package org.eclipse.jetty.security.authentication;

import com.bytedance.sdk.open.aweme.core.net.OpenNetMethod;
import com.google.common.net.HttpHeaders;
import com.qiniu.android.http.Client;
import java.io.IOException;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Locale;
import javax.servlet.ServletException;
import javax.servlet.h;
import javax.servlet.q;
import javax.servlet.u;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.a;
import org.eclipse.jetty.security.g;
import org.eclipse.jetty.security.l;
import org.eclipse.jetty.server.d;
import org.eclipse.jetty.server.o;
import org.eclipse.jetty.server.x;
import org.eclipse.jetty.util.MultiMap;
import org.eclipse.jetty.util.p;
import org.eclipse.jetty.util.r;
import org.eclipse.jetty.util.security.Constraint;

/* compiled from: FormAuthenticator.java */
/* loaded from: classes2.dex */
public class d extends e {
    public static final org.eclipse.jetty.util.log.c d = org.eclipse.jetty.util.log.b.a(d.class);
    public String e;
    public String f;
    public String g;
    public String h;
    public boolean i;
    public boolean j;

    /* compiled from: FormAuthenticator.java */
    /* loaded from: classes2.dex */
    public static class a extends l implements d.g {
        public a(String str, x xVar) {
            super(str, xVar);
        }

        @Override // org.eclipse.jetty.security.l
        public String toString() {
            return "Form" + super.toString();
        }
    }

    /* compiled from: FormAuthenticator.java */
    /* loaded from: classes2.dex */
    public static class b extends javax.servlet.http.b {
        public b(javax.servlet.http.a aVar) {
            super(aVar);
        }

        @Override // javax.servlet.http.b, javax.servlet.http.a
        public String D(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return null;
            }
            return super.D(str);
        }

        @Override // javax.servlet.http.b, javax.servlet.http.a
        public long H(String str) {
            if (str.toLowerCase(Locale.ENGLISH).startsWith("if-")) {
                return -1L;
            }
            return super.H(str);
        }

        @Override // javax.servlet.http.b, javax.servlet.http.a
        public Enumeration getHeaders(String str) {
            return str.toLowerCase(Locale.ENGLISH).startsWith("if-") ? Collections.enumeration(Collections.EMPTY_LIST) : super.getHeaders(str);
        }

        @Override // javax.servlet.http.b, javax.servlet.http.a
        public Enumeration y() {
            return Collections.enumeration(Collections.list(super.y()));
        }
    }

    /* compiled from: FormAuthenticator.java */
    /* loaded from: classes2.dex */
    public static class c extends javax.servlet.http.d {
        public c(javax.servlet.http.c cVar) {
            super(cVar);
        }

        @Override // javax.servlet.http.d, javax.servlet.http.c
        public void a(String str, long j) {
            if (q(str)) {
                super.a(str, j);
            }
        }

        @Override // javax.servlet.http.d, javax.servlet.http.c
        public void addHeader(String str, String str2) {
            if (q(str)) {
                super.addHeader(str, str2);
            }
        }

        public final boolean q(String str) {
            return ("Cache-Control".equalsIgnoreCase(str) || HttpHeaders.PRAGMA.equalsIgnoreCase(str) || "ETag".equalsIgnoreCase(str) || HttpHeaders.EXPIRES.equalsIgnoreCase(str) || "Last-Modified".equalsIgnoreCase(str) || HttpHeaders.AGE.equalsIgnoreCase(str)) ? false : true;
        }

        @Override // javax.servlet.http.d, javax.servlet.http.c
        public void setHeader(String str, String str2) {
            if (q(str)) {
                super.setHeader(str, str2);
            }
        }
    }

