package com.dtolabs.client.utils;

import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.regex.Pattern;
import org.apache.commons.httpclient.Cookie;
import org.apache.commons.httpclient.Header;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.HttpState;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.cookie.CookiePolicy;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/dtolabs/client/utils/BaseFormAuthenticator.class */
public abstract class BaseFormAuthenticator implements HttpAuthenticator {
    public static final String J_SECURITY_CHECK = "j_security_check";
    public static final String JAVA_AUTH_PATH = "/j_security_check";
    public static final String JAVA_USER_PARAM = "j_username";
    public static final String JAVA_PASS_PARAM = "j_password";
    public static final String JAVA_SESSION_COOKIE_NAME = "JSESSIONID";
    public static final String HTTP_SECURE_PROTOCOL = "https";
    public static final String LOGIN_PAGE = "/user/login";
    private String username;
    private String password;
    private String basePath;
    private String cookieId;
    public static final Logger logger = Logger.getLogger(BaseFormAuthenticator.class);
    public static final Pattern JAVA_SESSION_COOKIE_PATTERN = Pattern.compile("^JSESSIONID$");

    public BaseFormAuthenticator(String str, String str2, String str3) {
        this.basePath = str;
        this.username = str2;
        this.password = str3;
    }

    abstract String getInitialPath();

    abstract boolean isValidLoginRedirect(HttpMethod httpMethod);

    abstract boolean isLoginError(HttpMethod httpMethod);

    abstract boolean isFollowLoginRedirect();

    @Override // com.dtolabs.client.utils.HttpAuthenticator
    public boolean authenticate(URL url, HttpClient httpClient) throws HttpClientException {
        HttpState state = httpClient.getState();
        if (hasSessionCookie(url, state, this.basePath)) {
            return true;
        }
        byte[] bArr = new byte[1024];
        boolean z = false;
        boolean z2 = false;
        logger.debug("No session found, must login...");
        try {
            URL url2 = new URL(url.getProtocol(), url.getHost(), url.getPort(), this.basePath + getInitialPath());
            GetMethod getMethod = new GetMethod(url2.toExternalForm());
            getMethod.setDoAuthentication(false);
            getMethod.setFollowRedirects(false);
            logger.debug("Requesting: " + url2);
            int executeMethod = httpClient.executeMethod(getMethod);
            logger.debug("Result is: " + executeMethod);
            String responseBodyAsString = getMethod.getResponseBodyAsString();
            if (null != responseBodyAsString && responseBodyAsString.contains(J_SECURITY_CHECK) && responseBodyAsString.contains(JAVA_USER_PARAM) && responseBodyAsString.contains(JAVA_PASS_PARAM)) {
                z2 = true;
            }
            getMethod.releaseConnection();
            if (executeMethod == 401) {
                if (getMethod.getResponseHeader("WWW-Authenticate") == null || !getMethod.getResponseHeader("WWW-Authenticate").getValue().matches("^Basic.*")) {
                    throw new HttpClientException("Form-based login received UNAUTHORIZED, but didn't recognize it as Basic authentication: unable to get a session");
                }
                logger.warn("Form-based login received UNAUTHORIZED, trying to use Basic authentication");
                return new BasicAuthenticator(this.username, this.password).authenticate(url, httpClient);
            }
            if (!hasSessionCookie(url, state, this.basePath)) {
                throw new HttpClientException("Unable to get a session from URL : " + url2);
            }
            if (executeMethod == 200 && z2) {
                z = true;
            } else if (executeMethod == 302 || executeMethod == 301 || executeMethod == 303 || executeMethod == 307) {
                Header responseHeader = getMethod.getResponseHeader("Location");
                if (responseHeader == null) {
                    throw new HttpClientException("Redirect with no Location header, request URL: " + url2);
                }
                String value = responseHeader.getValue();
                if (!isValidLoginRedirect(getMethod)) {
                    throw new HttpClientException("Unexpected redirection when getting session: " + value);
                }
                logger.debug("Follow redirect: " + executeMethod + ": " + value);
                GetMethod getMethod2 = new GetMethod(value);
                getMethod2.setFollowRedirects(true);
                int executeMethod2 = httpClient.executeMethod(getMethod2);
                InputStream responseBodyAsStream = getMethod2.getResponseBodyAsStream();
                while (responseBodyAsStream.available() > 0) {
                    responseBodyAsStream.read(bArr);
                }
                getMethod2.releaseConnection();
                if (executeMethod2 != 200) {
                    throw new HttpClientException("Login page status was not OK: " + executeMethod2);
                }
                logger.debug("Result: " + executeMethod2);
                z = true;
            } else if (executeMethod != 200) {
                throw new HttpClientException("Request to welcome page returned error: " + executeMethod + ": " + getMethod);
            }
            if (z) {
                URL url3 = new URL(url.getProtocol(), url.getHost(), url.getPort(), this.basePath + JAVA_AUTH_PATH);
                PostMethod postMethod = new PostMethod(url3.toExternalForm());
                postMethod.setRequestBody(new NameValuePair[]{new NameValuePair(JAVA_USER_PARAM, getUsername()), new NameValuePair(JAVA_PASS_PARAM, getPassword())});
                postMethod.setFollowRedirects(false);
                logger.debug("Post login info to URL: " + url3);
                int executeMethod3 = httpClient.executeMethod(postMethod);
                InputStream responseBodyAsStream2 = postMethod.getResponseBodyAsStream();
                while (responseBodyAsStream2.available() > 0) {
                    responseBodyAsStream2.read(bArr);
                }
                postMethod.releaseConnection();
                Header responseHeader2 = postMethod.getResponseHeader("Location");
                String value2 = null != responseHeader2 ? responseHeader2.getValue() : null;
                if (isLoginError(postMethod)) {
                    logger.error("Form-based auth failed");
                    return false;
                }
                if (null != value2 && !value2.equals(url2.toExternalForm())) {
                    logger.warn("Form-based auth succeeded, but last URL was unexpected");
                }
                if (isFollowLoginRedirect() && (executeMethod3 == 302 || executeMethod3 == 301 || executeMethod3 == 303 || executeMethod3 == 307)) {
                    if (value2 == null) {
                        throw new HttpClientException("Redirect with no Location header, request URL: " + url2);
                    }
                    executeMethod3 = httpClient.executeMethod(new GetMethod(value2));
                } else if (executeMethod3 != 200) {
                    throw new HttpClientException("Login didn't seem to work: " + executeMethod3 + ": " + postMethod.getResponseBodyAsString());
                }
                logger.debug("Result: " + executeMethod3);
            }
            return true;
        } catch (MalformedURLException e) {
            throw new HttpClientException("Bad URL", e);
        } catch (HttpException e2) {
            throw new HttpClientException("HTTP Error: " + e2.getMessage(), e2);
        } catch (IOException e3) {
            throw new HttpClientException("Error occurred while trying to authenticate to server: " + e3.getMessage(), e3);
        }
    }

