package org.eclipse.jetty.security;

import java.io.IOException;
import java.security.Principal;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.servlet.DispatcherType;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;
import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.authentication.DeferredAuthentication;
import org.eclipse.jetty.server.AbstractHttpConnection;
import org.eclipse.jetty.server.Authentication;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.server.handler.ContextHandler;
import org.eclipse.jetty.server.handler.HandlerWrapper;
import org.eclipse.jetty.server.session.AbstractSessionManager;
import org.eclipse.jetty.util.component.LifeCycle;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;

/* loaded from: classes5.dex */
public abstract class SecurityHandler extends HandlerWrapper implements Authenticator.AuthConfiguration {
    private static final Logger cIk = Log.ai(SecurityHandler.class);
    public static Principal cYY = new Principal() { // from class: org.eclipse.jetty.security.SecurityHandler.2
        @Override // java.security.Principal
        public String getName() {
            return null;
        }

        @Override // java.security.Principal
        public String toString() {
            return "No User";
        }
    };
    public static Principal cYZ = new Principal() { // from class: org.eclipse.jetty.security.SecurityHandler.3
        @Override // java.security.Principal
        public String getName() {
            return "Nobody";
        }

        @Override // java.security.Principal
        public String toString() {
            return getName();
        }
    };
    private IdentityService cYD;
    private Authenticator cYR;
    private String cYT;
    private String cYU;
    private boolean cYW;
    private LoginService cYd;
    private boolean cYQ = false;
    private Authenticator.Factory cYS = new DefaultAuthenticatorFactory();
    private final Map<String, String> cYV = new HashMap();
    private boolean cYX = true;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.eclipse.jetty.security.SecurityHandler$4, reason: invalid class name */
    /* loaded from: classes5.dex */
    public static /* synthetic */ class AnonymousClass4 {
        static final /* synthetic */ int[] cZb = new int[DispatcherType.values().length];

        static {
            try {
                cZb[DispatcherType.REQUEST.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                cZb[DispatcherType.ASYNC.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                cZb[DispatcherType.FORWARD.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    /* loaded from: classes5.dex */
    public class NotChecked implements Principal {
        public NotChecked() {
        }

        public SecurityHandler aog() {
            return SecurityHandler.this;
        }

        @Override // java.security.Principal
        public String getName() {
            return null;
        }

        @Override // java.security.Principal
        public String toString() {
            return "NOT CHECKED";
        }
    }

    public static SecurityHandler aof() {
        ContextHandler.Context arA = ContextHandler.arA();
        if (arA == null) {
            return null;
        }
        return (SecurityHandler) arA.apO().V(SecurityHandler.class);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.eclipse.jetty.server.handler.HandlerWrapper, org.eclipse.jetty.server.handler.AbstractHandler, org.eclipse.jetty.util.component.AggregateLifeCycle, org.eclipse.jetty.util.component.AbstractLifeCycle
    public void NJ() throws Exception {
        Authenticator.Factory factory;
        ContextHandler.Context arA = ContextHandler.arA();
        if (arA != null) {
            Enumeration aeV = arA.aeV();
            while (aeV != null && aeV.hasMoreElements()) {
                String str = (String) aeV.nextElement();
                if (str.startsWith("org.eclipse.jetty.security.") && jx(str) == null) {
                    bx(str, arA.jx(str));
                }
            }
            arA.apO().b(new HttpSessionListener() { // from class: org.eclipse.jetty.security.SecurityHandler.1
                @Override // javax.servlet.http.HttpSessionListener
                public void c(HttpSessionEvent httpSessionEvent) {
                    Request apn;
                    AbstractHttpConnection apj = AbstractHttpConnection.apj();
                    if (apj == null || (apn = apj.apn()) == null || !apn.isSecure()) {
                        return;
                    }
                    httpSessionEvent.agS().setAttribute(AbstractSessionManager.dhE, Boolean.TRUE);
                }