    @Override // org.eclipse.jetty.security.a
    public org.eclipse.jetty.server.d a(q qVar, u uVar, boolean z) throws ServerAuthException {
        g gVar;
        String str;
        javax.servlet.http.a aVar = (javax.servlet.http.a) qVar;
        javax.servlet.http.c cVar = (javax.servlet.http.c) uVar;
        String I = aVar.I();
        if (I == null) {
            I = "/";
        }
        if (!z && !g(I)) {
            return new org.eclipse.jetty.security.authentication.c(this);
        }
        if (h(r.b(aVar.E(), aVar.A())) && !org.eclipse.jetty.security.authentication.c.c(cVar)) {
            return new org.eclipse.jetty.security.authentication.c(this);
        }
        javax.servlet.http.e v = aVar.v(true);
        try {
            if (g(I)) {
                String u = aVar.u("j_username");
                x e = e(u, aVar.u("j_password"), aVar);
                javax.servlet.http.e v2 = aVar.v(true);
                if (e != null) {
                    synchronized (v2) {
                        str = (String) v2.a("org.eclipse.jetty.security.form_URI");
                        if (str == null || str.length() == 0) {
                            str = aVar.j();
                            if (str.length() == 0) {
                                str = "/";
                            }
                        }
                    }
                    cVar.m(0);
                    cVar.i(cVar.c(str));
                    return new a(getAuthMethod(), e);
                }
                org.eclipse.jetty.util.log.c cVar2 = d;
                if (cVar2.a()) {
                    cVar2.e("Form authentication FAILED for " + p.e(u), new Object[0]);
                }
                String str2 = this.e;
                if (str2 == null) {
                    if (cVar != null) {
                        cVar.l(403);
                    }
                } else if (this.i) {
                    h c2 = aVar.c(str2);
                    cVar.setHeader("Cache-Control", "No-cache");
                    cVar.a(HttpHeaders.EXPIRES, 1L);
                    c2.a(new b(aVar), new c(cVar));
                } else {
                    cVar.i(cVar.c(r.b(aVar.j(), this.e)));
                }
                return org.eclipse.jetty.server.d.y0;
            }
            org.eclipse.jetty.server.d dVar = (org.eclipse.jetty.server.d) v.a(SessionAuthentication.__J_AUTHENTICATED);
            if (dVar != null) {
                if (!(dVar instanceof d.h) || (gVar = this.a) == null || gVar.b(((d.h) dVar).getUserIdentity())) {
                    String str3 = (String) v.a("org.eclipse.jetty.security.form_URI");
                    if (str3 != null) {
                        MultiMap<String> multiMap = (MultiMap) v.a("org.eclipse.jetty.security.form_POST");
                        if (multiMap != null) {
                            StringBuffer B = aVar.B();
                            if (aVar.x() != null) {
                                B.append("?");
                                B.append(aVar.x());
                            }
                            if (str3.equals(B.toString())) {
                                v.g("org.eclipse.jetty.security.form_POST");
                                o H = qVar instanceof o ? (o) qVar : org.eclipse.jetty.server.b.A().H();
                                H.y0(OpenNetMethod.POST);
                                H.z0(multiMap);
                            }
                        } else {
                            v.g("org.eclipse.jetty.security.form_URI");
                        }
                    }
                    return dVar;
                }
                v.g(SessionAuthentication.__J_AUTHENTICATED);
            }
            if (org.eclipse.jetty.security.authentication.c.c(cVar)) {
                d.e("auth deferred {}", v.getId());
                return org.eclipse.jetty.server.d.v0;
            }
            synchronized (v) {
                if (v.a("org.eclipse.jetty.security.form_URI") == null || this.j) {
                    StringBuffer B2 = aVar.B();
                    if (aVar.x() != null) {
                        B2.append("?");
                        B2.append(aVar.x());
                    }
                    v.b("org.eclipse.jetty.security.form_URI", B2.toString());
                    if (Client.FormMime.equalsIgnoreCase(qVar.getContentType()) && OpenNetMethod.POST.equals(aVar.getMethod())) {
                        o H2 = qVar instanceof o ? (o) qVar : org.eclipse.jetty.server.b.A().H();
                        H2.K();
                        v.b("org.eclipse.jetty.security.form_POST", new MultiMap((MultiMap) H2.V()));
                    }
                }
            }
            if (this.i) {
                h c3 = aVar.c(this.g);
                cVar.setHeader("Cache-Control", "No-cache");
                cVar.a(HttpHeaders.EXPIRES, 1L);
                c3.a(new b(aVar), new c(cVar));
            } else {
                cVar.i(cVar.c(r.b(aVar.j(), this.g)));
            }
            return org.eclipse.jetty.server.d.x0;
        } catch (IOException e2) {
            throw new ServerAuthException(e2);
        } catch (ServletException e3) {
            throw new ServerAuthException(e3);
        }
    }

    @Override // org.eclipse.jetty.security.authentication.e, org.eclipse.jetty.security.a
    public void b(a.InterfaceC0380a interfaceC0380a) {
        super.b(interfaceC0380a);
        String initParameter = interfaceC0380a.getInitParameter("org.eclipse.jetty.security.form_login_page");
        if (initParameter != null) {
            j(initParameter);
        }
        String initParameter2 = interfaceC0380a.getInitParameter("org.eclipse.jetty.security.form_error_page");
        if (initParameter2 != null) {
            i(initParameter2);
        }
        String initParameter3 = interfaceC0380a.getInitParameter("org.eclipse.jetty.security.dispatch");
        this.i = initParameter3 == null ? this.i : Boolean.valueOf(initParameter3).booleanValue();
    }

    @Override // org.eclipse.jetty.security.a
    public boolean c(q qVar, u uVar, boolean z, d.h hVar) throws ServerAuthException {
        return true;
    }

    @Override // org.eclipse.jetty.security.authentication.e
    public x e(String str, Object obj, q qVar) {
        x e = super.e(str, obj, qVar);
        if (e != null) {
            ((javax.servlet.http.a) qVar).v(true).b(SessionAuthentication.__J_AUTHENTICATED, new SessionAuthentication(getAuthMethod(), e, obj));
        }
        return e;
    }

    public boolean g(String str) {
        char charAt;
        int indexOf = str.indexOf("/j_security_check");
        if (indexOf < 0) {
            return false;
        }
        int i = indexOf + 17;
        return i == str.length() || (charAt = str.charAt(i)) == ';' || charAt == '#' || charAt == '/' || charAt == '?';
    }

    @Override // org.eclipse.jetty.security.a
    public String getAuthMethod() {
        return Constraint.__FORM_AUTH;
    }

    public boolean h(String str) {
        return str != null && (str.equals(this.f) || str.equals(this.h));
    }

    public final void i(String str) {
        if (str == null || str.trim().length() == 0) {
            this.f = null;
            this.e = null;
            return;
        }
        if (!str.startsWith("/")) {
            d.b("form-error-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.e = str;
        this.f = str;
        if (str.indexOf(63) > 0) {
            String str2 = this.f;
            this.f = str2.substring(0, str2.indexOf(63));
        }
    }

    public final void j(String str) {
        if (!str.startsWith("/")) {
            d.b("form-login-page must start with /", new Object[0]);
            str = "/" + str;
        }
        this.g = str;
        this.h = str;
        if (str.indexOf(63) > 0) {
            String str2 = this.h;
            this.h = str2.substring(0, str2.indexOf(63));
        }
    }
}
