package org.eclipse.jetty.security.authentication;

import java.io.IOException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Locale;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
import l.a.a.e.a;
import l.a.a.e.l;
import org.eclipse.jetty.http.HttpHeaders;
import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.server.Authentication;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.MultiMap;
import org.eclipse.jetty.util.StringUtil;
import org.eclipse.jetty.util.URIUtil;
import org.eclipse.jetty.util.log.Log;

/* loaded from: classes4.dex */
public class FormAuthenticator extends LoginAuthenticator {

    /* renamed from: j, reason: collision with root package name */
    public static final l.a.a.h.k.b f14977j = Log.a((Class<?>) FormAuthenticator.class);

    /* renamed from: k, reason: collision with root package name */
    public static final String f14978k = "org.eclipse.jetty.security.form_login_page";

    /* renamed from: l, reason: collision with root package name */
    public static final String f14979l = "org.eclipse.jetty.security.form_error_page";

    /* renamed from: m, reason: collision with root package name */
    public static final String f14980m = "org.eclipse.jetty.security.dispatch";

    /* renamed from: n, reason: collision with root package name */
    public static final String f14981n = "org.eclipse.jetty.security.form_URI";
    public static final String o = "org.eclipse.jetty.security.form_POST";
    public static final String p = "/j_security_check";

    /* renamed from: q, reason: collision with root package name */
    public static final String f14982q = "j_username";
    public static final String r = "j_password";

    /* renamed from: d, reason: collision with root package name */
    public String f14983d;

    /* renamed from: e, reason: collision with root package name */
    public String f14984e;

    /* renamed from: f, reason: collision with root package name */
    public String f14985f;

    /* renamed from: g, reason: collision with root package name */
    public String f14986g;

    /* renamed from: h, reason: collision with root package name */
    public boolean f14987h;

    /* renamed from: i, reason: collision with root package name */
    public boolean f14988i;

    /* loaded from: classes4.dex */
    public static class a extends l implements Authentication.d {
        public a(String str, UserIdentity userIdentity) {
            super(str, userIdentity);
        }

        @Override // l.a.a.e.l
        public String toString() {
            return "Form" + super.toString();
        }
    }

    /* loaded from: classes4.dex */
    public static class b extends HttpServletRequestWrapper {
        public b(HttpServletRequest httpServletRequest) {
            super(httpServletRequest);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public String c(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return null;
            }
            return super.c(str);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public Enumeration f() {
            return Collections.enumeration(Collections.list(super.f()));
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public Enumeration getHeaders(String str) {
            return str.toLowerCase(Locale.ENGLISH).startsWith("if-") ? Collections.enumeration(Collections.EMPTY_LIST) : super.getHeaders(str);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public long l(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return -1L;
            }
            return super.l(str);
        }
    }

    /* loaded from: classes4.dex */
    public static class c extends HttpServletResponseWrapper {
        public c(HttpServletResponse httpServletResponse) {
            super(httpServletResponse);
        }

        private boolean j(String str) {
            return ("Cache-Control".equalsIgnoreCase(str) || "Pragma".equalsIgnoreCase(str) || "ETag".equalsIgnoreCase(str) || "Expires".equalsIgnoreCase(str) || "Last-Modified".equalsIgnoreCase(str) || HttpHeaders.Z.equalsIgnoreCase(str)) ? false : true;
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void a(String str, long j2) {
            if (j(str)) {
                super.a(str, j2);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void a(String str, String str2) {
            if (j(str)) {
                super.a(str, str2);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void addHeader(String str, String str2) {
            if (j(str)) {
                super.addHeader(str, str2);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void b(String str, long j2) {
            if (j(str)) {
                super.b(str, j2);
            }
        }
    }

    public FormAuthenticator() {
    }

    public FormAuthenticator(String str, String str2, boolean z) {
        this();
        if (str != null) {
            d(str);
        }
        if (str2 != null) {
            c(str2);
        }
        this.f14987h = z;
    }

    private void c(String str) {
        if (str == null || str.trim().length() == 0) {
            this.f14984e = null;
            this.f14983d = null;
            return;
        }
        if (!str.startsWith("/")) {
            f14977j.a("form-error-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.f14983d = str;
        this.f14984e = str;
        if (this.f14984e.indexOf(63) > 0) {
            String str2 = this.f14984e;
            this.f14984e = str2.substring(0, str2.indexOf(63));
        }
    }

    private void d(String str) {
        if (!str.startsWith("/")) {
            f14977j.a("form-login-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.f14985f = str;
        this.f14986g = str;
        if (this.f14986g.indexOf(63) > 0) {
            String str2 = this.f14986g;
            this.f14986g = str2.substring(0, str2.indexOf(63));
        }
    }

