package org.mortbay.jetty.security;

import java.io.Serializable;
import java.security.Principal;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionBindingEvent;
import javax.servlet.http.HttpSessionBindingListener;
import javax.servlet.http.a;
import org.mortbay.jetty.Request;
import org.mortbay.jetty.Response;
import org.mortbay.log.Log;
import org.mortbay.util.StringUtil;
import org.mortbay.util.URIUtil;

/* loaded from: classes4.dex */
public class FormAuthenticator implements Authenticator {
    public static final String __J_AUTHENTICATED = "org.mortbay.jetty.Auth";
    public static final String __J_PASSWORD = "j_password";
    public static final String __J_SECURITY_CHECK = "/j_security_check";
    public static final String __J_URI = "org.mortbay.jetty.URI";
    public static final String __J_USERNAME = "j_username";
    private String _formErrorPage;
    private String _formErrorPath;
    private String _formLoginPage;
    private String _formLoginPath;

    /* loaded from: classes4.dex */
    public static class FormCredential implements Serializable, HttpSessionBindingListener {

        /* renamed from: a, reason: collision with root package name */
        public String f15186a;

        /* renamed from: b, reason: collision with root package name */
        public String f15187b;

        /* renamed from: c, reason: collision with root package name */
        public transient Principal f15188c;

        /* renamed from: d, reason: collision with root package name */
        public transient UserRealm f15189d;

        private FormCredential() {
        }

        public /* synthetic */ FormCredential(int i) {
            this();
        }

        public boolean equals(Object obj) {
            if (!(obj instanceof FormCredential)) {
                return false;
            }
            FormCredential formCredential = (FormCredential) obj;
            return this.f15186a.equals(formCredential.f15186a) && this.f15187b.equals(formCredential.f15187b);
        }

        public int hashCode() {
            return this.f15187b.hashCode() + this.f15186a.hashCode();
        }

        public String toString() {
            StringBuffer k2 = a.k("Cred[");
            k2.append(this.f15186a);
            k2.append("]");
            return k2.toString();
        }

        @Override // javax.servlet.http.HttpSessionBindingListener
        public void valueBound(HttpSessionBindingEvent httpSessionBindingEvent) {
        }

        @Override // javax.servlet.http.HttpSessionBindingListener
        public void valueUnbound(HttpSessionBindingEvent httpSessionBindingEvent) {
            Principal principal;
            if (Log.isDebugEnabled()) {
                StringBuffer k2 = a.k("Logout ");
                k2.append(this.f15186a);
                Log.debug(k2.toString());
            }
            UserRealm userRealm = this.f15189d;
            if (userRealm instanceof SSORealm) {
                ((SSORealm) userRealm).clearSingleSignOn(this.f15186a);
            }
            UserRealm userRealm2 = this.f15189d;
            if (userRealm2 == null || (principal = this.f15188c) == null) {
                return;
            }
            userRealm2.logout(principal);
        }
    }

