package com.ibm.ws.webcontainer.security.internal;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.InjectedTrace;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.ws.security.core.SecurityContext;
import com.ibm.ws.webcontainer.security.PostParameterHelper;
import com.ibm.ws.webcontainer.security.WebAppSecurityConfig;
import com.ibm.ws.webcontainer.security.metadata.FormLoginConfiguration;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@TraceOptions(traceGroups = {TraceConstants.TRACE_GROUP}, traceGroup = "", messageBundle = TraceConstants.MESSAGE_BUNDLE, traceExceptionThrow = false, traceExceptionHandling = false)
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:lib/com.ibm.ws.webcontainer.security_1.0.1.20150814-1507.jar:com/ibm/ws/webcontainer/security/internal/FormLoginAuthenticator.class */
public class FormLoginAuthenticator implements WebAuthenticator {
    private static final TraceComponent tc = Tr.register(FormLoginAuthenticator.class);
    private final WebAuthenticator ssoAuthenticator;
    private final WebAppSecurityConfig webAppSecurityConfig;
    private final PostParameterHelper postParameterHelper;
    static final long serialVersionUID = -5049272569521943434L;

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public FormLoginAuthenticator(WebAuthenticator webAuthenticator, WebAppSecurityConfig webAppSecurityConfig) {
        this.webAppSecurityConfig = webAppSecurityConfig;
        this.ssoAuthenticator = webAuthenticator;
        this.postParameterHelper = new PostParameterHelper(webAppSecurityConfig);
    }

    @Override // com.ibm.ws.webcontainer.security.internal.WebAuthenticator
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public AuthenticationResult authenticate(WebRequest webRequest) {
        return authenticate(webRequest, this.webAppSecurityConfig);
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public AuthenticationResult authenticate(WebRequest webRequest, WebAppSecurityConfig webAppSecurityConfig) {
        return handleFormLogin(webRequest.getHttpServletRequest(), webRequest.getHttpServletResponse(), webRequest);
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private AuthenticationResult handleFormLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, WebRequest webRequest) {
        AuthenticationResult authenticate = this.ssoAuthenticator.authenticate(webRequest);
        if (authenticate != null && authenticate.getStatus() != AuthResult.FAILURE) {
            this.postParameterHelper.restore(httpServletRequest, httpServletResponse);
            return authenticate;
        }
        if (webRequest.isFormLoginRedirectEnabled()) {
            authenticate = handleRedirect(httpServletRequest, httpServletResponse, webRequest);
        }
        return authenticate;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private AuthenticationResult handleRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, WebRequest webRequest) {
        String formLoginURL = getFormLoginURL(httpServletRequest, webRequest);
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "form login URL: " + formLoginURL, new Object[0]);
        }
        AuthenticationResult authenticationResult = new AuthenticationResult(AuthResult.REDIRECT, formLoginURL);
        this.postParameterHelper.save(httpServletRequest, httpServletResponse, authenticationResult);
        ReferrerURLCookieHandler referrerURLCookieHandler = new ReferrerURLCookieHandler(this.webAppSecurityConfig);
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        if (httpServletRequest.getQueryString() != null) {
            requestURL.append("?");
            requestURL.append(httpServletRequest.getQueryString());
        }
        referrerURLCookieHandler.setReferrerURLCookie(authenticationResult, requestURL.toString());
        return authenticationResult;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private String normalizeURL(String str, String str2) {
        if (str2.equals(SecurityContext.REALM_SEPARATOR)) {
            str2 = "";
        }
        if (!str.startsWith(SecurityContext.REALM_SEPARATOR)) {
            str = SecurityContext.REALM_SEPARATOR + str;
        }
        return str2 + str;
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    private String getFormLoginURL(HttpServletRequest httpServletRequest, WebRequest webRequest) {
        FormLoginConfiguration formLoginConfiguration = webRequest.getFormLoginConfiguration();
        if (formLoginConfiguration == null) {
            return null;
        }
        String loginPage = formLoginConfiguration.getLoginPage();
        StringBuilder sb = new StringBuilder(httpServletRequest.getRequestURL());
        sb.replace(sb.indexOf(SecurityContext.REALM_SEPARATOR, sb.indexOf("//") + 2), sb.length(), normalizeURL(loginPage, httpServletRequest.getContextPath()));
        return sb.toString();
    }

    static {
        if (TraceComponent.isAnyTracingEnabled() && tc != null && tc.isEntryEnabled()) {
            Tr.entry(tc, "<clinit>", new Object[0]);
        }
        if (TraceComponent.isAnyTracingEnabled() && tc != null && tc.isEntryEnabled()) {
            Tr.exit(tc, "<clinit>");
        }
    }
}
