package org.eclipse.jetty.security.authentication;

import java.io.IOException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Locale;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
import org.eclipse.jetty.http.k;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.a;
import org.eclipse.jetty.security.v;
import org.eclipse.jetty.util.MultiMap;
import org.eclipse.jetty.util.t;
import p001if.aa;
import p001if.e;
import p001if.r;

/* compiled from: FormAuthenticator.java */
/* loaded from: classes3.dex */
public class d extends e {

    /* renamed from: a, reason: collision with root package name */
    public static final String f30292a = "org.eclipse.jetty.security.form_login_page";

    /* renamed from: b, reason: collision with root package name */
    public static final String f30293b = "org.eclipse.jetty.security.form_error_page";

    /* renamed from: c, reason: collision with root package name */
    public static final String f30294c = "org.eclipse.jetty.security.dispatch";

    /* renamed from: d, reason: collision with root package name */
    public static final String f30295d = "org.eclipse.jetty.security.form_URI";

    /* renamed from: e, reason: collision with root package name */
    public static final String f30296e = "org.eclipse.jetty.security.form_POST";

    /* renamed from: f, reason: collision with root package name */
    public static final String f30297f = "/j_security_check";

    /* renamed from: g, reason: collision with root package name */
    public static final String f30298g = "j_username";

    /* renamed from: h, reason: collision with root package name */
    public static final String f30299h = "j_password";

    /* renamed from: k, reason: collision with root package name */
    private static final ir.e f30300k = ir.d.a((Class<?>) d.class);

    /* renamed from: l, reason: collision with root package name */
    private String f30301l;

    /* renamed from: m, reason: collision with root package name */
    private String f30302m;

    /* renamed from: n, reason: collision with root package name */
    private String f30303n;

    /* renamed from: o, reason: collision with root package name */
    private String f30304o;

    /* renamed from: p, reason: collision with root package name */
    private boolean f30305p;

    /* renamed from: q, reason: collision with root package name */
    private boolean f30306q;

    /* compiled from: FormAuthenticator.java */
    /* loaded from: classes3.dex */
    public static class a extends v implements e.d {
        public a(String str, aa aaVar) {
            super(str, aaVar);
        }

        @Override // org.eclipse.jetty.security.v
        public String toString() {
            return "Form" + super.toString();
        }
    }

    /* compiled from: FormAuthenticator.java */
    /* loaded from: classes3.dex */
    protected static class b extends HttpServletRequestWrapper {
        public b(HttpServletRequest httpServletRequest) {
            super(httpServletRequest);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public long getDateHeader(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return -1L;
            }
            return super.getDateHeader(str);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public String getHeader(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return null;
            }
            return super.getHeader(str);
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public Enumeration getHeaderNames() {
            return Collections.enumeration(Collections.list(super.getHeaderNames()));
        }

        @Override // javax.servlet.http.HttpServletRequestWrapper, javax.servlet.http.HttpServletRequest
        public Enumeration getHeaders(String str) {
            return str.toLowerCase(Locale.ENGLISH).startsWith("if-") ? Collections.enumeration(Collections.EMPTY_LIST) : super.getHeaders(str);
        }
    }

    /* compiled from: FormAuthenticator.java */
    /* loaded from: classes3.dex */
    protected static class c extends HttpServletResponseWrapper {
        public c(HttpServletResponse httpServletResponse) {
            super(httpServletResponse);
        }

        private boolean a(String str) {
            return ("Cache-Control".equalsIgnoreCase(str) || k.f30011d.equalsIgnoreCase(str) || "ETag".equalsIgnoreCase(str) || "Expires".equalsIgnoreCase(str) || "Last-Modified".equalsIgnoreCase(str) || k.W.equalsIgnoreCase(str)) ? false : true;
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void addDateHeader(String str, long j2) {
            if (a(str)) {
                super.addDateHeader(str, j2);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void addHeader(String str, String str2) {
            if (a(str)) {
                super.addHeader(str, str2);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void setDateHeader(String str, long j2) {
            if (a(str)) {
                super.setDateHeader(str, j2);
            }
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void setHeader(String str, String str2) {
            if (a(str)) {
                super.setHeader(str, str2);
            }
        }
    }

