package org.eclipse.jetty.security.authentication;

import java.io.IOException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Locale;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.UserAuthentication;
import org.eclipse.jetty.server.AbstractHttpConnection;
import org.eclipse.jetty.server.Authentication;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.MultiMap;
import org.eclipse.jetty.util.StringUtil;
import org.eclipse.jetty.util.URIUtil;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;

/* loaded from: classes3.dex */
public class FormAuthenticator extends LoginAuthenticator {

    /* renamed from: j, reason: collision with root package name */
    public static final Logger f54320j = Log.f(FormAuthenticator.class);

    /* renamed from: k, reason: collision with root package name */
    public static final String f54321k = "org.eclipse.jetty.security.form_login_page";

    /* renamed from: l, reason: collision with root package name */
    public static final String f54322l = "org.eclipse.jetty.security.form_error_page";

    /* renamed from: m, reason: collision with root package name */
    public static final String f54323m = "org.eclipse.jetty.security.dispatch";

    /* renamed from: n, reason: collision with root package name */
    public static final String f54324n = "org.eclipse.jetty.security.form_URI";

    /* renamed from: o, reason: collision with root package name */
    public static final String f54325o = "org.eclipse.jetty.security.form_POST";

    /* renamed from: p, reason: collision with root package name */
    public static final String f54326p = "/j_security_check";

    /* renamed from: q, reason: collision with root package name */
    public static final String f54327q = "j_username";

    /* renamed from: r, reason: collision with root package name */
    public static final String f54328r = "j_password";

    /* renamed from: d, reason: collision with root package name */
    public String f54329d;

    /* renamed from: e, reason: collision with root package name */
    public String f54330e;

    /* renamed from: f, reason: collision with root package name */
    public String f54331f;

    /* renamed from: g, reason: collision with root package name */
    public String f54332g;

    /* renamed from: h, reason: collision with root package name */
    public boolean f54333h;

    /* renamed from: i, reason: collision with root package name */
    public boolean f54334i;

    /* loaded from: classes3.dex */
    public static class FormAuthentication extends UserAuthentication implements Authentication.ResponseSent {
        public FormAuthentication(String str, UserIdentity userIdentity) {
            super(str, userIdentity);
        }

        @Override // org.eclipse.jetty.security.UserAuthentication
        public String toString() {
            return "Form" + super.toString();
        }
    }

    /* loaded from: classes3.dex */
    public static class FormRequest extends HttpServletRequestWrapper {
        public FormRequest(HttpServletRequest httpServletRequest) {
            super(httpServletRequest);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public long Y(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return -1L;
            }
            return super.Y(str);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public Enumeration a() {
            return Collections.enumeration(Collections.list(super.a()));
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public String g(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return null;
            }
            return super.g(str);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public Enumeration getHeaders(String str) {
            return str.toLowerCase(Locale.ENGLISH).startsWith("if-") ? Collections.enumeration(Collections.EMPTY_LIST) : super.getHeaders(str);
        }
    }

    /* loaded from: classes3.dex */
    public static class FormResponse extends HttpServletResponseWrapper {
        public FormResponse(HttpServletResponse httpServletResponse) {
            super(httpServletResponse);
        }

        public final boolean H(String str) {
            return ("Cache-Control".equalsIgnoreCase(str) || "Pragma".equalsIgnoreCase(str) || "ETag".equalsIgnoreCase(str) || "Expires".equalsIgnoreCase(str) || "Last-Modified".equalsIgnoreCase(str) || "Age".equalsIgnoreCase(str)) ? false : true;
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void addHeader(String str, String str2) {
            if (H(str)) {
                super.addHeader(str, str2);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void i(String str, long j10) {
            if (H(str)) {
                super.i(str, j10);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void s(String str, long j10) {
            if (H(str)) {
                super.s(str, j10);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void setHeader(String str, String str2) {
            if (H(str)) {
                super.setHeader(str, str2);
            }
        }
    }

