package org.eclipse.jetty.security.authentication;

import java.io.IOException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Locale;
import javax.servlet.g0;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.n;
import javax.servlet.w;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.http.HttpHeaderValue;
import org.eclipse.jetty.http.HttpMethod;
import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.security.a;
import org.eclipse.jetty.security.m;
import org.eclipse.jetty.security.t;
import org.eclipse.jetty.security.x;
import org.eclipse.jetty.server.HttpChannel;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.a0;
import org.eclipse.jetty.server.f;
import org.eclipse.jetty.util.b0;
import org.eclipse.jetty.util.d0;
import org.eclipse.jetty.util.r;

/* loaded from: classes8.dex */
public class e extends f {

    /* renamed from: k, reason: collision with root package name */
    private static final org.eclipse.jetty.util.log.e f82006k = org.eclipse.jetty.util.log.d.f(e.class);

    /* renamed from: l, reason: collision with root package name */
    public static final String f82007l = "org.eclipse.jetty.security.form_login_page";

    /* renamed from: m, reason: collision with root package name */
    public static final String f82008m = "org.eclipse.jetty.security.form_error_page";

    /* renamed from: n, reason: collision with root package name */
    public static final String f82009n = "org.eclipse.jetty.security.dispatch";

    /* renamed from: o, reason: collision with root package name */
    public static final String f82010o = "org.eclipse.jetty.security.form_URI";

    /* renamed from: p, reason: collision with root package name */
    public static final String f82011p = "org.eclipse.jetty.security.form_POST";

    /* renamed from: q, reason: collision with root package name */
    public static final String f82012q = "/j_security_check";

    /* renamed from: r, reason: collision with root package name */
    public static final String f82013r = "j_username";

    /* renamed from: s, reason: collision with root package name */
    public static final String f82014s = "j_password";

    /* renamed from: e, reason: collision with root package name */
    private String f82015e;

    /* renamed from: f, reason: collision with root package name */
    private String f82016f;

    /* renamed from: g, reason: collision with root package name */
    private String f82017g;

    /* renamed from: h, reason: collision with root package name */
    private String f82018h;

    /* renamed from: i, reason: collision with root package name */
    private boolean f82019i;

    /* renamed from: j, reason: collision with root package name */
    private boolean f82020j;

    /* loaded from: classes8.dex */
    public static class a extends x implements f.i {
        public a(String str, a0 a0Var) {
            super(str, a0Var);
        }

        @Override // org.eclipse.jetty.security.x
        public String toString() {
            return "Form" + super.toString();
        }
    }

    /* loaded from: classes8.dex */
    protected static class b extends javax.servlet.http.c {
        public b(HttpServletRequest httpServletRequest) {
            super(httpServletRequest);
        }

        @Override // javax.servlet.http.c, javax.servlet.http.HttpServletRequest
        public long Q(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return -1L;
            }
            return super.Q(str);
        }

        @Override // javax.servlet.http.c, javax.servlet.http.HttpServletRequest
        public String b(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return null;
            }
            return super.b(str);
        }

        @Override // javax.servlet.http.c, javax.servlet.http.HttpServletRequest
        public Enumeration<String> c() {
            return Collections.enumeration(Collections.list(super.c()));
        }

        @Override // javax.servlet.http.c, javax.servlet.http.HttpServletRequest
        public Enumeration<String> getHeaders(String str) {
            return str.toLowerCase(Locale.ENGLISH).startsWith("if-") ? Collections.enumeration(Collections.emptyList()) : super.getHeaders(str);
        }
    }

    /* loaded from: classes8.dex */
    protected static class c extends javax.servlet.http.d {
        public c(HttpServletResponse httpServletResponse) {
            super(httpServletResponse);
        }

        private boolean G(String str) {
            return (HttpHeader.CACHE_CONTROL.is(str) || HttpHeader.PRAGMA.is(str) || HttpHeader.ETAG.is(str) || HttpHeader.EXPIRES.is(str) || HttpHeader.LAST_MODIFIED.is(str) || HttpHeader.AGE.is(str)) ? false : true;
        }

        @Override // javax.servlet.http.d, javax.servlet.http.HttpServletResponse
        public void a(String str, long j8) {
            if (G(str)) {
                super.a(str, j8);
            }
        }

        @Override // javax.servlet.http.d, javax.servlet.http.HttpServletResponse
        public void addHeader(String str, String str2) {
            if (G(str)) {
                super.addHeader(str, str2);
            }
        }

        @Override // javax.servlet.http.d, javax.servlet.http.HttpServletResponse
        public void i(String str, long j8) {
            if (G(str)) {
                super.i(str, j8);
            }
        }

