package org.eclipse.jetty.security.authentication;

import com.umeng.message.util.HttpRequest;
import i.a.a.a.e;
import i.a.a.a.w;
import java.io.IOException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Locale;
import javax.servlet.ServletException;
import javax.servlet.l;
import javax.servlet.u;
import javax.servlet.y;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.a;
import org.eclipse.jetty.security.n;
import org.eclipse.jetty.util.MultiMap;
import org.eclipse.jetty.util.o;
import org.eclipse.jetty.util.q;
import org.eclipse.jetty.util.security.Constraint;

/* compiled from: FormAuthenticator.java */
/* loaded from: classes2.dex */
public class d extends e {
    private static final org.eclipse.jetty.util.u.c j = org.eclipse.jetty.util.u.b.getLogger((Class<?>) d.class);

    /* renamed from: d, reason: collision with root package name */
    private String f10256d;

    /* renamed from: e, reason: collision with root package name */
    private String f10257e;

    /* renamed from: f, reason: collision with root package name */
    private String f10258f;

    /* renamed from: g, reason: collision with root package name */
    private String f10259g;

    /* renamed from: h, reason: collision with root package name */
    private boolean f10260h;

    /* renamed from: i, reason: collision with root package name */
    private boolean f10261i;

    /* compiled from: FormAuthenticator.java */
    /* loaded from: classes2.dex */
    public static class a extends n implements e.i {
        public a(String str, w wVar) {
            super(str, wVar);
        }

        @Override // org.eclipse.jetty.security.n
        public String toString() {
            return "Form" + super.toString();
        }
    }

    /* compiled from: FormAuthenticator.java */
    /* loaded from: classes2.dex */
    protected static class b extends javax.servlet.http.b {
        public b(javax.servlet.http.a aVar) {
            super(aVar);
        }

        @Override // javax.servlet.http.b, javax.servlet.http.a
        public long getDateHeader(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return -1L;
            }
            return super.getDateHeader(str);
        }

        @Override // javax.servlet.http.b, javax.servlet.http.a
        public String getHeader(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return null;
            }
            return super.getHeader(str);
        }

        @Override // javax.servlet.http.b, javax.servlet.http.a
        public Enumeration getHeaderNames() {
            return Collections.enumeration(Collections.list(super.getHeaderNames()));
        }

        @Override // javax.servlet.http.b, javax.servlet.http.a
        public Enumeration getHeaders(String str) {
            return str.toLowerCase(Locale.ENGLISH).startsWith("if-") ? Collections.enumeration(Collections.EMPTY_LIST) : super.getHeaders(str);
        }
    }

    /* compiled from: FormAuthenticator.java */
    /* loaded from: classes2.dex */
    protected static class c extends javax.servlet.http.d {
        public c(javax.servlet.http.c cVar) {
            super(cVar);
        }

        private boolean notIgnored(String str) {
            return ("Cache-Control".equalsIgnoreCase(str) || "Pragma".equalsIgnoreCase(str) || HttpRequest.HEADER_ETAG.equalsIgnoreCase(str) || HttpRequest.HEADER_EXPIRES.equalsIgnoreCase(str) || HttpRequest.HEADER_LAST_MODIFIED.equalsIgnoreCase(str) || "Age".equalsIgnoreCase(str)) ? false : true;
        }

        @Override // javax.servlet.http.d, javax.servlet.http.c
        public void addDateHeader(String str, long j) {
            if (notIgnored(str)) {
                super.addDateHeader(str, j);
            }
        }

        @Override // javax.servlet.http.d, javax.servlet.http.c
        public void addHeader(String str, String str2) {
            if (notIgnored(str)) {
                super.addHeader(str, str2);
            }
        }

        @Override // javax.servlet.http.d, javax.servlet.http.c
        public void setDateHeader(String str, long j) {
            if (notIgnored(str)) {
                super.setDateHeader(str, j);
            }
        }

