package com.worklight.core.auth.ext;

import com.ibm.json.java.JSONObject;
import com.worklight.common.util.FileTemplate;
import com.worklight.server.auth.api.AuthenticationResult;
import com.worklight.server.auth.api.AuthenticationStatus;
import com.worklight.server.auth.api.BadConfigurationOptionException;
import com.worklight.server.auth.api.MissingConfigurationOptionException;
import com.worklight.server.auth.api.UserIdentity;
import com.worklight.server.auth.api.UsernamePasswordAuthenticator;
import com.worklight.server.bundle.api.WorklightBundles;
import com.worklight.server.util.JSONUtils;
import java.io.IOException;
import java.io.InputStream;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;

/* loaded from: input_file:com/worklight/core/auth/ext/FormBasedAuthenticator.class */
public class FormBasedAuthenticator extends UsernamePasswordAuthenticator {
    private static final String DEFAULT_LOGIN_HTML_TEMPLATE = "login.html.template";
    private static final String PARAM_LOGIN_PAGE_PATH = "login-page";
    private static final String PARAM_AUTH_REDIRECT_URL = "auth-redirect";
    private static final String SUBMIT_PATH = "submit-path";
    private static final String ERROR_PLACEHOLDER = "${errorMessage}";
    private static final String J_SECURITY_CHECK = "j_security_check";
    private static final String J_USERNAME = "j_username";
    private static final String J_PASSWORD = "j_password";
    private static final Map<String, String> loginPageTemplateCache = new HashMap();
    private String redirectUrl = null;
    private String loginPageTemplate = null;
    private Status status = Status.NOT_STARTED;
    private String submitPath = null;

    /* loaded from: input_file:com/worklight/core/auth/ext/FormBasedAuthenticator$Status.class */
    private enum Status {
        NOT_STARTED,
        FORWARDED_TO_LOGIN,
        RESPONSE_RECEIVED,
        SUCCESS
    }

    public void init(Map<String, String> map) throws MissingConfigurationOptionException {
        this.redirectUrl = getOption(PARAM_AUTH_REDIRECT_URL, map, false);
        String option = getOption("login-page", map, false);
        if (option != null && this.redirectUrl != null) {
            throw new BadConfigurationOptionException("login-page", " conflicts with property 'auth-redirect'. Remove one of them.");
        }
        this.submitPath = getOption(SUBMIT_PATH, map, false);
        if (null == this.submitPath) {
            this.submitPath = J_SECURITY_CHECK;
        }
        this.loginPageTemplate = getLoginPageTemplate(option);
    }

    private static String getLoginPageTemplate(String str) throws BadConfigurationOptionException {
        String str2 = loginPageTemplateCache.get(str);
        if (str2 == null) {
            InputStream inputStream = null;
            if (str != null) {
                try {
                    inputStream = WorklightBundles.getInstance().getProjectClassLoader().getResourceAsStream("conf/" + str);
                    if (inputStream == null) {
                        throw new BadConfigurationOptionException("login-page", " has a problem. " + str + " can't be found under server/conf/ directory.");
                    }
                } finally {
                    IOUtils.closeQuietly(inputStream);
                }
            }
            if (inputStream == null) {
                inputStream = FormBasedAuthenticator.class.getResourceAsStream(DEFAULT_LOGIN_HTML_TEMPLATE);
            }
            try {
                str2 = IOUtils.toString(inputStream);
                loginPageTemplateCache.put(str, str2);
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        }
        return str2;
    }

    protected String getOption(String str, Map<String, String> map, boolean z) throws MissingConfigurationOptionException {
        String remove = map.remove(str);
        if (remove != null) {
            remove = remove.trim();
        }
        if (z && (remove == null || remove.isEmpty())) {
            throw new MissingConfigurationOptionException(str);
        }
        return remove;
    }

    public AuthenticationResult processRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) throws IOException, ServletException {
        switch (this.status) {
            case NOT_STARTED:
                sendLoginPage(httpServletResponse, "");
                this.status = Status.FORWARDED_TO_LOGIN;
                return AuthenticationResult.createFrom(AuthenticationStatus.CLIENT_INTERACTION_REQUIRED);
            case FORWARDED_TO_LOGIN:
                if (httpServletRequest.getRequestURI().indexOf(this.submitPath) != -1) {
                    this.status = Status.RESPONSE_RECEIVED;
                    this.userName = httpServletRequest.getParameter(J_USERNAME);
                    this.password = httpServletRequest.getParameter(J_PASSWORD);
                    return AuthenticationResult.createFrom(AuthenticationStatus.SUCCESS);
                }
                if (!z) {
                    return AuthenticationResult.createFrom(AuthenticationStatus.REQUEST_NOT_RECOGNIZED);
                }
                sendLoginPage(httpServletResponse, "");
                return AuthenticationResult.createFrom(AuthenticationStatus.CLIENT_INTERACTION_REQUIRED);
            default:
                throw new IllegalStateException("The form authenticator doesn't expect any requests in state " + this.status);
        }
    }

    private void sendLoginPage(HttpServletResponse httpServletResponse, String str) throws IOException {
        if (this.redirectUrl != null) {
            httpServletResponse.sendRedirect(this.redirectUrl);
            return;
        }
        httpServletResponse.setHeader("Expires", "-1");
        this.loginPageTemplate = FileTemplate.replaceToken(ERROR_PLACEHOLDER, str, this.loginPageTemplate);
        httpServletResponse.getWriter().print(this.loginPageTemplate);
    }

    public AuthenticationResult processRequestAlreadyAuthenticated(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        return AuthenticationResult.createFrom(AuthenticationStatus.REQUEST_NOT_RECOGNIZED);
    }

    public AuthenticationResult processAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException, ServletException {
        httpServletResponse.setHeader("Expires", "-1");
        if (str == null) {
            str = "Wrong user name or password.";
        }
        sendLoginPage(httpServletResponse, str);
        this.status = Status.FORWARDED_TO_LOGIN;
        return AuthenticationResult.createFrom(AuthenticationStatus.CLIENT_INTERACTION_REQUIRED);
    }

    public HttpServletRequest getRequestToProceed(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, UserIdentity userIdentity) throws IOException {
        return null;
    }

    public boolean changeResponseOnSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (this.status != Status.RESPONSE_RECEIVED || httpServletRequest.getRequestURI().indexOf(this.submitPath) == -1) {
            return false;
        }
        httpServletResponse.setStatus(200);
        JSONUtils.sendJSONObject(httpServletResponse, new JSONObject());
        this.status = Status.SUCCESS;
        return true;
    }

    public int hashCode() {
        return (31 * ((31 * ((31 * super.hashCode()) + (this.loginPageTemplate == null ? 0 : this.loginPageTemplate.hashCode()))) + (this.redirectUrl == null ? 0 : this.redirectUrl.hashCode()))) + (this.status == null ? 0 : this.status.hashCode());
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (!super.equals(obj) || getClass() != obj.getClass()) {
            return false;
        }
        FormBasedAuthenticator formBasedAuthenticator = (FormBasedAuthenticator) obj;
        if (this.loginPageTemplate == null) {
            if (formBasedAuthenticator.loginPageTemplate != null) {
                return false;
            }
        } else if (!this.loginPageTemplate.equals(formBasedAuthenticator.loginPageTemplate)) {
            return false;
        }
        if (this.redirectUrl == null) {
            if (formBasedAuthenticator.redirectUrl != null) {
                return false;
            }
        } else if (!this.redirectUrl.equals(formBasedAuthenticator.redirectUrl)) {
            return false;
        }
        return this.status == formBasedAuthenticator.status;
    }
}
