package com.caucho.security;

import com.caucho.config.ConfigException;
import com.caucho.config.Service;
import com.caucho.config.types.Period;
import com.caucho.server.connection.CauchoRequest;
import com.caucho.server.connection.CauchoResponse;
import com.caucho.server.session.SessionManager;
import com.caucho.server.webapp.WebApp;
import com.caucho.util.L10N;
import java.io.IOException;
import java.security.Principal;
import java.util.logging.Level;
import javax.annotation.PostConstruct;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

@Service
/* loaded from: input_file:com/caucho/security/FormLogin.class */
public class FormLogin extends AbstractLogin {
    private static final L10N L = new L10N(FormLogin.class);
    public static final String LOGIN_CHECK = "com.caucho.security.form.login";
    public static final String LOGIN_SAVED_PATH = "com.caucho.servlet.login.path";
    public static final String LOGIN_SAVED_QUERY = "com.caucho.servlet.login.query";
    protected String _loginPage;
    protected String _errorPage;
    protected boolean _internalForward;
    protected boolean _formURIPriority;
    private WebApp _webApp = WebApp.getCurrent();

    public void setFormLoginPage(String str) throws ConfigException {
        int indexOf = str.indexOf(58);
        int indexOf2 = str.indexOf(47);
        if ((indexOf <= 0 || indexOf >= indexOf2) && indexOf2 != 0) {
            throw new ConfigException(L.l("form-login-page '{0}' must start with '/'.  The form-login-page is relative to the web-app root.", str));
        }
        this._loginPage = str;
    }

    public void setLoginPage(String str) {
        setFormLoginPage(str);
    }

    public String getFormLoginPage() {
        return this._loginPage;
    }

    public void setFormErrorPage(String str) throws ConfigException {
        if (!str.startsWith("/")) {
            throw new ConfigException(L.l("form-error-page '{0}' must start with '/'.  The form-error-page is relative to the web-app root.", str));
        }
        this._errorPage = str;
    }

    public void setErrorPage(String str) {
        setFormErrorPage(str);
    }

    public String getFormErrorPage() {
        return this._errorPage;
    }

    public boolean getInternalForward() {
        return this._internalForward;
    }

    public void setInternalForward(boolean z) {
        this._internalForward = z;
    }

    public boolean getFormURIPriority() {
        return this._formURIPriority;
    }

    public void setFormURIPriority(boolean z) {
        this._formURIPriority = z;
    }

    @Override // com.caucho.security.AbstractLogin
    @PostConstruct
    public void init() throws ServletException {
        super.init();
        if (this._errorPage == null) {
            this._errorPage = this._loginPage;
        }
        if (this._loginPage == null) {
            this._loginPage = this._errorPage;
        }
        if (this._loginPage == null) {
            throw new ConfigException(L.l("FormLogin needs an form-login-page"));
        }
    }

    @Override // com.caucho.security.AbstractLogin, com.caucho.security.Login
    public String getAuthType() {
        return "Form";
    }

    @Override // com.caucho.security.AbstractLogin
    public Principal getUserPrincipalImpl(HttpServletRequest httpServletRequest) {
        Principal authenticateByCookie;
        Authenticator authenticator = getAuthenticator();
        if (authenticator instanceof CookieAuthenticator) {
            CookieAuthenticator cookieAuthenticator = (CookieAuthenticator) authenticator;
            Cookie cookie = ((CauchoRequest) httpServletRequest).getCookie("resinauthid");
            if (cookie != null && (authenticateByCookie = cookieAuthenticator.authenticateByCookie(cookie.getValue())) != null) {
                return authenticateByCookie;
            }
        }
        String parameter = httpServletRequest.getParameter("j_username");
        String parameter2 = httpServletRequest.getParameter("j_password");
        if (parameter == null || parameter2 == null) {
            return null;
        }
        return authenticator.authenticate(new BasicPrincipal(parameter), new PasswordCredentials(parameter2.toCharArray()), httpServletRequest);
    }

    @Override // com.caucho.security.AbstractLogin
    protected boolean isSavedUserValid(HttpServletRequest httpServletRequest, Principal principal) {
        return httpServletRequest.getParameter("j_username") == null;
    }

