package org.eclipse.jetty.security.authentication;

import com.raizlabs.android.dbflow.sql.language.n;
import java.io.IOException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Locale;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.k;
import org.eclipse.jetty.security.o;
import org.eclipse.jetty.server.AbstractHttpConnection;
import org.eclipse.jetty.server.Authentication;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.server.m;
import org.eclipse.jetty.util.aa;
import org.eclipse.jetty.util.log.Logger;
import org.eclipse.jetty.util.q;
import org.eclipse.jetty.util.y;

/* loaded from: classes10.dex */
public class e extends LoginAuthenticator {
    public static final String Hr = "org.eclipse.jetty.security.form_login_page";
    public static final String Hs = "org.eclipse.jetty.security.form_error_page";
    public static final String Ht = "org.eclipse.jetty.security.dispatch";
    public static final String Hu = "org.eclipse.jetty.security.form_URI";
    public static final String Hv = "org.eclipse.jetty.security.form_POST";
    public static final String Hw = "/j_security_check";
    public static final String Hx = "j_username";
    public static final String Hy = "j_password";
    private static final Logger LOG = org.eclipse.jetty.util.log.c.a(e.class);
    private String HA;
    private String HB;
    private String HC;
    private String Hz;
    private boolean yi;
    private boolean yj;

    /* loaded from: classes10.dex */
    public static class a extends o implements Authentication.ResponseSent {
        public a(String str, UserIdentity userIdentity) {
            super(str, userIdentity);
        }

        @Override // org.eclipse.jetty.security.o
        public String toString() {
            return "Form" + super.toString();
        }
    }

    /* loaded from: classes10.dex */
    protected static class b extends javax.servlet.http.b {
        public b(HttpServletRequest httpServletRequest) {
            super(httpServletRequest);
        }

        @Override // javax.servlet.http.b, javax.servlet.http.HttpServletRequest
        public long getDateHeader(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return -1L;
            }
            return super.getDateHeader(str);
        }

        @Override // javax.servlet.http.b, javax.servlet.http.HttpServletRequest
        public String getHeader(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return null;
            }
            return super.getHeader(str);
        }

        @Override // javax.servlet.http.b, javax.servlet.http.HttpServletRequest
        public Enumeration getHeaderNames() {
            return Collections.enumeration(Collections.list(super.getHeaderNames()));
        }

        @Override // javax.servlet.http.b, javax.servlet.http.HttpServletRequest
        public Enumeration getHeaders(String str) {
            return str.toLowerCase(Locale.ENGLISH).startsWith("if-") ? Collections.enumeration(Collections.EMPTY_LIST) : super.getHeaders(str);
        }
    }

    /* loaded from: classes10.dex */
    protected static class c extends javax.servlet.http.c {
        public c(HttpServletResponse httpServletResponse) {
            super(httpServletResponse);
        }

        private boolean aH(String str) {
            return (org.eclipse.jetty.http.h.CACHE_CONTROL.equalsIgnoreCase(str) || org.eclipse.jetty.http.h.PRAGMA.equalsIgnoreCase(str) || org.eclipse.jetty.http.h.ETAG.equalsIgnoreCase(str) || org.eclipse.jetty.http.h.EXPIRES.equalsIgnoreCase(str) || org.eclipse.jetty.http.h.LAST_MODIFIED.equalsIgnoreCase(str) || org.eclipse.jetty.http.h.AGE.equalsIgnoreCase(str)) ? false : true;
        }

        @Override // javax.servlet.http.c, javax.servlet.http.HttpServletResponse
        public void addDateHeader(String str, long j) {
            if (aH(str)) {
                super.addDateHeader(str, j);
            }
        }

        @Override // javax.servlet.http.c, javax.servlet.http.HttpServletResponse
        public void addHeader(String str, String str2) {
            if (aH(str)) {
                super.addHeader(str, str2);
            }
        }

        @Override // javax.servlet.http.c, javax.servlet.http.HttpServletResponse
        public void setDateHeader(String str, long j) {
            if (aH(str)) {
                super.setDateHeader(str, j);
            }
        }

