package org.mortbay.jetty.security;

import java.io.IOException;
import java.io.Serializable;
import java.security.Principal;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionBindingEvent;
import javax.servlet.http.HttpSessionBindingListener;
import org.mortbay.jetty.Request;
import org.mortbay.jetty.Response;
import org.mortbay.log.Log;
import org.mortbay.util.StringUtil;
import org.mortbay.util.URIUtil;

/* loaded from: classes2.dex */
public class FormAuthenticator implements Authenticator {
    public static final String __J_AUTHENTICATED = "org.mortbay.jetty.Auth";
    public static final String __J_PASSWORD = "j_password";
    public static final String __J_SECURITY_CHECK = "/j_security_check";
    public static final String __J_URI = "org.mortbay.jetty.URI";
    public static final String __J_USERNAME = "j_username";
    private String a;
    private String b;
    private String c;
    private String d;

    /* renamed from: org.mortbay.jetty.security.FormAuthenticator$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    class AnonymousClass1 {
    }

    /* loaded from: classes2.dex */
    private static class a implements Serializable, HttpSessionBindingListener {
        String a;
        String b;
        transient Principal c;
        transient UserRealm d;

        private a() {
        }

        a(AnonymousClass1 anonymousClass1) {
            this();
        }

        void a(UserRealm userRealm, String str, String str2, Request request) {
            this.a = str;
            this.b = str2;
            this.c = userRealm.authenticate(str, str2, request);
            if (this.c != null) {
                this.d = userRealm;
            } else {
                Log.warn("AUTH FAILURE: user {}", StringUtil.printable(str));
                request.setUserPrincipal(null);
            }
        }

        void a(UserRealm userRealm, Request request) {
            this.c = userRealm.authenticate(this.a, this.b, request);
            if (this.c != null) {
                this.d = userRealm;
            } else {
                Log.warn("AUTH FAILURE: user {}", StringUtil.printable(this.a));
                request.setUserPrincipal(null);
            }
        }

        public boolean equals(Object obj) {
            if (!(obj instanceof a)) {
                return false;
            }
            a aVar = (a) obj;
            return this.a.equals(aVar.a) && this.b.equals(aVar.b);
        }

        public int hashCode() {
            return this.a.hashCode() + this.b.hashCode();
        }

        public String toString() {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("Cred[");
            stringBuffer.append(this.a);
            stringBuffer.append("]");
            return stringBuffer.toString();
        }

        @Override // javax.servlet.http.HttpSessionBindingListener
        public void valueBound(HttpSessionBindingEvent httpSessionBindingEvent) {
        }

        @Override // javax.servlet.http.HttpSessionBindingListener
        public void valueUnbound(HttpSessionBindingEvent httpSessionBindingEvent) {
            if (Log.isDebugEnabled()) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("Logout ");
                stringBuffer.append(this.a);
                Log.debug(stringBuffer.toString());
            }
            if (this.d instanceof SSORealm) {
                ((SSORealm) this.d).clearSingleSignOn(this.a);
            }
            if (this.d == null || this.c == null) {
                return;
            }
            this.d.logout(this.c);
        }
    }

