package org.eclipse.jetty.security.authentication;

import at.j;
import at.p;
import at.t;
import at.z;
import java.io.IOException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Locale;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.http.HttpHeaderValue;
import org.eclipse.jetty.http.HttpMethod;
import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.server.HttpChannel;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.util.r;
import tv.a;
import tv.l;
import tv.m;
import uv.d;
import uv.n;
import uv.v;

/* loaded from: classes9.dex */
public class e extends f {

    /* renamed from: k, reason: collision with root package name */
    private static final aw.c f48395k = aw.b.a(e.class);

    /* renamed from: e, reason: collision with root package name */
    private String f48396e;

    /* renamed from: f, reason: collision with root package name */
    private String f48397f;

    /* renamed from: g, reason: collision with root package name */
    private String f48398g;

    /* renamed from: h, reason: collision with root package name */
    private String f48399h;

    /* renamed from: i, reason: collision with root package name */
    private boolean f48400i;

    /* renamed from: j, reason: collision with root package name */
    private boolean f48401j;

    /* loaded from: classes9.dex */
    public static class a extends m implements d.g {
        public a(String str, v vVar) {
            super(str, vVar);
        }

        @Override // tv.m
        public String toString() {
            return "Form" + super.toString();
        }
    }

    /* loaded from: classes9.dex */
    protected static class b extends javax.servlet.http.d {
        public b(javax.servlet.http.c cVar) {
            super(cVar);
        }

        @Override // javax.servlet.http.d, javax.servlet.http.c
        public Enumeration<String> getHeaders(String str) {
            return str.toLowerCase(Locale.ENGLISH).startsWith("if-") ? Collections.enumeration(Collections.emptyList()) : super.getHeaders(str);
        }

        @Override // javax.servlet.http.d, javax.servlet.http.c
        public Enumeration<String> k() {
            return Collections.enumeration(Collections.list(super.k()));
        }

        @Override // javax.servlet.http.d, javax.servlet.http.c
        public String p(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return null;
            }
            return super.p(str);
        }

        @Override // javax.servlet.http.d, javax.servlet.http.c
        public long r(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return -1L;
            }
            return super.r(str);
        }
    }

    /* loaded from: classes9.dex */
    protected static class c extends javax.servlet.http.f {
        public c(javax.servlet.http.e eVar) {
            super(eVar);
        }

        private boolean q(String str) {
            return (HttpHeader.CACHE_CONTROL.is(str) || HttpHeader.PRAGMA.is(str) || HttpHeader.ETAG.is(str) || HttpHeader.EXPIRES.is(str) || HttpHeader.LAST_MODIFIED.is(str) || HttpHeader.AGE.is(str)) ? false : true;
        }

        @Override // javax.servlet.http.f, javax.servlet.http.e
        public void addHeader(String str, String str2) {
            if (q(str)) {
                super.addHeader(str, str2);
            }
        }

        @Override // javax.servlet.http.f, javax.servlet.http.e
        public void b(String str, long j10) {
            if (q(str)) {
                super.b(str, j10);
            }
        }

        @Override // javax.servlet.http.f, javax.servlet.http.e
        public void g(String str, long j10) {
            if (q(str)) {
                super.g(str, j10);
            }
        }

        @Override // javax.servlet.http.f, javax.servlet.http.e
        public void setHeader(String str, String str2) {
            if (q(str)) {
                super.setHeader(str, str2);
            }
        }
    }

    private void i(String str) {
        if (str == null || str.trim().length() == 0) {
            this.f48397f = null;
            this.f48396e = null;
            return;
        }
        if (!str.startsWith("/")) {
            f48395k.b("form-error-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.f48396e = str;
        this.f48397f = str;
        if (str.indexOf(63) > 0) {
            String str2 = this.f48397f;
            this.f48397f = str2.substring(0, str2.indexOf(63));
        }
    }

    private void j(String str) {
        if (!str.startsWith("/")) {
            f48395k.b("form-login-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.f48398g = str;
        this.f48399h = str;
        if (str.indexOf(63) > 0) {
            String str2 = this.f48399h;
            this.f48399h = str2.substring(0, str2.indexOf(63));
        }
    }