    @Override // org.mortbay.jetty.security.Authenticator
    public Principal authenticate(UserRealm userRealm, String str, Request request, Response response) {
        int i = 0;
        HttpSession session = request.getSession(response != null);
        if (session == null) {
            return null;
        }
        if (isJSecurityCheck(str)) {
            FormCredential formCredential = new FormCredential(i);
            String parameter = request.getParameter(__J_USERNAME);
            String parameter2 = request.getParameter(__J_PASSWORD);
            formCredential.f15186a = parameter;
            formCredential.f15187b = parameter2;
            Principal authenticate = userRealm.authenticate(parameter, parameter2, request);
            formCredential.f15188c = authenticate;
            if (authenticate != null) {
                formCredential.f15189d = userRealm;
            } else {
                Log.warn("AUTH FAILURE: user {}", StringUtil.printable(parameter));
                request.setUserPrincipal(null);
            }
            String str2 = (String) session.getAttribute(__J_URI);
            if (str2 == null || str2.length() == 0) {
                str2 = request.getContextPath();
                if (str2.length() == 0) {
                    str2 = "/";
                }
            }
            if (formCredential.f15188c != null) {
                if (Log.isDebugEnabled()) {
                    StringBuffer k2 = a.k("Form authentication OK for ");
                    k2.append(formCredential.f15186a);
                    Log.debug(k2.toString());
                }
                session.removeAttribute(__J_URI);
                request.setAuthType("FORM");
                request.setUserPrincipal(formCredential.f15188c);
                session.setAttribute(__J_AUTHENTICATED, formCredential);
                if (userRealm instanceof SSORealm) {
                    ((SSORealm) userRealm).setSingleSignOn(request, response, formCredential.f15188c, new Password(formCredential.f15187b));
                }
                if (response != null) {
                    response.setContentLength(0);
                    response.sendRedirect(response.encodeRedirectURL(str2));
                }
            } else {
                if (Log.isDebugEnabled()) {
                    StringBuffer k3 = a.k("Form authentication FAILED for ");
                    k3.append(StringUtil.printable(formCredential.f15186a));
                    Log.debug(k3.toString());
                }
                if (response != null) {
                    if (this._formErrorPage == null) {
                        response.sendError(403);
                    } else {
                        response.setContentLength(0);
                        response.sendRedirect(response.encodeRedirectURL(URIUtil.addPaths(request.getContextPath(), this._formErrorPage)));
                    }
                }
            }
            return null;
        }
        FormCredential formCredential2 = (FormCredential) session.getAttribute(__J_AUTHENTICATED);
        if (formCredential2 != null) {
            Principal principal = formCredential2.f15188c;
            if (principal == null) {
                Principal authenticate2 = userRealm.authenticate(formCredential2.f15186a, formCredential2.f15187b, request);
                formCredential2.f15188c = authenticate2;
                if (authenticate2 != null) {
                    formCredential2.f15189d = userRealm;
                } else {
                    Log.warn("AUTH FAILURE: user {}", StringUtil.printable(formCredential2.f15186a));
                    request.setUserPrincipal(null);
                }
                Principal principal2 = formCredential2.f15188c;
                if (principal2 != null && (userRealm instanceof SSORealm)) {
                    ((SSORealm) userRealm).setSingleSignOn(request, response, principal2, new Password(formCredential2.f15187b));
                }
            } else if (!userRealm.reauthenticate(principal)) {
                formCredential2.f15188c = null;
            }
            if (formCredential2.f15188c != null) {
                if (Log.isDebugEnabled()) {
                    StringBuffer k4 = a.k("FORM Authenticated for ");
                    k4.append(formCredential2.f15188c.getName());
                    Log.debug(k4.toString());
                }
                request.setAuthType("FORM");
                request.setUserPrincipal(formCredential2.f15188c);
                return formCredential2.f15188c;
            }
            session.setAttribute(__J_AUTHENTICATED, null);
        } else if (userRealm instanceof SSORealm) {
            Credential singleSignOn = ((SSORealm) userRealm).getSingleSignOn(request, response);
            if (request.getUserPrincipal() != null) {
                FormCredential formCredential3 = new FormCredential(i);
                Principal userPrincipal = request.getUserPrincipal();
                formCredential3.f15188c = userPrincipal;
                formCredential3.f15186a = userPrincipal.getName();
                if (singleSignOn != null) {
                    formCredential3.f15187b = singleSignOn.toString();
                }
                if (Log.isDebugEnabled()) {
                    StringBuffer k5 = a.k("SSO for ");
                    k5.append(formCredential3.f15188c);
                    Log.debug(k5.toString());
                }
                request.setAuthType("FORM");
                session.setAttribute(__J_AUTHENTICATED, formCredential3);
                return formCredential3.f15188c;
            }
        }
        if (isLoginOrErrorPage(str)) {
            return SecurityHandler.__NOBODY;
        }
        if (response != null) {
            if (request.getQueryString() != null) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append(str);
                stringBuffer.append("?");
                stringBuffer.append(request.getQueryString());
                str = stringBuffer.toString();
            }
            StringBuffer stringBuffer2 = new StringBuffer();
            stringBuffer2.append(request.getScheme());
            stringBuffer2.append("://");
            stringBuffer2.append(request.getServerName());
            stringBuffer2.append(":");
            stringBuffer2.append(request.getServerPort());
            stringBuffer2.append(URIUtil.addPaths(request.getContextPath(), str));
            session.setAttribute(__J_URI, stringBuffer2.toString());
            response.setContentLength(0);
            response.sendRedirect(response.encodeRedirectURL(URIUtil.addPaths(request.getContextPath(), this._formLoginPage)));
        }
        return null;
    }

    @Override // org.mortbay.jetty.security.Authenticator
    public String getAuthMethod() {
        return "FORM";
    }

    public String getErrorPage() {
        return this._formErrorPage;
    }

    public String getLoginPage() {
        return this._formLoginPage;
    }

    public boolean isJSecurityCheck(String str) {
        int indexOf = str.indexOf(__J_SECURITY_CHECK);
        if (indexOf < 0) {
            return false;
        }
        int i = indexOf + 17;
        if (i == str.length()) {
            return true;
        }
        char charAt = str.charAt(i);
        return charAt == ';' || charAt == '#' || charAt == '/' || charAt == '?';
    }

    public boolean isLoginOrErrorPage(String str) {
        return str != null && (str.equals(this._formErrorPath) || str.equals(this._formLoginPath));
    }

    public void setErrorPage(String str) {
        if (str == null || str.trim().length() == 0) {
            this._formErrorPath = null;
            this._formErrorPage = null;
            return;
        }
        if (!str.startsWith("/")) {
            Log.warn("form-error-page must start with /");
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("/");
            stringBuffer.append(str);
            str = stringBuffer.toString();
        }
        this._formErrorPage = str;
        this._formErrorPath = str;
        if (str == null || str.indexOf(63) <= 0) {
            return;
        }
        String str2 = this._formErrorPath;
        this._formErrorPath = str2.substring(0, str2.indexOf(63));
    }

    public void setLoginPage(String str) {
        if (!str.startsWith("/")) {
            Log.warn("form-login-page must start with /");
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("/");
            stringBuffer.append(str);
            str = stringBuffer.toString();
        }
        this._formLoginPage = str;
        this._formLoginPath = str;
        if (str.indexOf(63) > 0) {
            String str2 = this._formLoginPath;
            this._formLoginPath = str2.substring(0, str2.indexOf(63));
        }
    }
}