        @Override // javax.servlet.http.c, javax.servlet.http.HttpServletResponse
        public void setHeader(String str, String str2) {
            if (aH(str)) {
                super.setHeader(str, str2);
            }
        }
    }

    public e() {
    }

    public e(String str, String str2, boolean z) {
        this();
        if (str != null) {
            ft(str);
        }
        if (str2 != null) {
            fu(str2);
        }
        this.yi = z;
    }

    private void ft(String str) {
        if (!str.startsWith("/")) {
            LOG.warn("form-login-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.HB = str;
        this.HC = str;
        if (str.indexOf(63) > 0) {
            String str2 = this.HC;
            this.HC = str2.substring(0, str2.indexOf(63));
        }
    }

    private void fu(String str) {
        if (str == null || str.trim().length() == 0) {
            this.HA = null;
            this.Hz = null;
            return;
        }
        if (!str.startsWith("/")) {
            LOG.warn("form-error-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.Hz = str;
        this.HA = str;
        if (str.indexOf(63) > 0) {
            String str2 = this.HA;
            this.HA = str2.substring(0, str2.indexOf(63));
        }
    }

    public boolean aF(String str) {
        char charAt;
        int indexOf = str.indexOf(Hw);
        if (indexOf < 0) {
            return false;
        }
        int i = indexOf + 17;
        return i == str.length() || (charAt = str.charAt(i)) == ';' || charAt == '#' || charAt == '/' || charAt == '?';
    }

    public boolean aG(String str) {
        return str != null && (str.equals(this.HA) || str.equals(this.HC));
    }

    public void fs(boolean z) {
        this.yj = z;
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public String getAuthMethod() {
        return "FORM";
    }

    @Override // org.eclipse.jetty.security.authentication.LoginAuthenticator
    public UserIdentity login(String str, Object obj, ServletRequest servletRequest) {
        UserIdentity login = super.login(str, obj, servletRequest);
        if (login != null) {
            ((HttpServletRequest) servletRequest).getSession(true).setAttribute(g.HD, new g(getAuthMethod(), login, obj));
        }
        return login;
    }

    public boolean nM() {
        return this.yj;
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public boolean secureResponse(ServletRequest servletRequest, ServletResponse servletResponse, boolean z, Authentication.User user) throws k {
        return true;
    }