    @Override // l.a.a.e.a
    public Authentication a(ServletRequest servletRequest, ServletResponse servletResponse, boolean z) throws ServerAuthException {
        String str;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String Q = httpServletRequest.Q();
        if (Q == null) {
            Q = "/";
        }
        if (!z && !a(Q)) {
            return new DeferredAuthentication(this);
        }
        if (b(URIUtil.a(httpServletRequest.M(), httpServletRequest.F())) && !DeferredAuthentication.a(httpServletResponse)) {
            return new DeferredAuthentication(this);
        }
        HttpSession a2 = httpServletRequest.a(true);
        try {
            if (a(Q)) {
                String i2 = httpServletRequest.i(f14982q);
                UserIdentity a3 = a(i2, httpServletRequest.i(r), httpServletRequest);
                HttpSession a4 = httpServletRequest.a(true);
                if (a3 != null) {
                    synchronized (a4) {
                        str = (String) a4.a(f14981n);
                        if (str == null || str.length() == 0) {
                            str = httpServletRequest.l();
                            if (str.length() == 0) {
                                str = "/";
                            }
                        }
                    }
                    httpServletResponse.c(0);
                    httpServletResponse.h(httpServletResponse.b(str));
                    return new a(h(), a3);
                }
                if (f14977j.a()) {
                    f14977j.b("Form authentication FAILED for " + StringUtil.e(i2), new Object[0]);
                }
                if (this.f14983d == null) {
                    if (httpServletResponse != null) {
                        httpServletResponse.b(403);
                    }
                } else if (this.f14987h) {
                    RequestDispatcher e2 = httpServletRequest.e(this.f14983d);
                    httpServletResponse.a("Cache-Control", "No-cache");
                    httpServletResponse.a("Expires", 1L);
                    e2.a(new b(httpServletRequest), new c(httpServletResponse));
                } else {
                    httpServletResponse.h(httpServletResponse.b(URIUtil.a(httpServletRequest.l(), this.f14983d)));
                }
                return Authentication.k0;
            }
            Authentication authentication = (Authentication) a2.a(l.a.a.e.n.c.f14376g);
            if (authentication != null) {
                if (!(authentication instanceof Authentication.f) || this.a == null || this.a.a(((Authentication.f) authentication).a())) {
                    String str2 = (String) a2.a(f14981n);
                    if (str2 != null) {
                        MultiMap<String> multiMap = (MultiMap) a2.a(o);
                        if (multiMap != null) {
                            StringBuffer J = httpServletRequest.J();
                            if (httpServletRequest.C() != null) {
                                J.append("?");
                                J.append(httpServletRequest.C());
                            }
                            if (str2.equals(J.toString())) {
                                a2.b(o);
                                Request r2 = servletRequest instanceof Request ? (Request) servletRequest : l.a.a.f.a.J().r();
                                r2.q("POST");
                                r2.a(multiMap);
                            }
                        } else {
                            a2.b(f14981n);
                        }
                    }
                    return authentication;
                }
                a2.b(l.a.a.e.n.c.f14376g);
            }
            if (DeferredAuthentication.a(httpServletResponse)) {
                f14977j.b("auth deferred {}", a2.getId());
                return Authentication.h0;
            }
            synchronized (a2) {
                if (a2.a(f14981n) == null || this.f14988i) {
                    StringBuffer J2 = httpServletRequest.J();
                    if (httpServletRequest.C() != null) {
                        J2.append("?");
                        J2.append(httpServletRequest.C());
                    }
                    a2.a(f14981n, J2.toString());
                    if (MimeTypes.f14889c.equalsIgnoreCase(servletRequest.getContentType()) && "POST".equals(httpServletRequest.getMethod())) {
                        Request r3 = servletRequest instanceof Request ? (Request) servletRequest : l.a.a.f.a.J().r();
                        r3.R();
                        a2.a(o, new MultiMap((MultiMap) r3.a0()));
                    }
                }
            }
            if (this.f14987h) {
                RequestDispatcher e3 = httpServletRequest.e(this.f14985f);
                httpServletResponse.a("Cache-Control", "No-cache");
                httpServletResponse.a("Expires", 1L);
                e3.a(new b(httpServletRequest), new c(httpServletResponse));
            } else {
                httpServletResponse.h(httpServletResponse.b(URIUtil.a(httpServletRequest.l(), this.f14985f)));
            }
            return Authentication.j0;
        } catch (IOException e4) {
            throw new ServerAuthException(e4);
        } catch (ServletException e5) {
            throw new ServerAuthException(e5);
        }
    }

    @Override // org.eclipse.jetty.security.authentication.LoginAuthenticator
    public UserIdentity a(String str, Object obj, ServletRequest servletRequest) {
        UserIdentity a2 = super.a(str, obj, servletRequest);
        if (a2 != null) {
            ((HttpServletRequest) servletRequest).a(true).a(l.a.a.e.n.c.f14376g, new l.a.a.e.n.c(h(), a2, obj));
        }
        return a2;
    }

    @Override // org.eclipse.jetty.security.authentication.LoginAuthenticator, l.a.a.e.a
    public void a(a.InterfaceC0363a interfaceC0363a) {
        super.a(interfaceC0363a);
        String c2 = interfaceC0363a.c(f14978k);
        if (c2 != null) {
            d(c2);
        }
        String c3 = interfaceC0363a.c(f14979l);
        if (c3 != null) {
            c(c3);
        }
        String c4 = interfaceC0363a.c(f14980m);
        this.f14987h = c4 == null ? this.f14987h : Boolean.valueOf(c4).booleanValue();
    }

    public void a(boolean z) {
        this.f14988i = z;
    }

    public boolean a(String str) {
        char charAt;
        int indexOf = str.indexOf(p);
        if (indexOf < 0) {
            return false;
        }
        int i2 = indexOf + 17;
        return i2 == str.length() || (charAt = str.charAt(i2)) == ';' || charAt == '#' || charAt == '/' || charAt == '?';
    }

    @Override // l.a.a.e.a
    public boolean a(ServletRequest servletRequest, ServletResponse servletResponse, boolean z, Authentication.f fVar) throws ServerAuthException {
        return true;
    }

    public boolean b() {
        return this.f14988i;
    }

    public boolean b(String str) {
        return str != null && (str.equals(this.f14984e) || str.equals(this.f14986g));
    }

    @Override // l.a.a.e.a
    public String h() {
        return "FORM";
    }
}