    @Override // tv.a
    public boolean a(t tVar, z zVar, boolean z10, d.h hVar) throws l {
        return true;
    }

    @Override // org.eclipse.jetty.security.authentication.f, tv.a
    public void b(a.InterfaceC0840a interfaceC0840a) {
        super.b(interfaceC0840a);
        String initParameter = interfaceC0840a.getInitParameter("org.eclipse.jetty.security.form_login_page");
        if (initParameter != null) {
            j(initParameter);
        }
        String initParameter2 = interfaceC0840a.getInitParameter("org.eclipse.jetty.security.form_error_page");
        if (initParameter2 != null) {
            i(initParameter2);
        }
        String initParameter3 = interfaceC0840a.getInitParameter("org.eclipse.jetty.security.dispatch");
        this.f48400i = initParameter3 == null ? this.f48400i : Boolean.valueOf(initParameter3).booleanValue();
    }

    @Override // tv.a
    public uv.d c(t tVar, z zVar, boolean z10) throws l {
        tv.g gVar;
        String str;
        a aVar;
        javax.servlet.http.c cVar = (javax.servlet.http.c) tVar;
        javax.servlet.http.e eVar = (javax.servlet.http.e) zVar;
        String s10 = cVar.s();
        if (s10 == null) {
            s10 = "/";
        }
        if (!z10 && !g(s10)) {
            return new org.eclipse.jetty.security.authentication.c(this);
        }
        if (h(org.eclipse.jetty.util.t.a(cVar.q(), cVar.l())) && !org.eclipse.jetty.security.authentication.c.d(eVar)) {
            return new org.eclipse.jetty.security.authentication.c(this);
        }
        javax.servlet.http.g h10 = cVar.h(true);
        try {
            if (g(s10)) {
                String parameter = cVar.getParameter("j_username");
                v e10 = e(parameter, cVar.getParameter("j_password"), cVar);
                aw.c cVar2 = f48395k;
                cVar2.e("jsecuritycheck {} {}", parameter, e10);
                javax.servlet.http.g h11 = cVar.h(true);
                if (e10 != null) {
                    synchronized (h11) {
                        str = (String) h11.getAttribute("org.eclipse.jetty.security.form_URI");
                        if (str == null || str.length() == 0) {
                            str = cVar.b();
                            if (str.length() == 0) {
                                str = "/";
                            }
                        }
                        aVar = new a(getAuthMethod(), e10);
                    }
                    cVar2.e("authenticated {}->{}", aVar, str);
                    eVar.m(0);
                    eVar.i(eVar.h(str));
                    return aVar;
                }
                if (cVar2.a()) {
                    cVar2.e("Form authentication FAILED for " + r.e(parameter), new Object[0]);
                }
                String str2 = this.f48396e;
                if (str2 == null) {
                    cVar2.e("auth failed {}->403", parameter);
                    if (eVar != null) {
                        eVar.l(403);
                    }
                } else if (this.f48400i) {
                    cVar2.e("auth failed {}=={}", parameter, str2);
                    j a10 = cVar.a(this.f48396e);
                    eVar.setHeader(HttpHeader.CACHE_CONTROL.asString(), HttpHeaderValue.NO_CACHE.asString());
                    eVar.b(HttpHeader.EXPIRES.asString(), 1L);
                    a10.a(new b(cVar), new c(eVar));
                } else {
                    cVar2.e("auth failed {}->{}", parameter, str2);
                    eVar.i(eVar.h(org.eclipse.jetty.util.t.a(cVar.b(), this.f48396e)));
                }
                return uv.d.f53067g1;
            }
            uv.d dVar = (uv.d) h10.getAttribute(g.__J_AUTHENTICATED);
            if (dVar != null) {
                if (!(dVar instanceof d.h) || (gVar = this.f48403a) == null || gVar.b(((d.h) dVar).getUserIdentity())) {
                    synchronized (h10) {
                        String str3 = (String) h10.getAttribute("org.eclipse.jetty.security.form_URI");
                        if (str3 != null) {
                            aw.c cVar3 = f48395k;
                            cVar3.e("auth retry {}->{}", dVar, str3);