                @Override // javax.servlet.http.HttpSessionListener
                public void d(HttpSessionEvent httpSessionEvent) {
                }
            });
        }
        if (this.cYd == null) {
            this.cYd = aod();
            if (this.cYd != null) {
                this.cYW = true;
            }
        }
        if (this.cYD == null) {
            LoginService loginService = this.cYd;
            if (loginService != null) {
                this.cYD = loginService.anG();
            }
            if (this.cYD == null) {
                this.cYD = aoe();
            }
            if (this.cYD == null && this.cYT != null) {
                this.cYD = new DefaultIdentityService();
            }
        }
        LoginService loginService2 = this.cYd;
        if (loginService2 != null) {
            if (loginService2.anG() == null) {
                this.cYd.a(this.cYD);
            } else if (this.cYd.anG() != this.cYD) {
                throw new IllegalStateException("LoginService has different IdentityService to " + this);
            }
        }
        if (!this.cYW) {
            LoginService loginService3 = this.cYd;
            if (loginService3 instanceof LifeCycle) {
                ((LifeCycle) loginService3).start();
            }
        }
        if (this.cYR == null && (factory = this.cYS) != null && this.cYD != null) {
            this.cYR = factory.a(aoA(), ContextHandler.arA(), this, this.cYD, this.cYd);
            Authenticator authenticator = this.cYR;
            if (authenticator != null) {
                this.cYU = authenticator.anC();
            }
        }
        Authenticator authenticator2 = this.cYR;
        if (authenticator2 != null) {
            authenticator2.a(this);
            Authenticator authenticator3 = this.cYR;
            if (authenticator3 instanceof LifeCycle) {
                ((LifeCycle) authenticator3).start();
            }
        } else if (this.cYT != null) {
            cIk.m("No ServerAuthentication for " + this, new Object[0]);
            throw new IllegalStateException("No ServerAuthentication");
        }
        super.NJ();
    }

    protected abstract Object a(String str, Request request);