        @Override // javax.servlet.http.d, javax.servlet.http.c
        public void setHeader(String str, String str2) {
            if (notIgnored(str)) {
                super.setHeader(str, str2);
            }
        }
    }

    public d() {
    }

    public d(String str, String str2, boolean z) {
        this();
        if (str != null) {
            setLoginPage(str);
        }
        if (str2 != null) {
            setErrorPage(str2);
        }
        this.f10260h = z;
    }

    private void setErrorPage(String str) {
        if (str == null || str.trim().length() == 0) {
            this.f10257e = null;
            this.f10256d = null;
            return;
        }
        if (!str.startsWith("/")) {
            j.warn("form-error-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.f10256d = str;
        this.f10257e = str;
        if (this.f10257e.indexOf(63) > 0) {
            String str2 = this.f10257e;
            this.f10257e = str2.substring(0, str2.indexOf(63));
        }
    }

    private void setLoginPage(String str) {
        if (!str.startsWith("/")) {
            j.warn("form-login-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.f10258f = str;
        this.f10259g = str;
        if (this.f10259g.indexOf(63) > 0) {
            String str2 = this.f10259g;
            this.f10259g = str2.substring(0, str2.indexOf(63));
        }
    }

    public boolean getAlwaysSaveUri() {
        return this.f10261i;
    }

    @Override // org.eclipse.jetty.security.a
    public String getAuthMethod() {
        return Constraint.__FORM_AUTH;
    }

    public boolean isJSecurityCheck(String str) {
        char charAt;
        int indexOf = str.indexOf("/j_security_check");
        if (indexOf < 0) {
            return false;
        }
        int i2 = indexOf + 17;
        return i2 == str.length() || (charAt = str.charAt(i2)) == ';' || charAt == '#' || charAt == '/' || charAt == '?';
    }

    public boolean isLoginOrErrorPage(String str) {
        return str != null && (str.equals(this.f10257e) || str.equals(this.f10259g));
    }

    @Override // org.eclipse.jetty.security.authentication.e
    public w login(String str, Object obj, u uVar) {
        w login = super.login(str, obj, uVar);
        if (login != null) {
            ((javax.servlet.http.a) uVar).getSession(true).setAttribute(SessionAuthentication.__J_AUTHENTICATED, new SessionAuthentication(getAuthMethod(), login, obj));
        }
        return login;
    }

    @Override // org.eclipse.jetty.security.a
    public boolean secureResponse(u uVar, y yVar, boolean z, e.k kVar) throws ServerAuthException {
        return true;
    }

    public void setAlwaysSaveUri(boolean z) {
        this.f10261i = z;
    }

    @Override // org.eclipse.jetty.security.authentication.e, org.eclipse.jetty.security.a
    public void setConfiguration(a.InterfaceC0321a interfaceC0321a) {
        super.setConfiguration(interfaceC0321a);
        String initParameter = interfaceC0321a.getInitParameter("org.eclipse.jetty.security.form_login_page");
        if (initParameter != null) {
            setLoginPage(initParameter);
        }
        String initParameter2 = interfaceC0321a.getInitParameter("org.eclipse.jetty.security.form_error_page");
        if (initParameter2 != null) {
            setErrorPage(initParameter2);
        }
        String initParameter3 = interfaceC0321a.getInitParameter("org.eclipse.jetty.security.dispatch");
        this.f10260h = initParameter3 == null ? this.f10260h : Boolean.valueOf(initParameter3).booleanValue();
    }