    public FormAuthenticator() {
    }

    public FormAuthenticator(String str, String str2, boolean z10) {
        this();
        if (str != null) {
            m(str);
        }
        if (str2 != null) {
            l(str2);
        }
        this.f54333h = z10;
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public Authentication a(ServletRequest servletRequest, ServletResponse servletResponse, boolean z10) throws ServerAuthException {
        LoginService loginService;
        String str;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String c02 = httpServletRequest.c0();
        if (c02 == null) {
            c02 = "/";
        }
        if (!z10 && !i(c02)) {
            return new DeferredAuthentication(this);
        }
        if (j(URIUtil.a(httpServletRequest.T(), httpServletRequest.A())) && !DeferredAuthentication.d(httpServletResponse)) {
            return new DeferredAuthentication(this);
        }
        HttpSession O = httpServletRequest.O(true);
        try {
            if (i(c02)) {
                String parameter = httpServletRequest.getParameter(f54327q);
                UserIdentity f10 = f(parameter, httpServletRequest.getParameter(f54328r), httpServletRequest);
                HttpSession O2 = httpServletRequest.O(true);
                if (f10 != null) {
                    synchronized (O2) {
                        str = (String) O2.getAttribute(f54324n);
                        if (str == null || str.length() == 0) {
                            str = httpServletRequest.f();
                            if (str.length() == 0) {
                                str = "/";
                            }
                        }
                    }
                    httpServletResponse.x(0);
                    httpServletResponse.C(httpServletResponse.v(str));
                    return new FormAuthentication(b(), f10);
                }
                Logger logger = f54320j;
                if (logger.a()) {
                    logger.c("Form authentication FAILED for " + StringUtil.m(parameter), new Object[0]);
                }
                String str2 = this.f54329d;
                if (str2 == null) {
                    if (httpServletResponse != null) {
                        httpServletResponse.u(403);
                    }
                } else if (this.f54333h) {
                    RequestDispatcher k10 = httpServletRequest.k(str2);
                    httpServletResponse.setHeader("Cache-Control", "No-cache");
                    httpServletResponse.i("Expires", 1L);
                    k10.a(new FormRequest(httpServletRequest), new FormResponse(httpServletResponse));
                } else {
                    httpServletResponse.C(httpServletResponse.v(URIUtil.a(httpServletRequest.f(), this.f54329d)));
                }
                return Authentication.f54438l0;
            }
            Authentication authentication = (Authentication) O.getAttribute(SessionAuthentication.f54345g);
            if (authentication != null) {
                if (!(authentication instanceof Authentication.User) || (loginService = this.f54335a) == null || loginService.a0(((Authentication.User) authentication).e())) {
                    String str3 = (String) O.getAttribute(f54324n);
                    if (str3 != null) {
                        MultiMap<String> multiMap = (MultiMap) O.getAttribute(f54325o);
                        if (multiMap != null) {
                            StringBuffer L = httpServletRequest.L();
                            if (httpServletRequest.a0() != null) {
                                L.append("?");
                                L.append(httpServletRequest.a0());
                            }
                            if (str3.equals(L.toString())) {
                                O.removeAttribute(f54325o);
                                Request y10 = servletRequest instanceof Request ? (Request) servletRequest : AbstractHttpConnection.r().y();
                                y10.T0("POST");
                                y10.U0(multiMap);
                            }
                        } else {
                            O.removeAttribute(f54324n);
                        }
                    }
                    return authentication;
                }
                O.removeAttribute(SessionAuthentication.f54345g);
            }
            if (DeferredAuthentication.d(httpServletResponse)) {
                f54320j.c("auth deferred {}", O.a());
                return Authentication.f54435i0;
            }
            synchronized (O) {
                if (O.getAttribute(f54324n) == null || this.f54334i) {
                    StringBuffer L2 = httpServletRequest.L();
                    if (httpServletRequest.a0() != null) {
                        L2.append("?");
                        L2.append(httpServletRequest.a0());
                    }
                    O.setAttribute(f54324n, L2.toString());
                    if ("application/x-www-form-urlencoded".equalsIgnoreCase(servletRequest.getContentType()) && "POST".equals(httpServletRequest.getMethod())) {
                        Request y11 = servletRequest instanceof Request ? (Request) servletRequest : AbstractHttpConnection.r().y();
                        y11.e0();
                        O.setAttribute(f54325o, new MultiMap((MultiMap) y11.n0()));
                    }
                }
            }
            if (this.f54333h) {
                RequestDispatcher k11 = httpServletRequest.k(this.f54331f);
                httpServletResponse.setHeader("Cache-Control", "No-cache");
                httpServletResponse.i("Expires", 1L);
                k11.a(new FormRequest(httpServletRequest), new FormResponse(httpServletResponse));
            } else {
                httpServletResponse.C(httpServletResponse.v(URIUtil.a(httpServletRequest.f(), this.f54331f)));
            }
            return Authentication.f54437k0;
        } catch (IOException e10) {
            throw new ServerAuthException(e10);
        } catch (ServletException e11) {
            throw new ServerAuthException(e11);
        }
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public String b() {
        return "FORM";
    }

