str)) ? false : true;
        }
    }

    static {
        Properties properties = org.eclipse.jetty.util.log.b.a;
        i = org.eclipse.jetty.util.log.b.a(e.class.getName());
    }

    @Override // org.eclipse.jetty.security.a
    public String a() {
        return "FORM";
    }

    @Override // org.eclipse.jetty.security.a
    public org.eclipse.jetty.server.e b(s sVar, y yVar, boolean z) throws ServerAuthException {
        org.eclipse.jetty.security.f fVar;
        String str;
        javax.servlet.d dVar = javax.servlet.d.FORWARD;
        javax.servlet.http.c cVar = (javax.servlet.http.c) sVar;
        javax.servlet.http.e eVar = (javax.servlet.http.e) yVar;
        String x = cVar.x();
        if (x == null) {
            x = "/";
        }
        if (!z && !f(x)) {
            return new org.eclipse.jetty.security.authentication.c(this);
        }
        String b2 = u.b(cVar.w(), cVar.r());
        if ((b2 != null && (b2.equals(this.e) || b2.equals(this.g))) && !org.eclipse.jetty.security.authentication.c.b(eVar)) {
            return new org.eclipse.jetty.security.authentication.c(this);
        }
        javax.servlet.http.g g = cVar.g(true);
        try {
            if (f(x)) {
                String m = cVar.m("j_username");
                w e = e(m, cVar.m("j_password"), cVar);
                javax.servlet.http.g g2 = cVar.g(true);
                if (e != null) {
                    synchronized (g2) {
                        str = (String) g2.getAttribute("org.eclipse.jetty.security.form_URI");
                        if (str == null || str.length() == 0) {
                            str = cVar.d();
                            if (str.length() == 0) {
                                str = "/";
                            }
                        }
                    }
                    eVar.k(0);
                    eVar.g(eVar.e(str));
                    return new a("FORM", e);
                }
                org.eclipse.jetty.util.log.c cVar2 = i;
                if (cVar2.a()) {
                    cVar2.e("Form authentication FAILED for " + org.eclipse.jetty.util.s.e(m), new Object[0]);
                }
                String str2 = this.d;
                if (str2 == null) {
                    if (eVar != null) {
                        eVar.j(403);
                    }
                } else if (this.h) {
                    javax.servlet.j c2 = cVar.c(str2);
                    eVar.l("Cache-Control", "No-cache");
                    eVar.a("Expires", 1L);
                    ((i) c2).a(new b(cVar), new c(eVar), dVar);
                } else {
                    eVar.g(eVar.e(u.b(cVar.d(), this.d)));
                }
                return org.eclipse.jetty.server.e.e0;
            }
            org.eclipse.jetty.server.e eVar2 = (org.eclipse.jetty.server.e) g.getAttribute("org.eclipse.jetty.security.UserIdentity");
            if (eVar2 != null) {
                if (!(eVar2 instanceof e.g) || (fVar = this.a) == null || fVar.b(((e.g) eVar2).c())) {
                    String str3 = (String) g.getAttribute("org.eclipse.jetty.security.form_URI");
                    if (str3 != null) {
                        m<String> mVar = (m) g.getAttribute("org.eclipse.jetty.security.form_POST");
                        if (mVar != null) {
                            StringBuffer s = cVar.s();
                            if (cVar.h() != null) {
                                s.append("?");
                                s.append(cVar.h());
                            }
                            if (str3.equals(s.toString())) {
                                g.removeAttribute("org.eclipse.jetty.security.form_POST");
                                o oVar = sVar instanceof o ? (o) sVar : org.eclipse.jetty.server.c.f().j;
                                oVar.r = "POST";
                                oVar.J(mVar);
                            }
                        } else {
                            g.removeAttribute("org.eclipse.jetty.security.form_URI");
                        }
                    }
                    return eVar2;
                }
                g.removeAttribute("org.eclipse.jetty.security.UserIdentity");
            }
            if (org.eclipse.jetty.security.authentication.c.b(eVar)) {
                i.e("auth deferred {}", g.getId());
                return org.eclipse.jetty.server.e.b0;
            }
            synchronized (g) {
                if (g.getAttribute("org.eclipse.jetty.security.form_URI") == null) {
                    StringBuffer s2 = cVar.s();
                    if (cVar.h() != null) {
                        s2.append("?");
                        s2.append(cVar.h());
                    }
                    g.a("org.eclipse.jetty.security.form_URI", s2.toString());
                    if ("application/x-www-form-urlencoded".equalsIgnoreCase(sVar.getContentType()) && "POST".equals(cVar.getMethod())) {
                        o oVar2 = sVar instanceof o ? (o) sVar : org.eclipse.jetty.server.c.f().j;
                        oVar2.z();
                        g.a("org.eclipse.jetty.security.form_POST", new m(oVar2.s));
                    }
                }
            }
            if (this.h) {
                javax.servlet.j c3 = cVar.c(this.f);
                eVar.l("Cache-Control", "No-cache");
                eVar.a("Expires", 1L);
                ((i) c3).a(new b(cVar), new c(eVar), dVar);
            } else {
                eVar.g(eVar.e(u.b(cVar.d(), this.f)));
            }
            return org.eclipse.jetty.server.e.d0;
        } catch (IOException e2) {
            throw new ServerAuthException(e2);
        } catch (ServletException e3) {
            throw new ServerAuthException(e3);
        }
    }