    @Override // org.eclipse.jetty.security.a
    public i.a.a.a.e validateRequest(u uVar, y yVar, boolean z) throws ServerAuthException {
        String str;
        javax.servlet.http.a aVar = (javax.servlet.http.a) uVar;
        javax.servlet.http.c cVar = (javax.servlet.http.c) yVar;
        String requestURI = aVar.getRequestURI();
        if (requestURI == null) {
            requestURI = "/";
        }
        if (!z && !isJSecurityCheck(requestURI)) {
            return new org.eclipse.jetty.security.authentication.c(this);
        }
        if (isLoginOrErrorPage(q.addPaths(aVar.getServletPath(), aVar.getPathInfo())) && !org.eclipse.jetty.security.authentication.c.isDeferred(cVar)) {
            return new org.eclipse.jetty.security.authentication.c(this);
        }
        javax.servlet.http.e session = aVar.getSession(true);
        try {
            if (isJSecurityCheck(requestURI)) {
                String parameter = aVar.getParameter("j_username");
                w login = login(parameter, aVar.getParameter("j_password"), aVar);
                javax.servlet.http.e session2 = aVar.getSession(true);
                if (login != null) {
                    synchronized (session2) {
                        str = (String) session2.getAttribute("org.eclipse.jetty.security.form_URI");
                        if (str == null || str.length() == 0) {
                            str = aVar.getContextPath();
                            if (str.length() == 0) {
                                str = "/";
                            }
                        }
                    }
                    cVar.setContentLength(0);
                    cVar.sendRedirect(cVar.encodeRedirectURL(str));
                    return new a(getAuthMethod(), login);
                }
                if (j.isDebugEnabled()) {
                    j.debug("Form authentication FAILED for " + o.printable(parameter), new Object[0]);
                }
                if (this.f10256d == null) {
                    if (cVar != null) {
                        cVar.sendError(403);
                    }
                } else if (this.f10260h) {
                    l requestDispatcher = aVar.getRequestDispatcher(this.f10256d);
                    cVar.setHeader("Cache-Control", "No-cache");
                    cVar.setDateHeader(HttpRequest.HEADER_EXPIRES, 1L);
                    requestDispatcher.forward(new b(aVar), new c(cVar));
                } else {
                    cVar.sendRedirect(cVar.encodeRedirectURL(q.addPaths(aVar.getContextPath(), this.f10256d)));
                }
                return i.a.a.a.e.W;
            }
            i.a.a.a.e eVar = (i.a.a.a.e) session.getAttribute(SessionAuthentication.__J_AUTHENTICATED);
            if (eVar != null) {
                if (!(eVar instanceof e.k) || this.a == null || this.a.validate(((e.k) eVar).getUserIdentity())) {
                    String str2 = (String) session.getAttribute("org.eclipse.jetty.security.form_URI");
                    if (str2 != null) {
                        MultiMap<String> multiMap = (MultiMap) session.getAttribute("org.eclipse.jetty.security.form_POST");
                        if (multiMap != null) {
                            StringBuffer requestURL = aVar.getRequestURL();
                            if (aVar.getQueryString() != null) {
                                requestURL.append("?");
                                requestURL.append(aVar.getQueryString());
                            }
                            if (str2.equals(requestURL.toString())) {
                                session.removeAttribute("org.eclipse.jetty.security.form_POST");
                                i.a.a.a.o request = uVar instanceof i.a.a.a.o ? (i.a.a.a.o) uVar : i.a.a.a.b.getCurrentConnection().getRequest();
                                request.setMethod("POST");
                                request.setParameters(multiMap);
                            }
                        } else {
                            session.removeAttribute("org.eclipse.jetty.security.form_URI");
                        }
                    }
                    return eVar;
                }
                session.removeAttribute(SessionAuthentication.__J_AUTHENTICATED);
            }
            if (org.eclipse.jetty.security.authentication.c.isDeferred(cVar)) {
                j.debug("auth deferred {}", session.getId());
                return i.a.a.a.e.T;
            }
            synchronized (session) {
                if (session.getAttribute("org.eclipse.jetty.security.form_URI") == null || this.f10261i) {
                    StringBuffer requestURL2 = aVar.getRequestURL();
                    if (aVar.getQueryString() != null) {
                        requestURL2.append("?");
                        requestURL2.append(aVar.getQueryString());
                    }
                    session.setAttribute("org.eclipse.jetty.security.form_URI", requestURL2.toString());
                    if ("application/x-www-form-urlencoded".equalsIgnoreCase(uVar.getContentType()) && "POST".equals(aVar.getMethod())) {
                        i.a.a.a.o request2 = uVar instanceof i.a.a.a.o ? (i.a.a.a.o) uVar : i.a.a.a.b.getCurrentConnection().getRequest();
                        request2.extractParameters();
                        session.setAttribute("org.eclipse.jetty.security.form_POST", new MultiMap((MultiMap) request2.getParameters()));
                    }
                }
            }
            if (this.f10260h) {
                l requestDispatcher2 = aVar.getRequestDispatcher(this.f10258f);
                cVar.setHeader("Cache-Control", "No-cache");
                cVar.setDateHeader(HttpRequest.HEADER_EXPIRES, 1L);
                requestDispatcher2.forward(new b(aVar), new c(cVar));
            } else {
                cVar.sendRedirect(cVar.encodeRedirectURL(q.addPaths(aVar.getContextPath(), this.f10258f)));
            }
            return i.a.a.a.e.V;
        } catch (IOException e2) {
            throw new ServerAuthException(e2);
        } catch (ServletException e3) {
            throw new ServerAuthException(e3);
        }
    }
}