    public static boolean hasSessionCookie(URL url, HttpState httpState, String str) {
        Cookie[] match = CookiePolicy.getDefaultSpec().match(url.getHost(), url.getPort() > 0 ? url.getPort() : 80, str.endsWith("/") ? str : str + "/", "https".equalsIgnoreCase(url.getProtocol()), httpState.getCookies());
        boolean z = false;
        if (match.length == 0) {
            z = false;
        } else {
            for (Cookie cookie : match) {
                if (JAVA_SESSION_COOKIE_NAME.equals(cookie.getName()) || JAVA_SESSION_COOKIE_PATTERN.matcher(cookie.getName()).matches()) {
                    logger.debug("Saw session cookie: " + cookie.getName());
                    z = true;
                    break;
                }
            }
        }
        return z;
    }

    @Override // com.dtolabs.client.utils.HttpAuthenticator
    public boolean needsReAuthentication(int i, HttpMethod httpMethod) {
        if (i >= 300 && i < 400 && httpMethod.getResponseHeader("Location") != null) {
            String value = httpMethod.getResponseHeader("Location").getValue();
            int indexOf = value.indexOf(LOGIN_PAGE);
            int indexOf2 = value.indexOf("?");
            if (indexOf < 0) {
                return false;
            }
            if (indexOf2 >= 0 && indexOf >= indexOf2) {
                return false;
            }
            ClientState.resetHttpState();
            return true;
        }
        if (200 != i) {
            return false;
        }
        String path = httpMethod.getPath();
        int indexOf3 = path.indexOf(LOGIN_PAGE);
        int indexOf4 = path.indexOf("?");
        if (indexOf3 < 0) {
            return false;
        }
        if (indexOf4 >= 0 && indexOf3 >= indexOf4) {
            return false;
        }
        ClientState.resetHttpState();
        return true;
    }

    @Override // com.dtolabs.client.utils.HttpAuthenticator
    public String getUsername() {
        return this.username;
    }

    private String getPassword() {
        return this.password;
    }

    public String getBasePath() {
        return this.basePath;
    }

    public String getCookieId() {
        return this.cookieId;
    }

    public void setCookieId(String str) {
        this.cookieId = str;
    }
}
