package io.undertow.security.impl;

import io.undertow.UndertowLogger;
import io.undertow.UndertowMessages;
import io.undertow.security.api.AuthenticationMechanism;
import io.undertow.security.api.SecurityContext;
import io.undertow.security.idm.Account;
import io.undertow.security.idm.IdentityManager;
import io.undertow.security.idm.PasswordCredential;
import io.undertow.server.DefaultResponseListener;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.handlers.form.FormData;
import io.undertow.server.handlers.form.FormDataParser;
import io.undertow.server.handlers.form.FormParserFactory;
import io.undertow.server.session.Session;
import io.undertow.util.Headers;
import io.undertow.util.Methods;
import io.undertow.util.RedirectBuilder;
import io.undertow.util.Sessions;
import java.io.IOException;

/* loaded from: input_file:io/undertow/security/impl/FormAuthenticationMechanism.class */
public class FormAuthenticationMechanism implements AuthenticationMechanism {
    public static final String LOCATION_ATTRIBUTE = FormAuthenticationMechanism.class.getName() + ".LOCATION";
    public static final String DEFAULT_POST_LOCATION = "/j_security_check";
    private final String name;
    private final String loginPage;
    private final String errorPage;
    private final String postLocation;
    private final FormParserFactory formParserFactory;
    private final IdentityManager identityManager;

    public FormAuthenticationMechanism(String str, String str2, String str3) {
        this(FormParserFactory.builder().build(), str, str2, str3);
    }

    public FormAuthenticationMechanism(String str, String str2, String str3, String str4) {
        this(FormParserFactory.builder().build(), str, str2, str3, str4);
    }

    public FormAuthenticationMechanism(FormParserFactory formParserFactory, String str, String str2, String str3) {
        this(formParserFactory, str, str2, str3, DEFAULT_POST_LOCATION);
    }

    public FormAuthenticationMechanism(FormParserFactory formParserFactory, String str, String str2, String str3, IdentityManager identityManager) {
        this(formParserFactory, str, str2, str3, DEFAULT_POST_LOCATION, identityManager);
    }

    public FormAuthenticationMechanism(FormParserFactory formParserFactory, String str, String str2, String str3, String str4) {
        this(formParserFactory, str, str2, str3, str4, null);
    }

    public FormAuthenticationMechanism(FormParserFactory formParserFactory, String str, String str2, String str3, String str4, IdentityManager identityManager) {
        this.name = str;
        this.loginPage = str2;
        this.errorPage = str3;
        this.postLocation = str4;
        this.formParserFactory = formParserFactory;
        this.identityManager = identityManager;
    }

    private IdentityManager getIdentityManager(SecurityContext securityContext) {
        return this.identityManager != null ? this.identityManager : securityContext.getIdentityManager();
    }

    @Override // io.undertow.security.api.AuthenticationMechanism
    public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        return (httpServerExchange.getRequestPath().endsWith(this.postLocation) && httpServerExchange.getRequestMethod().equals(Methods.POST_STRING)) ? runFormAuth(httpServerExchange, securityContext) : AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_ATTEMPTED;
    }

    public AuthenticationMechanism.AuthenticationMechanismOutcome runFormAuth(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        FormDataParser createParser = this.formParserFactory.createParser(httpServerExchange);
        if (createParser == null) {
            UndertowLogger.SECURITY_LOGGER.debug("Could not authenticate as no form parser is present");
            return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
        }
        try {
            FormData parseBlocking = createParser.parseBlocking();
            if (parseBlocking == null) {
                UndertowLogger.SECURITY_LOGGER.debug("Could not authenticate as no form parser is present");
                return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
            }
            FormData.FormValue first = parseBlocking.getFirst("j_username");
            FormData.FormValue first2 = parseBlocking.getFirst("j_password");
            if (first == null || first2 == null) {
                UndertowLogger.SECURITY_LOGGER.debugf("Could not authenticate as username or password was not present in the posted result for %s", httpServerExchange);
                return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
            }
            String value = first.getValue();
            AuthenticationMechanism.AuthenticationMechanismOutcome authenticationMechanismOutcome = null;
            try {
                Account verify = getIdentityManager(securityContext).verify(value, new PasswordCredential(first2.getValue().toCharArray()));
                if (verify != null) {
                    securityContext.authenticationComplete(verify, this.name, true);
                    UndertowLogger.SECURITY_LOGGER.debugf("Authenticated user %s using for auth for %s", verify.getPrincipal().getName(), httpServerExchange);
                    authenticationMechanismOutcome = AuthenticationMechanism.AuthenticationMechanismOutcome.AUTHENTICATED;
                } else {
                    securityContext.authenticationFailed(UndertowMessages.MESSAGES.authenticationFailed(value), this.name);
                }
                if (authenticationMechanismOutcome == AuthenticationMechanism.AuthenticationMechanismOutcome.AUTHENTICATED) {
                    handleRedirectBack(httpServerExchange);
                    httpServerExchange.endExchange();
                }
                return authenticationMechanismOutcome != null ? authenticationMechanismOutcome : AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
            } catch (Throwable th) {
                if (null == AuthenticationMechanism.AuthenticationMechanismOutcome.AUTHENTICATED) {
                    handleRedirectBack(httpServerExchange);
                    httpServerExchange.endExchange();
                }
                if (0 != 0) {
                    return null;
                }
                return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
            }
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    protected void handleRedirectBack(HttpServerExchange httpServerExchange) {
        final String str;
        Session session = Sessions.getSession(httpServerExchange);
        if (session == null || (str = (String) session.removeAttribute(LOCATION_ATTRIBUTE)) == null) {
            return;
        }
        httpServerExchange.addDefaultResponseListener(new DefaultResponseListener() { // from class: io.undertow.security.impl.FormAuthenticationMechanism.1
            @Override // io.undertow.server.DefaultResponseListener
            public boolean handleDefaultResponse(HttpServerExchange httpServerExchange2) {
                httpServerExchange2.setResponseHeader(Headers.LOCATION_STRING, str);
                httpServerExchange2.setStatusCode(302);
                httpServerExchange2.endExchange();
                return true;
            }
        });
    }

    @Override // io.undertow.security.api.AuthenticationMechanism
    public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        if (httpServerExchange.getRequestPath().endsWith(this.postLocation) && httpServerExchange.getRequestMethod().equals(Methods.POST_STRING)) {
            UndertowLogger.SECURITY_LOGGER.debugf("Serving form auth error page %s for %s", this.loginPage, httpServerExchange);
            return new AuthenticationMechanism.ChallengeResult(true, servePage(httpServerExchange, this.errorPage));
        }
        UndertowLogger.SECURITY_LOGGER.debugf("Serving login form %s for %s", this.loginPage, httpServerExchange);
        storeInitialLocation(httpServerExchange);
        return new AuthenticationMechanism.ChallengeResult(true, servePage(httpServerExchange, this.loginPage));
    }

    protected void storeInitialLocation(HttpServerExchange httpServerExchange) {
        Sessions.getOrCreateSession(httpServerExchange).setAttribute(LOCATION_ATTRIBUTE, RedirectBuilder.redirect(httpServerExchange, httpServerExchange.getRelativePath()));
    }

    protected Integer servePage(HttpServerExchange httpServerExchange, String str) {
        sendRedirect(httpServerExchange, str);
        return 307;
    }

    static void sendRedirect(HttpServerExchange httpServerExchange, String str) {
        httpServerExchange.setResponseHeader(Headers.LOCATION_STRING, httpServerExchange.getRequestScheme() + "://" + httpServerExchange.getHostAndPort() + str);
    }
}