    @Override // org.eclipse.jetty.security.authentication.LoginAuthenticator, org.eclipse.jetty.security.Authenticator
    public void setConfiguration(Authenticator.AuthConfiguration authConfiguration) {
        super.setConfiguration(authConfiguration);
        String initParameter = authConfiguration.getInitParameter(Hr);
        if (initParameter != null) {
            ft(initParameter);
        }
        String initParameter2 = authConfiguration.getInitParameter(Hs);
        if (initParameter2 != null) {
            fu(initParameter2);
        }
        String initParameter3 = authConfiguration.getInitParameter(Ht);
        this.yi = initParameter3 == null ? this.yi : Boolean.valueOf(initParameter3).booleanValue();
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public Authentication validateRequest(ServletRequest servletRequest, ServletResponse servletResponse, boolean z) throws k {
        String str;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String requestURI = httpServletRequest.getRequestURI();
        if (requestURI == null) {
            requestURI = "/";
        }
        if (!z && !aF(requestURI)) {
            return new org.eclipse.jetty.security.authentication.c(this);
        }
        if (aG(aa.B(httpServletRequest.getServletPath(), httpServletRequest.getPathInfo())) && !org.eclipse.jetty.security.authentication.c.a(httpServletResponse)) {
            return new org.eclipse.jetty.security.authentication.c(this);
        }
        HttpSession session = httpServletRequest.getSession(true);
        try {
            if (aF(requestURI)) {
                String parameter = httpServletRequest.getParameter(Hx);
                UserIdentity login = login(parameter, httpServletRequest.getParameter(Hy), httpServletRequest);
                HttpSession session2 = httpServletRequest.getSession(true);
                if (login != null) {
                    synchronized (session2) {
                        str = (String) session2.getAttribute(Hu);
                        if (str == null || str.length() == 0) {
                            str = httpServletRequest.getContextPath();
                            if (str.length() == 0) {
                                str = "/";
                            }
                        }
                    }
                    httpServletResponse.setContentLength(0);
                    httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(str));
                    return new a(getAuthMethod(), login);
                }
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Form authentication FAILED for " + y.bs(parameter), new Object[0]);
                }
                if (this.Hz == null) {
                    if (httpServletResponse != null) {
                        httpServletResponse.sendError(403);
                    }
                } else if (this.yi) {
                    RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher(this.Hz);
                    httpServletResponse.setHeader(org.eclipse.jetty.http.h.CACHE_CONTROL, "No-cache");
                    httpServletResponse.setDateHeader(org.eclipse.jetty.http.h.EXPIRES, 1L);
                    requestDispatcher.forward(new b(httpServletRequest), new c(httpServletResponse));
                } else {
                    httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(aa.B(httpServletRequest.getContextPath(), this.Hz)));
                }
                return Authentication.SEND_FAILURE;
            }
            Authentication authentication = (Authentication) session.getAttribute(g.HD);
            if (authentication != null) {
                if (!(authentication instanceof Authentication.User) || this._loginService == null || this._loginService.validate(((Authentication.User) authentication).getUserIdentity())) {
                    String str2 = (String) session.getAttribute(Hu);
                    if (str2 != null) {
                        q<String> qVar = (q) session.getAttribute(Hv);
                        if (qVar != null) {
                            StringBuffer requestURL = httpServletRequest.getRequestURL();
                            if (httpServletRequest.getQueryString() != null) {
                                requestURL.append(n.c.Bd);
                                requestURL.append(httpServletRequest.getQueryString());
                            }
                            if (str2.equals(requestURL.toString())) {
                                session.removeAttribute(Hv);
                                m request = servletRequest instanceof m ? (m) servletRequest : AbstractHttpConnection.getCurrentConnection().getRequest();
                                request.setMethod("POST");
                                request.b(qVar);
                            }
                        } else {
                            session.removeAttribute(Hu);
                        }
                    }
                    return authentication;
                }
                session.removeAttribute(g.HD);
            }
            if (org.eclipse.jetty.security.authentication.c.a(httpServletResponse)) {
                LOG.debug("auth deferred {}", session.getId());
                return Authentication.UNAUTHENTICATED;
            }
            synchronized (session) {
                if (session.getAttribute(Hu) == null || this.yj) {
                    StringBuffer requestURL2 = httpServletRequest.getRequestURL();
                    if (httpServletRequest.getQueryString() != null) {
                        requestURL2.append(n.c.Bd);
                        requestURL2.append(httpServletRequest.getQueryString());
                    }
                    session.setAttribute(Hu, requestURL2.toString());
                    if (org.eclipse.jetty.http.n.Gr.equalsIgnoreCase(servletRequest.getContentType()) && "POST".equals(httpServletRequest.getMethod())) {
                        m request2 = servletRequest instanceof m ? (m) servletRequest : AbstractHttpConnection.getCurrentConnection().getRequest();
                        request2.Ey();
                        session.setAttribute(Hv, new q((q) request2.m4901a()));
                    }
                }
            }
            if (this.yi) {
                RequestDispatcher requestDispatcher2 = httpServletRequest.getRequestDispatcher(this.HB);
                httpServletResponse.setHeader(org.eclipse.jetty.http.h.CACHE_CONTROL, "No-cache");
                httpServletResponse.setDateHeader(org.eclipse.jetty.http.h.EXPIRES, 1L);
                requestDispatcher2.forward(new b(httpServletRequest), new c(httpServletResponse));
            } else {
                httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(aa.B(httpServletRequest.getContextPath(), this.HB)));
            }
            return Authentication.SEND_CONTINUE;
        } catch (IOException e) {
            throw new k(e);
        } catch (javax.servlet.h e2) {
            throw new k(e2);
        }
    }
}