                            org.eclipse.jetty.util.m<String> mVar = (org.eclipse.jetty.util.m) h10.getAttribute("org.eclipse.jetty.security.form_POST");
                            if (mVar != null) {
                                cVar3.e("auth rePOST {}->{}", dVar, str3);
                                StringBuffer n10 = cVar.n();
                                if (cVar.i() != null) {
                                    n10.append("?");
                                    n10.append(cVar.i());
                                }
                                if (str3.equals(n10.toString())) {
                                    h10.removeAttribute("org.eclipse.jetty.security.form_POST");
                                    Request request = HttpChannel.getCurrentHttpChannel().getRequest();
                                    request.setMethod(HttpMethod.POST, HttpMethod.POST.asString());
                                    request.m0(mVar);
                                }
                            } else {
                                h10.removeAttribute("org.eclipse.jetty.security.form_URI");
                            }
                        }
                    }
                    f48395k.e("auth {}", dVar);
                    return dVar;
                }
                f48395k.e("auth revoked {}", dVar);
                h10.removeAttribute(g.__J_AUTHENTICATED);
            }
            if (org.eclipse.jetty.security.authentication.c.d(eVar)) {
                f48395k.e("auth deferred {}", h10.getId());
                return uv.d.f53064d1;
            }
            synchronized (h10) {
                if (h10.getAttribute("org.eclipse.jetty.security.form_URI") == null || this.f48401j) {
                    StringBuffer n11 = cVar.n();
                    if (cVar.i() != null) {
                        n11.append("?");
                        n11.append(cVar.i());
                    }
                    h10.setAttribute("org.eclipse.jetty.security.form_URI", n11.toString());
                    if (MimeTypes.Type.FORM_ENCODED.is(tVar.getContentType()) && HttpMethod.POST.is(cVar.getMethod())) {
                        n request2 = tVar instanceof n ? (n) tVar : HttpChannel.getCurrentHttpChannel().getRequest();
                        request2.u();
                        h10.setAttribute("org.eclipse.jetty.security.form_POST", new org.eclipse.jetty.util.m((org.eclipse.jetty.util.m) request2.G()));
                    }
                }
            }
            if (this.f48400i) {
                f48395k.e("challenge {}=={}", h10.getId(), this.f48398g);
                j a11 = cVar.a(this.f48398g);
                eVar.setHeader(HttpHeader.CACHE_CONTROL.asString(), HttpHeaderValue.NO_CACHE.asString());
                eVar.b(HttpHeader.EXPIRES.asString(), 1L);
                a11.a(new b(cVar), new c(eVar));
            } else {
                f48395k.e("challenge {}->{}", h10.getId(), this.f48398g);
                eVar.i(eVar.h(org.eclipse.jetty.util.t.a(cVar.b(), this.f48398g)));
            }
            return uv.d.f53066f1;
        } catch (p | IOException e11) {
            throw new l(e11);
        }
        throw new l(e11);
    }

    @Override // org.eclipse.jetty.security.authentication.f
    public v e(String str, Object obj, t tVar) {
        v e10 = super.e(str, obj, tVar);
        if (e10 != null) {
            ((javax.servlet.http.c) tVar).h(true).setAttribute(g.__J_AUTHENTICATED, new g(getAuthMethod(), e10, obj));
        }
        return e10;
    }

    public boolean g(String str) {
        char charAt;
        int indexOf = str.indexOf("/j_security_check");
        if (indexOf < 0) {
            return false;
        }
        int i10 = indexOf + 17;
        return i10 == str.length() || (charAt = str.charAt(i10)) == ';' || charAt == '#' || charAt == '/' || charAt == '?';
    }

    @Override // tv.a
    public String getAuthMethod() {
        return org.eclipse.jetty.util.security.c.__FORM_AUTH;
    }

    public boolean h(String str) {
        return str != null && (str.equals(this.f48397f) || str.equals(this.f48399h));
    }
}
