package org.exoplatform.web.login;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.exoplatform.container.PortalContainer;
import org.exoplatform.container.web.AbstractHttpServlet;
import org.exoplatform.web.security.Credentials;
import org.exoplatform.web.security.security.AbstractTokenService;
import org.exoplatform.web.security.security.CookieTokenService;
import org.exoplatform.web.security.security.TransientTokenService;
import org.gatein.common.logging.Logger;
import org.gatein.common.logging.LoggerFactory;

/* loaded from: input_file:org/exoplatform/web/login/InitiateLoginServlet.class */
public class InitiateLoginServlet extends AbstractHttpServlet {
    private static final Logger log = LoggerFactory.getLogger(InitiateLoginServlet.class);
    public static final String COOKIE_NAME = "rememberme";
    public static final String CREDENTIALS = "credentials";

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.setContentType("text/html; charset=UTF-8");
        Credentials credentials = (Credentials) httpServletRequest.getSession().getAttribute(CREDENTIALS);
        if (credentials != null) {
            String createToken = ((TransientTokenService) AbstractTokenService.getInstance(TransientTokenService.class)).createToken(credentials);
            httpServletRequest.getSession().removeAttribute(CREDENTIALS);
            log.debug("Login initiated with credentials in session, performing authentication");
            sendAuth(httpServletResponse, credentials.getUsername(), createToken);
            return;
        }
        PortalContainer.getInstance().getPortalContext();
        String rememberMeTokenCookie = getRememberMeTokenCookie(httpServletRequest);
        if (rememberMeTokenCookie == null) {
            log.debug("Login initiated with no credentials in session and no token cookie, redirecting to login page");
            showLoginForm(httpServletRequest, httpServletResponse);
            return;
        }
        Credentials validateToken = AbstractTokenService.getInstance(CookieTokenService.class).validateToken(rememberMeTokenCookie, false);
        if (validateToken != null) {
            log.debug("Login initiated with no credentials in session but found token " + rememberMeTokenCookie + " with existing credentials, performing authentication");
            sendAuth(httpServletResponse, validateToken.getUsername(), rememberMeTokenCookie);
            return;
        }
        log.debug("Login initiated with no credentials in session but found token an invalid " + rememberMeTokenCookie + " that will be cleared in next response");
        Cookie cookie = new Cookie(COOKIE_NAME, "");
        cookie.setPath(httpServletRequest.getContextPath());
        cookie.setMaxAge(0);
        httpServletResponse.addCookie(cookie);
        showLoginForm(httpServletRequest, httpServletResponse);
    }

    private void showLoginForm(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String str = (String) httpServletRequest.getAttribute("javax.servlet.forward.request_uri");
        if (str == null) {
            throw new IllegalStateException("request attribute javax.servlet.forward.request_uri should not be null here");
        }
        try {
            httpServletRequest.setAttribute("org.gatein.portal.login.initial_uri", str);
            getServletContext().getRequestDispatcher("/login/jsp/login.jsp").include(httpServletRequest, httpServletResponse);
            httpServletRequest.removeAttribute("org.gatein.portal.login.initial_uri");
        } catch (Throwable th) {
            httpServletRequest.removeAttribute("org.gatein.portal.login.initial_uri");
            throw th;
        }
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    private void sendAuth(HttpServletResponse httpServletResponse, String str, String str2) throws IOException {
        httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL("j_security_check?j_username=" + str + "&j_password=" + str2));
    }

    public static String getRememberMeTokenCookie(HttpServletRequest httpServletRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            if (COOKIE_NAME.equals(cookie.getName())) {
                return cookie.getValue();
            }
        }
        return null;
    }

    protected boolean requirePortalEnvironment() {
        return true;
    }
}