    @Override // org.mortbay.jetty.security.Authenticator
    public Principal authenticate(UserRealm userRealm, String str, Request request, Response response) throws IOException {
        HttpSession session = request.getSession(response != null);
        if (session == null) {
            return null;
        }
        if (isJSecurityCheck(str)) {
            a aVar = new a(null);
            aVar.a(userRealm, request.getParameter(__J_USERNAME), request.getParameter(__J_PASSWORD), request);
            String str2 = (String) session.getAttribute(__J_URI);
            if (str2 == null || str2.length() == 0) {
                str2 = request.getContextPath();
                if (str2.length() == 0) {
                    str2 = URIUtil.SLASH;
                }
            }
            if (aVar.c != null) {
                if (Log.isDebugEnabled()) {
                    StringBuffer stringBuffer = new StringBuffer();
                    stringBuffer.append("Form authentication OK for ");
                    stringBuffer.append(aVar.a);
                    Log.debug(stringBuffer.toString());
                }
                session.removeAttribute(__J_URI);
                request.setAuthType("FORM");
                request.setUserPrincipal(aVar.c);
                session.setAttribute(__J_AUTHENTICATED, aVar);
                if (userRealm instanceof SSORealm) {
                    ((SSORealm) userRealm).setSingleSignOn(request, response, aVar.c, new Password(aVar.b));
                }
                if (response != null) {
                    response.setContentLength(0);
                    response.sendRedirect(response.encodeRedirectURL(str2));
                }
            } else {
                if (Log.isDebugEnabled()) {
                    StringBuffer stringBuffer2 = new StringBuffer();
                    stringBuffer2.append("Form authentication FAILED for ");
                    stringBuffer2.append(StringUtil.printable(aVar.a));
                    Log.debug(stringBuffer2.toString());
                }
                if (response != null) {
                    if (this.a == null) {
                        response.sendError(403);
                    } else {
                        response.setContentLength(0);
                        response.sendRedirect(response.encodeRedirectURL(URIUtil.addPaths(request.getContextPath(), this.a)));
                    }
                }
            }
            return null;
        }
        a aVar2 = (a) session.getAttribute(__J_AUTHENTICATED);
        if (aVar2 != null) {
            if (aVar2.c == null) {
                aVar2.a(userRealm, request);
                if (aVar2.c != null && (userRealm instanceof SSORealm)) {
                    ((SSORealm) userRealm).setSingleSignOn(request, response, aVar2.c, new Password(aVar2.b));
                }
            } else if (!userRealm.reauthenticate(aVar2.c)) {
                aVar2.c = null;
            }
            if (aVar2.c != null) {
                if (Log.isDebugEnabled()) {
                    StringBuffer stringBuffer3 = new StringBuffer();
                    stringBuffer3.append("FORM Authenticated for ");
                    stringBuffer3.append(aVar2.c.getName());
                    Log.debug(stringBuffer3.toString());
                }
                request.setAuthType("FORM");
                request.setUserPrincipal(aVar2.c);
                return aVar2.c;
            }
            session.setAttribute(__J_AUTHENTICATED, null);
        } else if (userRealm instanceof SSORealm) {
            Credential singleSignOn = ((SSORealm) userRealm).getSingleSignOn(request, response);
            if (request.getUserPrincipal() != null) {
                a aVar3 = new a(null);
                aVar3.c = request.getUserPrincipal();
                aVar3.a = aVar3.c.getName();
                if (singleSignOn != null) {
                    aVar3.b = singleSignOn.toString();
                }
                if (Log.isDebugEnabled()) {
                    StringBuffer stringBuffer4 = new StringBuffer();
                    stringBuffer4.append("SSO for ");
                    stringBuffer4.append(aVar3.c);
                    Log.debug(stringBuffer4.toString());
                }
                request.setAuthType("FORM");
                session.setAttribute(__J_AUTHENTICATED, aVar3);
                return aVar3.c;
            }
        }
        if (isLoginOrErrorPage(str)) {
            return SecurityHandler.__NOBODY;
        }
        if (response != null) {
            if (request.getQueryString() != null) {
                StringBuffer stringBuffer5 = new StringBuffer();
                stringBuffer5.append(str);
                stringBuffer5.append("?");
                stringBuffer5.append(request.getQueryString());
                str = stringBuffer5.toString();
            }
            StringBuffer stringBuffer6 = new StringBuffer();
            stringBuffer6.append(request.getScheme());
            stringBuffer6.append("://");
            stringBuffer6.append(request.getServerName());
            stringBuffer6.append(":");
            stringBuffer6.append(request.getServerPort());
            stringBuffer6.append(URIUtil.addPaths(request.getContextPath(), str));
            session.setAttribute(__J_URI, stringBuffer6.toString());
            response.setContentLength(0);
            response.sendRedirect(response.encodeRedirectURL(URIUtil.addPaths(request.getContextPath(), this.c)));
        }
        return null;
    }

    @Override // org.mortbay.jetty.security.Authenticator
    public String getAuthMethod() {
        return "FORM";
    }

    public String getErrorPage() {
        return this.a;
    }

    public String getLoginPage() {
        return this.c;
    }

    public boolean isJSecurityCheck(String str) {
        int indexOf = str.indexOf(__J_SECURITY_CHECK);
        if (indexOf < 0) {
            return false;
        }
        int length = indexOf + __J_SECURITY_CHECK.length();
        if (length == str.length()) {
            return true;
        }
        char charAt = str.charAt(length);
        return charAt == ';' || charAt == '#' || charAt == '/' || charAt == '?';
    }

    public boolean isLoginOrErrorPage(String str) {
        return str != null && (str.equals(this.b) || str.equals(this.d));
    }

    public void setErrorPage(String str) {
        if (str == null || str.trim().length() == 0) {
            this.b = null;
            this.a = null;
            return;
        }
        if (!str.startsWith(URIUtil.SLASH)) {
            Log.warn("form-error-page must start with /");
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(URIUtil.SLASH);
            stringBuffer.append(str);
            str = stringBuffer.toString();
        }
        this.a = str;
        this.b = str;
        if (this.b == null || this.b.indexOf(63) <= 0) {
            return;
        }
        this.b = this.b.substring(0, this.b.indexOf(63));
    }

    public void setLoginPage(String str) {
        if (!str.startsWith(URIUtil.SLASH)) {
            Log.warn("form-login-page must start with /");
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append(URIUtil.SLASH);
            stringBuffer.append(str);
            str = stringBuffer.toString();
        }
        this.c = str;
        this.d = str;
        if (this.d.indexOf(63) > 0) {
            this.d = this.d.substring(0, this.d.indexOf(63));
        }
    }
}