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v21, types: [org.eclipse.jetty.security.IdentityService] */
    /* JADX WARN: Type inference failed for: r1v18, types: [java.lang.Object] */
    /* JADX WARN: Type inference failed for: r1v19 */
    /* JADX WARN: Type inference failed for: r1v21 */
    /* JADX WARN: Type inference failed for: r1v22 */
    /* JADX WARN: Type inference failed for: r1v24 */
    /* JADX WARN: Type inference failed for: r1v25 */
    /* JADX WARN: Type inference failed for: r1v33, types: [java.lang.Object] */
    /* JADX WARN: Type inference failed for: r1v34 */
    /* JADX WARN: Type inference failed for: r1v40 */
    /* JADX WARN: Type inference failed for: r1v41 */
    /* JADX WARN: Type inference failed for: r1v42 */
    /* JADX WARN: Type inference failed for: r1v43 */
    /* JADX WARN: Type inference failed for: r1v44 */
    /* JADX WARN: Type inference failed for: r1v45 */
    /* JADX WARN: Type inference failed for: r1v5, types: [boolean] */
    /* JADX WARN: Type inference failed for: r1v6 */
    /* JADX WARN: Type inference failed for: r1v7 */
    /* JADX WARN: Type inference failed for: r1v8 */
    /* JADX WARN: Type inference failed for: r1v9 */
    @Override // org.eclipse.jetty.server.handler.HandlerWrapper, org.eclipse.jetty.server.Handler
    public void a(String str, Request request, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        HttpServletResponse httpServletResponse2;
        ?? r1;
        Authentication.User user;
        Object obj;
        HttpServletRequest httpServletRequest2 = httpServletRequest;
        HttpServletResponse httpServletResponse3 = httpServletResponse;
        Response apo = request.apo();
        Handler asg = asg();
        if (asg == null) {
            return;
        }
        Authenticator authenticator = this.cYR;
        if (!a(request)) {
            asg.a(str, request, httpServletRequest2, httpServletResponse3);
            return;
        }
        Object a2 = a(str, request);
        if (!a(str, request, apo, a2)) {
            if (request.aqG()) {
                return;
            }
            httpServletResponse3.lV(403);
            request.fv(true);
            return;
        }
        boolean a3 = a(request, apo, a2);
        if (a3 && authenticator == null) {
            cIk.m("No authenticator for: " + a2, new Object[0]);
            if (request.aqG()) {
                return;
            }
            httpServletResponse3.lV(403);
            request.fv(true);
            return;
        }
        Object obj2 = null;
        try {
            try {
                Authentication aqt = request.aqt();
                if (aqt == null || aqt == Authentication.dbL) {
                    aqt = authenticator == null ? Authentication.dbK : authenticator.a(httpServletRequest2, httpServletResponse3, a3);
                }
                if (aqt instanceof Authentication.Wrapped) {
                    httpServletRequest2 = ((Authentication.Wrapped) aqt).apT();
                    httpServletResponse3 = ((Authentication.Wrapped) aqt).apU();
                }
                HttpServletRequest httpServletRequest3 = httpServletRequest2;
                httpServletResponse2 = httpServletResponse3;
                try {
                    if (aqt instanceof Authentication.ResponseSent) {
                        request.fv(true);
                        r1 = 0;
                    } else {
                        r1 = aqt instanceof Authentication.User;
                        try {
                            if (r1 != 0) {
                                Authentication.User user2 = (Authentication.User) aqt;
                                request.a(aqt);
                                Object a4 = this.cYD != null ? this.cYD.a(user2.aoj()) : null;
                                if (a3) {
                                    try {
                                        user = user2;
                                        Object obj3 = a4;
                                        try {
                                            if (!a(str, request, apo, a2, user2.aoj())) {
                                                httpServletResponse2.D(403, "!role");
                                                request.fv(true);
                                                IdentityService identityService = this.cYD;
                                                if (identityService != null) {
                                                    identityService.ci(obj3);
                                                    return;
                                                }
                                                return;
                                            }
                                            obj = obj3;
                                        } catch (ServerAuthException e) {
                                            e = e;
                                            r1 = obj3;
                                            obj2 = r1;
                                            httpServletResponse2.D(500, e.getMessage());
                                            IdentityService identityService2 = this.cYD;
                                            if (identityService2 != null) {
                                                identityService2.ci(obj2);
                                                return;
                                            }
                                            return;
                                        } catch (Throwable th) {
                                            th = th;
                                            r1 = obj3;
                                            obj2 = r1;
                                            IdentityService identityService3 = this.cYD;
                                            if (identityService3 != null) {
                                                identityService3.ci(obj2);
                                            }
                                            throw th;
                                        }
                                    } catch (ServerAuthException e2) {
                                        e = e2;
                                        r1 = a4;
                                    } catch (Throwable th2) {
                                        th = th2;
                                        r1 = a4;
                                    }
                                } else {
                                    user = user2;
                                    obj = a4;
                                }
                                asg.a(str, request, httpServletRequest3, httpServletResponse2);
                                r1 = obj;
                                if (authenticator != null) {
                                    authenticator.a(httpServletRequest3, httpServletResponse2, a3, user);
                                    r1 = obj;
                                }
                            } else if (aqt instanceof Authentication.Deferred) {
                                DeferredAuthentication deferredAuthentication = (DeferredAuthentication) aqt;
                                request.a(aqt);
                                try {
                                    asg.a(str, request, httpServletRequest3, httpServletResponse2);
                                    r1 = deferredAuthentication.aos();
                                    if (authenticator != null) {
                                        Authentication aqt2 = request.aqt();
                                        if (aqt2 instanceof Authentication.User) {
                                            authenticator.a(httpServletRequest3, httpServletResponse2, a3, (Authentication.User) aqt2);
                                            r1 = r1;
                                        } else {
                                            authenticator.a(httpServletRequest3, httpServletResponse2, a3, null);
                                            r1 = r1;
                                        }
                                    }
                                } catch (Throwable th3) {
                                    deferredAuthentication.aos();
                                    throw th3;
                                }
                            } else {
                                request.a(aqt);
                                Object a5 = this.cYD != null ? this.cYD.a(null) : null;
                                asg.a(str, request, httpServletRequest3, httpServletResponse2);
                                r1 = a5;
                                if (authenticator != null) {
                                    authenticator.a(httpServletRequest3, httpServletResponse2, a3, null);
                                    r1 = a5;
                                }
                            }
                        } catch (ServerAuthException e3) {
                            e = e3;
                        } catch (Throwable th4) {
                            th = th4;
                        }
                    }
                    ?? r0 = this.cYD;
                    if (r0 != 0) {
                        r0.ci(r1);
                    }
                } catch (ServerAuthException e4) {
                    e = e4;
                }
            } catch (Throwable th5) {
                th = th5;
            }
        } catch (ServerAuthException e5) {
            e = e5;
            httpServletResponse2 = httpServletResponse3;
        }
    }

    public void a(Authenticator.Factory factory) {
        if (isRunning()) {
            throw new IllegalStateException("running");
        }
        this.cYS = factory;
    }

