package org.eclipse.jetty.security.authentication;

import e.a.a.a.AbstractC1074c;
import e.a.a.a.D;
import e.a.a.a.InterfaceC1084m;
import e.a.a.a.Q;
import java.io.IOException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Locale;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
import org.eclipse.jetty.http.r;
import org.eclipse.jetty.security.B;
import org.eclipse.jetty.security.InterfaceC1176a;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.util.A;
import org.eclipse.jetty.util.C;
import org.eclipse.jetty.util.MultiMap;

/* compiled from: FormAuthenticator.java */
/* loaded from: classes2.dex */
public class f extends g {

    /* renamed from: d, reason: collision with root package name */
    private static final org.eclipse.jetty.util.c.f f22368d = org.eclipse.jetty.util.c.e.a((Class<?>) f.class);

    /* renamed from: e, reason: collision with root package name */
    public static final String f22369e = "org.eclipse.jetty.security.form_login_page";

    /* renamed from: f, reason: collision with root package name */
    public static final String f22370f = "org.eclipse.jetty.security.form_error_page";
    public static final String g = "org.eclipse.jetty.security.dispatch";
    public static final String h = "org.eclipse.jetty.security.form_URI";
    public static final String i = "org.eclipse.jetty.security.form_POST";
    public static final String j = "/j_security_check";
    public static final String k = "j_username";
    public static final String l = "j_password";
    private String m;
    private String n;
    private String o;
    private String p;
    private boolean q;
    private boolean r;

    /* compiled from: FormAuthenticator.java */
    /* loaded from: classes2.dex */
    public static class a extends B implements InterfaceC1084m.d {
        public a(String str, Q q) {
            super(str, q);
        }

        @Override // org.eclipse.jetty.security.B
        public String toString() {
            return "Form" + super.toString();
        }
    }

    /* compiled from: FormAuthenticator.java */
    /* loaded from: classes2.dex */
    protected static class b extends HttpServletRequestWrapper {
        public b(HttpServletRequest httpServletRequest) {
            super(httpServletRequest);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public String a(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return null;
            }
            return super.a(str);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public Enumeration f() {
            return Collections.enumeration(Collections.list(super.f()));
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public Enumeration getHeaders(String str) {
            return str.toLowerCase(Locale.ENGLISH).startsWith("if-") ? Collections.enumeration(Collections.EMPTY_LIST) : super.getHeaders(str);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public long i(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return -1L;
            }
            return super.i(str);
        }
    }

    /* compiled from: FormAuthenticator.java */
    /* loaded from: classes2.dex */
    protected static class c extends HttpServletResponseWrapper {
        public c(HttpServletResponse httpServletResponse) {
            super(httpServletResponse);
        }

        private boolean i(String str) {
            return ("Cache-Control".equalsIgnoreCase(str) || r.g.equalsIgnoreCase(str) || "ETag".equalsIgnoreCase(str) || "Expires".equalsIgnoreCase(str) || "Last-Modified".equalsIgnoreCase(str) || r.Z.equalsIgnoreCase(str)) ? false : true;
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void a(String str, long j) {
            if (i(str)) {
                super.a(str, j);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void addHeader(String str, String str2) {
            if (i(str)) {
                super.addHeader(str, str2);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void b(String str, long j) {
            if (i(str)) {
                super.b(str, j);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void setHeader(String str, String str2) {
            if (i(str)) {
                super.setHeader(str, str2);
            }
        }
    }

    public f() {
    }

    public f(String str, String str2, boolean z) {
        this();
        if (str != null) {
            d(str);
        }
        if (str2 != null) {
            c(str2);
        }
        this.q = z;
    }

    private void c(String str) {
        if (str == null || str.trim().length() == 0) {
            this.n = null;
            this.m = null;
            return;
        }
        if (!str.startsWith("/")) {
            f22368d.a("form-error-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.m = str;
        this.n = str;
        if (this.n.indexOf(63) > 0) {
            String str2 = this.n;
            this.n = str2.substring(0, str2.indexOf(63));
        }
    }

    private void d(String str) {
        if (!str.startsWith("/")) {
            f22368d.a("form-login-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.o = str;
        this.p = str;
        if (this.p.indexOf(63) > 0) {
            String str2 = this.p;
            this.p = str2.substring(0, str2.indexOf(63));
        }
    }

    @Override // org.eclipse.jetty.security.authentication.g
    public Q a(String str, Object obj, ServletRequest servletRequest) {
        Q a2 = super.a(str, obj, servletRequest);
        if (a2 != null) {
            ((HttpServletRequest) servletRequest).a(true).setAttribute(SessionAuthentication.__J_AUTHENTICATED, new SessionAuthentication(getAuthMethod(), a2, obj));
        }
        return a2;
    }