    @Override // org.eclipse.jetty.security.authentication.f, org.eclipse.jetty.security.a
    public void c(a.InterfaceC0623a interfaceC0623a) {
        super.c(interfaceC0623a);
        org.eclipse.jetty.security.i iVar = (org.eclipse.jetty.security.i) interfaceC0623a;
        String str = iVar.n.get("org.eclipse.jetty.security.form_login_page");
        if (str != null) {
            if (!str.startsWith("/")) {
                i.b("form-login-page must start with /", new Object[0]);
                str = "/" + str;
            }
            this.f = str;
            this.g = str;
            if (str.indexOf(63) > 0) {
                String str2 = this.g;
                this.g = str2.substring(0, str2.indexOf(63));
            }
        }
        String str3 = iVar.n.get("org.eclipse.jetty.security.form_error_page");
        if (str3 != null) {
            if (str3.trim().length() == 0) {
                this.e = null;
                this.d = null;
            } else {
                if (!str3.startsWith("/")) {
                    i.b("form-error-page must start with /", new Object[0]);
                    str3 = "/" + str3;
                }
                this.d = str3;
                this.e = str3;
                if (str3.indexOf(63) > 0) {
                    String str4 = this.e;
                    this.e = str4.substring(0, str4.indexOf(63));
                }
            }
        }
        String str5 = iVar.n.get("org.eclipse.jetty.security.dispatch");
        this.h = str5 == null ? this.h : Boolean.valueOf(str5).booleanValue();
    }

    @Override // org.eclipse.jetty.security.a
    public boolean d(s sVar, y yVar, boolean z, e.g gVar) throws ServerAuthException {
        return true;
    }

    @Override // org.eclipse.jetty.security.authentication.f
    public w e(String str, Object obj, s sVar) {
        w e = super.e(str, obj, sVar);
        if (e != null) {
            ((javax.servlet.http.c) sVar).g(true).a("org.eclipse.jetty.security.UserIdentity", new g("FORM", e, obj));
        }
        return e;
    }

    public boolean f(String str) {
        char charAt;
        int indexOf = str.indexOf("/j_security_check");
        if (indexOf < 0) {
            return false;
        }
        int i2 = indexOf + 17;
        return i2 == str.length() || (charAt = str.charAt(i2)) == ';' || charAt == '#' || charAt == '/' || charAt == '?';
    }
}
