package org.securityfilter.authenticator;

import java.io.IOException;
import java.security.Principal;
import javax.servlet.FilterConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.core.SecurityContext;
import org.securityfilter.authenticator.persistent.PersistentLoginManagerInterface;
import org.securityfilter.config.SecurityConfig;
import org.securityfilter.filter.SecurityFilter;
import org.securityfilter.filter.SecurityRequestWrapper;
import org.securityfilter.filter.URLPattern;
import org.securityfilter.filter.URLPatternFactory;
import org.securityfilter.filter.URLPatternMatcher;
import org.securityfilter.realm.SecurityRealmInterface;

/* loaded from: input_file:WEB-INF/lib/securityfilter-2.0.jar:org/securityfilter/authenticator/FormAuthenticator.class */
public class FormAuthenticator implements Authenticator {
    public static final String LOGIN_SUBMIT_PATTERN_KEY = "loginSubmitPattern";
    public static final String DEFAULT_LOGIN_SUBMIT_PATTERN = "/j_security_check";
    protected String loginSubmitPattern;
    protected static final String FORM_USERNAME = "j_username";
    protected static final String FORM_PASSWORD = "j_password";
    protected static final String FORM_REMEMBERME = "j_rememberme";
    protected String loginPage;
    protected URLPattern loginPagePattern;
    protected String errorPage;
    protected URLPattern errorPagePattern;
    protected String defaultPage;
    protected PersistentLoginManagerInterface persistentLoginManager;
    protected URLPattern logoutPagePattern;
    protected SecurityRealmInterface realm;

    @Override // org.securityfilter.authenticator.Authenticator
    public void init(FilterConfig filterConfig, SecurityConfig securityConfig) throws Exception {
        this.realm = securityConfig.getRealm();
        this.loginSubmitPattern = filterConfig.getInitParameter(LOGIN_SUBMIT_PATTERN_KEY);
        if (this.loginSubmitPattern == null) {
            this.loginSubmitPattern = DEFAULT_LOGIN_SUBMIT_PATTERN;
        }
        this.defaultPage = securityConfig.getDefaultPage();
        URLPatternFactory uRLPatternFactory = new URLPatternFactory();
        this.loginPage = securityConfig.getLoginPage();
        this.loginPagePattern = uRLPatternFactory.createURLPattern(stripQueryString(this.loginPage), null, null, 0);
        this.errorPage = securityConfig.getErrorPage();
        this.errorPagePattern = uRLPatternFactory.createURLPattern(stripQueryString(this.errorPage), null, null, 0);
        String logoutPage = securityConfig.getLogoutPage();
        if (logoutPage != null) {
            this.logoutPagePattern = uRLPatternFactory.createURLPattern(stripQueryString(logoutPage), null, null, 0);
        }
        this.persistentLoginManager = securityConfig.getPersistentLoginManager();
    }

    @Override // org.securityfilter.authenticator.Authenticator
    public String getAuthMethod() {
        return SecurityContext.FORM_AUTH;
    }

    @Override // org.securityfilter.authenticator.Authenticator
    public boolean processLogin(SecurityRequestWrapper securityRequestWrapper, HttpServletResponse httpServletResponse) throws Exception {
        if (securityRequestWrapper.getRemoteUser() == null && this.persistentLoginManager != null && this.persistentLoginManager.rememberingLogin(securityRequestWrapper)) {
            Principal authenticate = this.realm.authenticate(this.persistentLoginManager.getRememberedUsername(securityRequestWrapper, httpServletResponse), this.persistentLoginManager.getRememberedPassword(securityRequestWrapper, httpServletResponse));
            if (authenticate != null) {
                securityRequestWrapper.setUserPrincipal(authenticate);
            } else {
                this.persistentLoginManager.forgetLogin(securityRequestWrapper, httpServletResponse);
            }
        }
        if (!securityRequestWrapper.getMatchableURL().endsWith(this.loginSubmitPattern)) {
            return false;
        }
        String parameter = securityRequestWrapper.getParameter(FORM_USERNAME);
        String parameter2 = securityRequestWrapper.getParameter(FORM_PASSWORD);
        Principal authenticate2 = this.realm.authenticate(parameter, parameter2);
        if (authenticate2 == null) {
            httpServletResponse.setStatus(401);
            securityRequestWrapper.getRequestDispatcher(this.errorPage).forward(securityRequestWrapper, httpServletResponse);
            return true;
        }
        if (securityRequestWrapper.getUserPrincipal() != null && !parameter.equals(securityRequestWrapper.getRemoteUser())) {
            securityRequestWrapper.getSession().invalidate();
        }
        if (this.persistentLoginManager != null) {
            if (securityRequestWrapper.getParameter(FORM_REMEMBERME) != null) {
                this.persistentLoginManager.rememberLogin(securityRequestWrapper, httpServletResponse, parameter, parameter2);
            } else {
                this.persistentLoginManager.forgetLogin(securityRequestWrapper, httpServletResponse);
            }
        }
        securityRequestWrapper.setUserPrincipal(authenticate2);
        httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(getContinueToURL(securityRequestWrapper)));
        return true;
    }

    @Override // org.securityfilter.authenticator.Authenticator
    public void showLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        SecurityFilter.saveRequestInformation(httpServletRequest);
        httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(new StringBuffer().append(httpServletRequest.getContextPath()).append(this.loginPage).toString()));
    }

    @Override // org.securityfilter.authenticator.Authenticator
    public boolean processLogout(SecurityRequestWrapper securityRequestWrapper, HttpServletResponse httpServletResponse, URLPatternMatcher uRLPatternMatcher) throws Exception {
        if (!matchesLogoutPattern(securityRequestWrapper.getMatchableURL(), uRLPatternMatcher)) {
            return false;
        }
        if (this.persistentLoginManager == null || !this.persistentLoginManager.rememberingLogin(securityRequestWrapper)) {
            return true;
        }
        this.persistentLoginManager.forgetLogin(securityRequestWrapper, httpServletResponse);
        return true;
    }

    @Override // org.securityfilter.authenticator.Authenticator
    public boolean bypassSecurityForThisRequest(SecurityRequestWrapper securityRequestWrapper, URLPatternMatcher uRLPatternMatcher) throws Exception {
        String matchableURL = securityRequestWrapper.getMatchableURL();
        return uRLPatternMatcher.match(matchableURL, this.loginPagePattern) || uRLPatternMatcher.match(matchableURL, this.errorPagePattern) || matchesLogoutPattern(matchableURL, uRLPatternMatcher);
    }

    private boolean matchesLogoutPattern(String str, URLPatternMatcher uRLPatternMatcher) throws Exception {
        if (this.logoutPagePattern != null) {
            return uRLPatternMatcher.match(str, this.logoutPagePattern);
        }
        return false;
    }

    private String getContinueToURL(HttpServletRequest httpServletRequest) {
        String continueToURL = SecurityFilter.getContinueToURL(httpServletRequest);
        return continueToURL != null ? continueToURL : new StringBuffer().append(httpServletRequest.getContextPath()).append(this.defaultPage).toString();
    }

    private String stripQueryString(String str) {
        int indexOf;
        if (str != null && (indexOf = str.indexOf(63)) != -1) {
            str = str.substring(0, indexOf);
        }
        return str;
    }
}