        @Override // javax.servlet.http.d, javax.servlet.http.HttpServletResponse
        public void setHeader(String str, String str2) {
            if (G(str)) {
                super.setHeader(str, str2);
            }
        }
    }

    public e() {
    }

    public e(String str, String str2, boolean z10) {
        this();
        if (str != null) {
            l(str);
        }
        if (str2 != null) {
            k(str2);
        }
        this.f82019i = z10;
    }

    private void k(String str) {
        if (str == null || str.trim().length() == 0) {
            this.f82016f = null;
            this.f82015e = null;
            return;
        }
        if (!str.startsWith("/")) {
            f82006k.h("form-error-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.f82015e = str;
        this.f82016f = str;
        if (str.indexOf(63) > 0) {
            String str2 = this.f82016f;
            this.f82016f = str2.substring(0, str2.indexOf(63));
        }
    }

    private void l(String str) {
        if (!str.startsWith("/")) {
            f82006k.h("form-login-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.f82017g = str;
        this.f82018h = str;
        if (str.indexOf(63) > 0) {
            String str2 = this.f82018h;
            this.f82018h = str2.substring(0, str2.indexOf(63));
        }
    }

    @Override // org.eclipse.jetty.security.a
    public boolean a(javax.servlet.a0 a0Var, g0 g0Var, boolean z10, f.k kVar) throws t {
        return true;
    }

    @Override // org.eclipse.jetty.security.a
    public org.eclipse.jetty.server.f b(javax.servlet.a0 a0Var, g0 g0Var, boolean z10) throws t {
        m mVar;
        String str;
        a aVar;
        HttpServletRequest httpServletRequest = (HttpServletRequest) a0Var;
        HttpServletResponse httpServletResponse = (HttpServletResponse) g0Var;
        String R = httpServletRequest.R();
        if (R == null) {
            R = "/";
        }
        if (!z10 && !h(R)) {
            return new org.eclipse.jetty.security.authentication.c(this);
        }
        if (i(d0.a(httpServletRequest.M(), httpServletRequest.u())) && !org.eclipse.jetty.security.authentication.c.h(httpServletResponse)) {
            return new org.eclipse.jetty.security.authentication.c(this);
        }
        javax.servlet.http.e D = httpServletRequest.D(true);
        try {
            if (h(R)) {
                String parameter = httpServletRequest.getParameter(f82013r);
                a0 e10 = e(parameter, httpServletRequest.getParameter(f82014s), httpServletRequest);
                org.eclipse.jetty.util.log.e eVar = f82006k;
                eVar.j("jsecuritycheck {} {}", parameter, e10);
                javax.servlet.http.e D2 = httpServletRequest.D(true);
                if (e10 != null) {
                    synchronized (D2) {
                        str = (String) D2.getAttribute(f82010o);
                        if (str == null || str.length() == 0) {
                            str = httpServletRequest.d();
                            if (str.length() == 0) {
                                str = "/";
                            }
                        }
                        aVar = new a(getAuthMethod(), e10);
                    }
                    eVar.j("authenticated {}->{}", aVar, str);
                    httpServletResponse.A(0);
                    httpServletResponse.o(httpServletResponse.w(str));
                    return aVar;
                }
                if (eVar.isDebugEnabled()) {
                    eVar.j("Form authentication FAILED for " + b0.m(parameter), new Object[0]);
                }
                String str2 = this.f82015e;
                if (str2 == null) {
                    eVar.j("auth failed {}->403", parameter);
                    if (httpServletResponse != null) {
                        httpServletResponse.z(403);
                    }
                } else if (this.f82019i) {
                    eVar.j("auth failed {}=={}", parameter, str2);
                    n q10 = httpServletRequest.q(this.f82015e);
                    httpServletResponse.setHeader(HttpHeader.CACHE_CONTROL.asString(), HttpHeaderValue.NO_CACHE.asString());
                    httpServletResponse.a(HttpHeader.EXPIRES.asString(), 1L);
                    q10.a(new b(httpServletRequest), new c(httpServletResponse));
                } else {
                    eVar.j("auth failed {}->{}", parameter, str2);
                    httpServletResponse.o(httpServletResponse.w(d0.a(httpServletRequest.d(), this.f82015e)));
                }
                return org.eclipse.jetty.server.f.f82180fa;
            }
            org.eclipse.jetty.server.f fVar = (org.eclipse.jetty.server.f) D.getAttribute(i.__J_AUTHENTICATED);
            if (fVar != null) {
                if (!(fVar instanceof f.k) || (mVar = this.f82022a) == null || mVar.z1(((f.k) fVar).getUserIdentity())) {
                    synchronized (D) {
                        String str3 = (String) D.getAttribute(f82010o);
                        if (str3 != null) {
                            org.eclipse.jetty.util.log.e eVar2 = f82006k;
                            eVar2.j("auth retry {}->{}", fVar, str3);
                            r<String> rVar = (r) D.getAttribute(f82011p);
                            if (rVar != null) {
                                eVar2.j("auth rePOST {}->{}", fVar, str3);
                                StringBuffer I = httpServletRequest.I();
                                if (httpServletRequest.s() != null) {
                                    I.append("?");
                                    I.append(httpServletRequest.s());
                                }
                                if (str3.equals(I.toString())) {
                                    D.removeAttribute(f82011p);
                                    Request request = HttpChannel.getCurrentHttpChannel().getRequest();
                                    request.setMethod(HttpMethod.POST, HttpMethod.POST.asString());
                                    request.K0(rVar);
                                }
                            } else {
                                D.removeAttribute(f82010o);
                            }
                        }
                    }
                    f82006k.j("auth {}", fVar);
                    return fVar;
                }
                f82006k.j("auth revoked {}", fVar);
                D.removeAttribute(i.__J_AUTHENTICATED);
            }
            if (org.eclipse.jetty.security.authentication.c.h(httpServletResponse)) {
                f82006k.j("auth deferred {}", D.getId());
                return org.eclipse.jetty.server.f.Y9;
            }
            synchronized (D) {
                if (D.getAttribute(f82010o) == null || this.f82020j) {
                    StringBuffer I2 = httpServletRequest.I();
                    if (httpServletRequest.s() != null) {
                        I2.append("?");
                        I2.append(httpServletRequest.s());
                    }
                    D.setAttribute(f82010o, I2.toString());
                    if (MimeTypes.Type.FORM_ENCODED.is(a0Var.getContentType()) && HttpMethod.POST.is(httpServletRequest.getMethod())) {
                        Request request2 = a0Var instanceof Request ? (Request) a0Var : HttpChannel.getCurrentHttpChannel().getRequest();
                        request2.T();
                        D.setAttribute(f82011p, new r((r) request2.c0()));
                    }
                }
            }
            if (this.f82019i) {
                f82006k.j("challenge {}=={}", D.getId(), this.f82017g);
                n q11 = httpServletRequest.q(this.f82017g);
                httpServletResponse.setHeader(HttpHeader.CACHE_CONTROL.asString(), HttpHeaderValue.NO_CACHE.asString());
                httpServletResponse.a(HttpHeader.EXPIRES.asString(), 1L);
                q11.a(new b(httpServletRequest), new c(httpServletResponse));
            } else {
                f82006k.j("challenge {}->{}", D.getId(), this.f82017g);
                httpServletResponse.o(httpServletResponse.w(d0.a(httpServletRequest.d(), this.f82017g)));
            }
            return org.eclipse.jetty.server.f.f82179ea;
        } catch (IOException | w e11) {
            throw new t(e11);
        }
        throw new t(e11);
    }