    @Override // org.eclipse.jetty.security.authentication.LoginAuthenticator, org.eclipse.jetty.security.Authenticator
    public void c(Authenticator.AuthConfiguration authConfiguration) {
        super.c(authConfiguration);
        String a10 = authConfiguration.a(f54321k);
        if (a10 != null) {
            m(a10);
        }
        String a11 = authConfiguration.a(f54322l);
        if (a11 != null) {
            l(a11);
        }
        String a12 = authConfiguration.a(f54323m);
        this.f54333h = a12 == null ? this.f54333h : Boolean.valueOf(a12).booleanValue();
    }

    @Override // org.eclipse.jetty.security.Authenticator
    public boolean d(ServletRequest servletRequest, ServletResponse servletResponse, boolean z10, Authentication.User user) throws ServerAuthException {
        return true;
    }

    @Override // org.eclipse.jetty.security.authentication.LoginAuthenticator
    public UserIdentity f(String str, Object obj, ServletRequest servletRequest) {
        UserIdentity f10 = super.f(str, obj, servletRequest);
        if (f10 != null) {
            ((HttpServletRequest) servletRequest).O(true).setAttribute(SessionAuthentication.f54345g, new SessionAuthentication(b(), f10, obj));
        }
        return f10;
    }

    public boolean h() {
        return this.f54334i;
    }

    public boolean i(String str) {
        char charAt;
        int indexOf = str.indexOf(f54326p);
        if (indexOf < 0) {
            return false;
        }
        int i10 = indexOf + 17;
        return i10 == str.length() || (charAt = str.charAt(i10)) == ';' || charAt == '#' || charAt == '/' || charAt == '?';
    }

    public boolean j(String str) {
        return str != null && (str.equals(this.f54330e) || str.equals(this.f54332g));
    }

    public void k(boolean z10) {
        this.f54334i = z10;
    }

    public final void l(String str) {
        if (str == null || str.trim().length() == 0) {
            this.f54330e = null;
            this.f54329d = null;
            return;
        }
        if (!str.startsWith("/")) {
            f54320j.b("form-error-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.f54329d = str;
        this.f54330e = str;
        if (str.indexOf(63) > 0) {
            String str2 = this.f54330e;
            this.f54330e = str2.substring(0, str2.indexOf(63));
        }
    }

    public final void m(String str) {
        if (!str.startsWith("/")) {
            f54320j.b("form-login-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.f54331f = str;
        this.f54332g = str;
        if (str.indexOf(63) > 0) {
            String str2 = this.f54332g;
            this.f54332g = str2.substring(0, str2.indexOf(63));
        }
    }
}