    @Override // org.eclipse.jetty.security.InterfaceC1176a
    public InterfaceC1084m a(ServletRequest servletRequest, ServletResponse servletResponse, boolean z) throws ServerAuthException {
        String str;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String H = httpServletRequest.H();
        if (H == null) {
            H = "/";
        }
        if (!z && !a(H)) {
            return new e(this);
        }
        if (b(C.a(httpServletRequest.D(), httpServletRequest.x())) && !e.a(httpServletResponse)) {
            return new e(this);
        }
        HttpSession a2 = httpServletRequest.a(true);
        try {
            if (a(H)) {
                String parameter = httpServletRequest.getParameter(k);
                Q a3 = a(parameter, httpServletRequest.getParameter(l), httpServletRequest);
                HttpSession a4 = httpServletRequest.a(true);
                if (a3 != null) {
                    synchronized (a4) {
                        str = (String) a4.getAttribute(h);
                        if (str == null || str.length() == 0) {
                            str = httpServletRequest.h();
                            if (str.length() == 0) {
                                str = "/";
                            }
                        }
                    }
                    httpServletResponse.c(0);
                    httpServletResponse.h(httpServletResponse.d(str));
                    return new a(getAuthMethod(), a3);
                }
                if (f22368d.isDebugEnabled()) {
                    f22368d.b("Form authentication FAILED for " + A.e(parameter), new Object[0]);
                }
                if (this.m == null) {
                    if (httpServletResponse != null) {
                        httpServletResponse.b(403);
                    }
                } else if (this.q) {
                    RequestDispatcher c2 = httpServletRequest.c(this.m);
                    httpServletResponse.setHeader("Cache-Control", "No-cache");
                    httpServletResponse.a("Expires", 1L);
                    c2.a(new b(httpServletRequest), new c(httpServletResponse));
                } else {
                    httpServletResponse.h(httpServletResponse.d(C.a(httpServletRequest.h(), this.m)));
                }
                return InterfaceC1084m.f19329d;
            }
            InterfaceC1084m interfaceC1084m = (InterfaceC1084m) a2.getAttribute(SessionAuthentication.__J_AUTHENTICATED);
            if (interfaceC1084m != null) {
                if (!(interfaceC1084m instanceof InterfaceC1084m.f) || this.f22371a == null || this.f22371a.a(((InterfaceC1084m.f) interfaceC1084m).getUserIdentity())) {
                    String str2 = (String) a2.getAttribute(h);
                    if (str2 != null) {
                        MultiMap<String> multiMap = (MultiMap) a2.getAttribute(i);
                        if (multiMap != null) {
                            StringBuffer A = httpServletRequest.A();
                            if (httpServletRequest.v() != null) {
                                A.append("?");
                                A.append(httpServletRequest.v());
                            }
                            if (str2.equals(A.toString())) {
                                a2.removeAttribute(i);
                                D t = servletRequest instanceof D ? (D) servletRequest : AbstractC1074c.n().t();
                                t.n("POST");
                                t.a(multiMap);
                            }
                        } else {
                            a2.removeAttribute(h);
                        }
                    }
                    return interfaceC1084m;
                }
                a2.removeAttribute(SessionAuthentication.__J_AUTHENTICATED);
            }
            if (e.a(httpServletResponse)) {
                f22368d.b("auth deferred {}", a2.getId());
                return InterfaceC1084m.f19326a;
            }
            synchronized (a2) {
                if (a2.getAttribute(h) == null || this.r) {
                    StringBuffer A2 = httpServletRequest.A();
                    if (httpServletRequest.v() != null) {
                        A2.append("?");
                        A2.append(httpServletRequest.v());
                    }
                    a2.setAttribute(h, A2.toString());
                    if ("application/x-www-form-urlencoded".equalsIgnoreCase(servletRequest.getContentType()) && "POST".equals(httpServletRequest.getMethod())) {
                        D t2 = servletRequest instanceof D ? (D) servletRequest : AbstractC1074c.n().t();
                        t2.I();
                        a2.setAttribute(i, new MultiMap((MultiMap) t2.R()));
                    }
                }
            }
            if (this.q) {
                RequestDispatcher c3 = httpServletRequest.c(this.o);
                httpServletResponse.setHeader("Cache-Control", "No-cache");
                httpServletResponse.a("Expires", 1L);
                c3.a(new b(httpServletRequest), new c(httpServletResponse));
            } else {
                httpServletResponse.h(httpServletResponse.d(C.a(httpServletRequest.h(), this.o)));
            }
            return InterfaceC1084m.f19328c;
        } catch (IOException e2) {
            throw new ServerAuthException(e2);
        } catch (ServletException e3) {
            throw new ServerAuthException(e3);
        }
    }

    @Override // org.eclipse.jetty.security.authentication.g, org.eclipse.jetty.security.InterfaceC1176a
    public void a(InterfaceC1176a.InterfaceC0204a interfaceC0204a) {
        super.a(interfaceC0204a);
        String initParameter = interfaceC0204a.getInitParameter(f22369e);
        if (initParameter != null) {
            d(initParameter);
        }
        String initParameter2 = interfaceC0204a.getInitParameter(f22370f);
        if (initParameter2 != null) {
            c(initParameter2);
        }
        String initParameter3 = interfaceC0204a.getInitParameter(g);
        this.q = initParameter3 == null ? this.q : Boolean.valueOf(initParameter3).booleanValue();
    }

    public void a(boolean z) {
        this.r = z;
    }

    public boolean a(String str) {
        char charAt;
        int indexOf = str.indexOf(j);
        if (indexOf < 0) {
            return false;
        }
        int i2 = indexOf + 17;
        return i2 == str.length() || (charAt = str.charAt(i2)) == ';' || charAt == '#' || charAt == '/' || charAt == '?';
    }

    @Override // org.eclipse.jetty.security.InterfaceC1176a
    public boolean a(ServletRequest servletRequest, ServletResponse servletResponse, boolean z, InterfaceC1084m.f fVar) throws ServerAuthException {
        return true;
    }

    public boolean b() {
        return this.r;
    }

    public boolean b(String str) {
        return str != null && (str.equals(this.n) || str.equals(this.p));
    }

    @Override // org.eclipse.jetty.security.InterfaceC1176a
    public String getAuthMethod() {
        return "FORM";
    }
}