    public void a(Authenticator authenticator) {
        if (isStarted()) {
            throw new IllegalStateException("Started");
        }
        this.cYR = authenticator;
    }

    public void a(IdentityService identityService) {
        if (isStarted()) {
            throw new IllegalStateException("Started");
        }
        this.cYD = identityService;
    }

    public void a(LoginService loginService) {
        if (isStarted()) {
            throw new IllegalStateException("Started");
        }
        this.cYd = loginService;
        this.cYW = false;
    }

    public void a(Authentication.User user) {
        cIk.debug("logout {}", user);
        LoginService anF = anF();
        if (anF != null) {
            anF.c(user.aoj());
        }
        IdentityService anG = anG();
        if (anG != null) {
            anG.ci(null);
        }
    }

    protected abstract boolean a(String str, Request request, Response response, Object obj) throws IOException;

    protected abstract boolean a(String str, Request request, Response response, Object obj, UserIdentity userIdentity) throws IOException;

    protected boolean a(Request request) {
        int i = AnonymousClass4.cZb[request.afM().ordinal()];
        if (i == 1 || i == 2) {
            return true;
        }
        if (i != 3 || !this.cYQ || request.getAttribute("org.eclipse.jetty.server.welcome") == null) {
            return false;
        }
        request.removeAttribute("org.eclipse.jetty.server.welcome");
        return true;
    }

    protected abstract boolean a(Request request, Response response, Object obj);

    @Override // org.eclipse.jetty.security.Authenticator.AuthConfiguration
    public String anC() {
        return this.cYU;
    }

    @Override // org.eclipse.jetty.security.Authenticator.AuthConfiguration
    public String anD() {
        return this.cYT;
    }

    @Override // org.eclipse.jetty.security.Authenticator.AuthConfiguration
    public Set<String> anE() {
        return this.cYV.keySet();
    }

    @Override // org.eclipse.jetty.security.Authenticator.AuthConfiguration
    public LoginService anF() {
        return this.cYd;
    }

    @Override // org.eclipse.jetty.security.Authenticator.AuthConfiguration
    public IdentityService anG() {
        return this.cYD;
    }

    @Override // org.eclipse.jetty.security.Authenticator.AuthConfiguration
    public boolean anH() {
        return this.cYX;
    }

    public Authenticator aoa() {
        return this.cYR;
    }

    public Authenticator.Factory aob() {
        return this.cYS;
    }

    public boolean aoc() {
        return this.cYQ;
    }

    protected LoginService aod() {
        List<LoginService> ag = aoA().ag(LoginService.class);
        String anD = anD();
        if (anD == null) {
            if (ag.size() == 1) {
                return (LoginService) ag.get(0);
            }
            return null;
        }
        for (LoginService loginService : ag) {
            if (loginService.getName() != null && loginService.getName().equals(anD)) {
                return loginService;
            }
        }
        return null;
    }

    protected IdentityService aoe() {
        return (IdentityService) aoA().ah(IdentityService.class);
    }

    public String bx(String str, String str2) {
        if (isRunning()) {
            throw new IllegalStateException("running");
        }
        return this.cYV.put(str, str2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.eclipse.jetty.server.handler.HandlerWrapper, org.eclipse.jetty.server.handler.AbstractHandler, org.eclipse.jetty.util.component.AggregateLifeCycle, org.eclipse.jetty.util.component.AbstractLifeCycle
    public void doStop() throws Exception {
        super.doStop();
        if (this.cYW) {
            return;
        }
        LoginService loginService = this.cYd;
        if (loginService instanceof LifeCycle) {
            ((LifeCycle) loginService).stop();
        }
    }

    public void ff(boolean z) {
        if (isRunning()) {
            throw new IllegalStateException("running");
        }
        this.cYQ = z;
    }

    public void fg(boolean z) {
        this.cYX = z;
    }

    @Override // org.eclipse.jetty.security.Authenticator.AuthConfiguration
    public String jx(String str) {
        return this.cYV.get(str);
    }

    public void lj(String str) {
        if (isRunning()) {
            throw new IllegalStateException("running");
        }
        this.cYT = str;
    }

    public void lk(String str) {
        if (isRunning()) {
            throw new IllegalStateException("running");
        }
        this.cYU = str;
    }
}
