package org.picketlink.authentication.web;

import java.io.IOException;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.picketlink.authentication.web.support.RequestCache;
import org.picketlink.authentication.web.support.SavedRequest;
import org.picketlink.credential.DefaultLoginCredentials;

/* loaded from: input_file:WEB-INF/lib/picketlink-api-2.6.0.CR2.jar:org/picketlink/authentication/web/FormAuthenticationScheme.class */
public class FormAuthenticationScheme implements HTTPAuthenticationScheme {
    public static final String FORM_LOGIN_PAGE_INIT_PARAM = "form-login-page";
    public static final String FORM_ERROR_PAGE_INIT_PARAM = "form-error-page";
    private final RequestCache requestCache = new RequestCache();
    private String formLoginPage;
    private String formErrorPage;
    public static final String J_SECURITY_CHECK = "j_security_check";
    public static final String J_USERNAME = "j_username";
    public static final String J_PASSWORD = "j_password";
    public static final String SAVED_REQUEST = "SAVED_REQUEST";
    public static final String STATE = "STATE";

    /* loaded from: input_file:WEB-INF/lib/picketlink-api-2.6.0.CR2.jar:org/picketlink/authentication/web/FormAuthenticationScheme$STATES.class */
    private enum STATES {
        BEFORE_LOGIN,
        SHOW_LOGIN_PAGE,
        AFTER_LOGIN
    }

    @Override // org.picketlink.authentication.web.HTTPAuthenticationScheme
    public void initialize(FilterConfig filterConfig) {
        String initParameter = filterConfig.getInitParameter("form-login-page");
        if (initParameter == null) {
            initParameter = "/login.jsp";
        }
        this.formLoginPage = initParameter;
        String initParameter2 = filterConfig.getInitParameter(FORM_ERROR_PAGE_INIT_PARAM);
        if (initParameter2 == null) {
            initParameter2 = "/loginError.jsp";
        }
        this.formErrorPage = initParameter2;
    }

    @Override // org.picketlink.authentication.web.HTTPAuthenticationScheme
    public void extractCredential(HttpServletRequest httpServletRequest, DefaultLoginCredentials defaultLoginCredentials) {
        if (isFormSubmitted(httpServletRequest)) {
            defaultLoginCredentials.setUserId(httpServletRequest.getParameter("j_username"));
            defaultLoginCredentials.setPassword(httpServletRequest.getParameter("j_password"));
        }
    }

    @Override // org.picketlink.authentication.web.HTTPAuthenticationScheme
    public void challengeClient(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        HttpSession session = httpServletRequest.getSession();
        String str = (String) session.getAttribute("STATE");
        if (str == null || STATES.BEFORE_LOGIN.toString().equals(str)) {
            this.requestCache.saveRequest(httpServletRequest);
            session.setAttribute("STATE", STATES.SHOW_LOGIN_PAGE.toString());
        }
        forwardToLoginPage(httpServletRequest, httpServletResponse);
    }

    @Override // org.picketlink.authentication.web.HTTPAuthenticationScheme
    public boolean postAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        HttpSession session = httpServletRequest.getSession();
        String str = (String) session.getAttribute("STATE");
        if (str == null || !STATES.SHOW_LOGIN_PAGE.toString().equals(str)) {
            return false;
        }
        this.requestCache.removeAndStoreSavedRequestInSession(httpServletRequest);
        String requestURI = ((SavedRequest) session.getAttribute(SAVED_REQUEST)).getRequestURI();
        session.setAttribute("STATE", STATES.AFTER_LOGIN.toString());
        httpServletResponse.sendRedirect(requestURI);
        return false;
    }

    @Override // org.picketlink.authentication.web.HTTPAuthenticationScheme
    public boolean isProtected(HttpServletRequest httpServletRequest) {
        return true;
    }

    private void forwardToLoginPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            httpServletRequest.getRequestDispatcher(this.formLoginPage).forward(httpServletRequest, httpServletResponse);
        } catch (IOException e) {
            throw new RuntimeException(e);
        } catch (ServletException e2) {
            throw new RuntimeException(e2);
        }
    }

    private void forwardToErrorPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            httpServletRequest.getRequestDispatcher(this.formErrorPage).forward(httpServletRequest, httpServletResponse);
        } catch (IOException e) {
            throw new RuntimeException(e);
        } catch (ServletException e2) {
            throw new RuntimeException(e2);
        }
    }

    private boolean isFormSubmitted(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURI().contains(J_SECURITY_CHECK);
    }
}