    @Override // com.caucho.security.AbstractLogin
    public void loginSuccessResponse(Principal principal, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (httpServletRequest.getAttribute(LOGIN_CHECK) != null) {
            return;
        }
        httpServletRequest.setAttribute(LOGIN_CHECK, "login");
        WebApp webApp = this._webApp;
        String parameter = httpServletRequest.getParameter("j_use_cookie_auth");
        Authenticator authenticator = getAuthenticator();
        if ((authenticator instanceof CookieAuthenticator) && ((CookieAuthenticator) authenticator).isCookieSupported(parameter)) {
            generateCookie(principal, (CookieAuthenticator) authenticator, webApp, httpServletResponse);
        }
        String servletPath = httpServletRequest.getServletPath();
        if (servletPath == null) {
            servletPath = httpServletRequest.getPathInfo();
        } else if (httpServletRequest.getPathInfo() != null) {
            servletPath = servletPath + httpServletRequest.getPathInfo();
        }
        if (servletPath.equals("")) {
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(httpServletRequest.getContextPath() + "/"));
            return;
        }
        httpServletRequest.getRequestURI();
        if (servletPath.endsWith("/j_security_check")) {
            RequestDispatcher namedDispatcher = webApp.getNamedDispatcher("j_security_check");
            if (namedDispatcher == null) {
                throw new ServletException(L.l("j_security_check servlet must be defined to use form-based login."));
            }
            namedDispatcher.forward(httpServletRequest, httpServletResponse);
        }
    }

    @Override // com.caucho.security.AbstractLogin
    public void loginChallenge(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String servletPath = httpServletRequest.getServletPath();
        if (servletPath == null) {
            servletPath = httpServletRequest.getPathInfo();
        } else if (httpServletRequest.getPathInfo() != null) {
            servletPath = servletPath + httpServletRequest.getPathInfo();
        }
        if (servletPath.equals("")) {
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(httpServletRequest.getContextPath() + "/"));
            return;
        }
        WebApp webApp = this._webApp;
        String requestURI = httpServletRequest.getRequestURI();
        if (servletPath.endsWith("/j_security_check")) {
            if (httpServletResponse instanceof CauchoResponse) {
                ((CauchoResponse) httpServletResponse).setNoCache(true);
            } else {
                httpServletResponse.setHeader("Cache-Control", "no-cache");
                httpServletResponse.setDateHeader("Expires", 0L);
            }
            webApp.getRequestDispatcher(this._errorPage).forward(httpServletRequest, httpServletResponse);
            return;
        }
        if (requestURI.equals(this._loginPage) || requestURI.equals(this._errorPage)) {
            httpServletRequest.getRequestDispatcher(servletPath).forward(httpServletRequest, httpServletResponse);
            return;
        }
        HttpSession session = httpServletRequest.getSession();
        session.putValue(LOGIN_SAVED_PATH, servletPath);
        session.putValue(LOGIN_SAVED_QUERY, httpServletRequest.getQueryString());
        if (httpServletResponse instanceof CauchoResponse) {
            ((CauchoResponse) httpServletResponse).killCache();
            ((CauchoResponse) httpServletResponse).setNoCache(true);
        } else {
            httpServletResponse.setHeader("Cache-Control", "no-cache");
        }
        if (!this._loginPage.startsWith("/")) {
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(this._loginPage));
            return;
        }
        httpServletRequest.setAttribute(LOGIN_CHECK, "login");
        webApp.getRequestDispatcher(this._loginPage).forward(httpServletRequest, httpServletResponse);
        if (log.isLoggable(Level.FINE)) {
            log.fine("the form request has no authenticated user");
        }
    }

    private void generateCookie(Principal principal, CookieAuthenticator cookieAuthenticator, WebApp webApp, HttpServletResponse httpServletResponse) {
        if (webApp == null) {
            return;
        }
        SessionManager sessionManager = webApp.getSessionManager();
        String createCookieValue = sessionManager.createCookieValue();
        Cookie cookie = new Cookie("resinauthid", createCookieValue);
        cookie.setVersion(1);
        cookie.setMaxAge((int) (Period.YEAR / 1000));
        cookie.setPath("/");
        cookie.setDomain(sessionManager.getCookieDomain());
        cookieAuthenticator.associateCookie(principal, createCookieValue);
        httpServletResponse.addCookie(cookie);
    }
}