    public d() {
    }

    public d(String str, String str2, boolean z2) {
        this();
        if (str != null) {
            c(str);
        }
        if (str2 != null) {
            d(str2);
        }
        this.f30305p = z2;
    }

    private void c(String str) {
        if (!str.startsWith("/")) {
            f30300k.a("form-login-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.f30303n = str;
        this.f30304o = str;
        if (this.f30304o.indexOf(63) > 0) {
            this.f30304o = this.f30304o.substring(0, this.f30304o.indexOf(63));
        }
    }

    private void d(String str) {
        if (str == null || str.trim().length() == 0) {
            this.f30302m = null;
            this.f30301l = null;
            return;
        }
        if (!str.startsWith("/")) {
            f30300k.a("form-error-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.f30301l = str;
        this.f30302m = str;
        if (this.f30302m.indexOf(63) > 0) {
            this.f30302m = this.f30302m.substring(0, this.f30302m.indexOf(63));
        }
    }

    @Override // org.eclipse.jetty.security.authentication.e
    public aa a(String str, Object obj, ServletRequest servletRequest) {
        aa a2 = super.a(str, obj, servletRequest);
        if (a2 != null) {
            ((HttpServletRequest) servletRequest).getSession(true).setAttribute(SessionAuthentication.__J_AUTHENTICATED, new SessionAuthentication(a(), a2, obj));
        }
        return a2;
    }

    @Override // org.eclipse.jetty.security.a
    public p001if.e a(ServletRequest servletRequest, ServletResponse servletResponse, boolean z2) throws ServerAuthException {
        String str;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String requestURI = httpServletRequest.getRequestURI();
        if (requestURI == null) {
            requestURI = "/";
        }
        if (!a(requestURI) && !z2) {
            return new org.eclipse.jetty.security.authentication.c(this);
        }
        if (b(org.eclipse.jetty.util.v.a(httpServletRequest.getServletPath(), httpServletRequest.getPathInfo())) && !org.eclipse.jetty.security.authentication.c.a(httpServletResponse)) {
            return new org.eclipse.jetty.security.authentication.c(this);
        }
        HttpSession session = httpServletRequest.getSession(true);
        try {
            if (a(requestURI)) {
                String parameter = httpServletRequest.getParameter(f30298g);
                aa a2 = a(parameter, httpServletRequest.getParameter(f30299h), httpServletRequest);
                HttpSession session2 = httpServletRequest.getSession(true);
                if (a2 != null) {
                    synchronized (session2) {
                        str = (String) session2.getAttribute(f30295d);
                        if (str == null || str.length() == 0) {
                            str = httpServletRequest.getContextPath();
                            if (str.length() == 0) {
                                str = "/";
                            }
                        }
                    }
                    httpServletResponse.setContentLength(0);
                    httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(str));
                    return new a(a(), a2);
                }
                if (f30300k.b()) {
                    f30300k.c("Form authentication FAILED for " + t.e(parameter), new Object[0]);
                }
                if (this.f30301l == null) {
                    if (httpServletResponse != null) {
                        httpServletResponse.sendError(403);
                    }
                } else if (this.f30305p) {
                    RequestDispatcher requestDispatcher = httpServletRequest.getRequestDispatcher(this.f30301l);
                    httpServletResponse.setHeader("Cache-Control", "No-cache");
                    httpServletResponse.setDateHeader("Expires", 1L);
                    requestDispatcher.forward(new b(httpServletRequest), new c(httpServletResponse));
                } else {
                    httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(org.eclipse.jetty.util.v.a(httpServletRequest.getContextPath(), this.f30301l)));
                }
                return p001if.e.f27470f;
            }
            p001if.e eVar = (p001if.e) session.getAttribute(SessionAuthentication.__J_AUTHENTICATED);
            if (eVar != null) {
                if (!(eVar instanceof e.f) || this.f30308i == null || this.f30308i.a(((e.f) eVar).getUserIdentity())) {
                    String str2 = (String) session.getAttribute(f30295d);
                    if (str2 == null) {
                        return eVar;
                    }
                    MultiMap<String> multiMap = (MultiMap) session.getAttribute(f30296e);
                    if (multiMap == null) {
                        session.removeAttribute(f30295d);
                        return eVar;
                    }
                    StringBuffer requestURL = httpServletRequest.getRequestURL();
                    if (httpServletRequest.getQueryString() != null) {
                        requestURL.append(com.sohu.sohuvideo.system.b.bR).append(httpServletRequest.getQueryString());
                    }
                    if (!str2.equals(requestURL.toString())) {
                        return eVar;
                    }
                    session.removeAttribute(f30296e);
                    r n2 = servletRequest instanceof r ? (r) servletRequest : p001if.b.a().n();
                    n2.d("POST");
                    n2.a(multiMap);
                    return eVar;
                }
                session.removeAttribute(SessionAuthentication.__J_AUTHENTICATED);
            }
            if (org.eclipse.jetty.security.authentication.c.a(httpServletResponse)) {
                f30300k.c("auth deferred {}", session.getId());
                return p001if.e.f27467c;
            }
            synchronized (session) {
                if (session.getAttribute(f30295d) == null || this.f30306q) {
                    StringBuffer requestURL2 = httpServletRequest.getRequestURL();
                    if (httpServletRequest.getQueryString() != null) {
                        requestURL2.append(com.sohu.sohuvideo.system.b.bR).append(httpServletRequest.getQueryString());
                    }
                    session.setAttribute(f30295d, requestURL2.toString());
                    if ("application/x-www-form-urlencoded".equalsIgnoreCase(servletRequest.getContentType()) && "POST".equals(httpServletRequest.getMethod())) {
                        r n3 = servletRequest instanceof r ? (r) servletRequest : p001if.b.a().n();
                        n3.a();
                        session.setAttribute(f30296e, new MultiMap((MultiMap) n3.i()));
                    }
                }
            }
            if (this.f30305p) {
                RequestDispatcher requestDispatcher2 = httpServletRequest.getRequestDispatcher(this.f30303n);
                httpServletResponse.setHeader("Cache-Control", "No-cache");
                httpServletResponse.setDateHeader("Expires", 1L);
                requestDispatcher2.forward(new b(httpServletRequest), new c(httpServletResponse));
            } else {
                httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(org.eclipse.jetty.util.v.a(httpServletRequest.getContextPath(), this.f30303n)));
            }
            return p001if.e.f27469e;
        } catch (IOException e2) {
            throw new ServerAuthException(e2);
        } catch (ServletException e3) {
            throw new ServerAuthException(e3);
        }
    }