    @Override // org.eclipse.jetty.security.authentication.f, org.eclipse.jetty.security.a
    public void c(a.InterfaceC1356a interfaceC1356a) {
        super.c(interfaceC1356a);
        String initParameter = interfaceC1356a.getInitParameter(f82007l);
        if (initParameter != null) {
            l(initParameter);
        }
        String initParameter2 = interfaceC1356a.getInitParameter(f82008m);
        if (initParameter2 != null) {
            k(initParameter2);
        }
        String initParameter3 = interfaceC1356a.getInitParameter(f82009n);
        this.f82019i = initParameter3 == null ? this.f82019i : Boolean.valueOf(initParameter3).booleanValue();
    }

    @Override // org.eclipse.jetty.security.authentication.f
    public a0 e(String str, Object obj, javax.servlet.a0 a0Var) {
        a0 e10 = super.e(str, obj, a0Var);
        if (e10 != null) {
            ((HttpServletRequest) a0Var).D(true).setAttribute(i.__J_AUTHENTICATED, new i(getAuthMethod(), e10, obj));
        }
        return e10;
    }

    public boolean g() {
        return this.f82020j;
    }

    @Override // org.eclipse.jetty.security.a
    public String getAuthMethod() {
        return "FORM";
    }

    public boolean h(String str) {
        char charAt;
        int indexOf = str.indexOf(f82012q);
        if (indexOf < 0) {
            return false;
        }
        int i10 = indexOf + 17;
        return i10 == str.length() || (charAt = str.charAt(i10)) == ';' || charAt == '#' || charAt == '/' || charAt == '?';
    }

    public boolean i(String str) {
        return str != null && (str.equals(this.f82016f) || str.equals(this.f82018h));
    }

    public void j(boolean z10) {
        this.f82020j = z10;
    }
}