    @Override // org.eclipse.jetty.security.a
    public String a() {
        return "FORM";
    }

    @Override // org.eclipse.jetty.security.authentication.e, org.eclipse.jetty.security.a
    public void a(a.InterfaceC0228a interfaceC0228a) {
        super.a(interfaceC0228a);
        String b_ = interfaceC0228a.b_(f30292a);
        if (b_ != null) {
            c(b_);
        }
        String b_2 = interfaceC0228a.b_(f30293b);
        if (b_2 != null) {
            d(b_2);
        }
        String b_3 = interfaceC0228a.b_(f30294c);
        this.f30305p = b_3 == null ? this.f30305p : Boolean.valueOf(b_3).booleanValue();
    }

    public void a(boolean z2) {
        this.f30306q = z2;
    }

    public boolean a(String str) {
        int indexOf = str.indexOf(f30297f);
        if (indexOf < 0) {
            return false;
        }
        int length = indexOf + f30297f.length();
        if (length == str.length()) {
            return true;
        }
        char charAt = str.charAt(length);
        return charAt == ';' || charAt == '#' || charAt == '/' || charAt == '?';
    }

    @Override // org.eclipse.jetty.security.a
    public boolean a(ServletRequest servletRequest, ServletResponse servletResponse, boolean z2, e.f fVar) throws ServerAuthException {
        return true;
    }

    public boolean b() {
        return this.f30306q;
    }

    public boolean b(String str) {
        return str != null && (str.equals(this.f30302m) || str.equals(this.f30304o));
    }
}
