package org.exoplatform.web.login;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.exoplatform.container.web.AbstractHttpServlet;
import org.exoplatform.web.security.security.AbstractTokenService;
import org.exoplatform.web.security.security.CookieTokenService;
import org.exoplatform.web.security.security.TicketConfiguration;
import org.gatein.common.logging.Logger;
import org.gatein.common.logging.LoggerFactory;
import org.gatein.wci.ServletContainer;
import org.gatein.wci.impl.DefaultServletContainerFactory;
import org.gatein.wci.security.Credentials;
import org.gatein.wci.security.WCIController;

/* loaded from: input_file:org/exoplatform/web/login/InitiateLoginServlet.class */
public class InitiateLoginServlet extends AbstractHttpServlet {
    public static final String COOKIE_NAME = "rememberme";
    private WCIController wciController;
    private ServletContainer servletContainer = DefaultServletContainerFactory.getInstance().getServletContainer();
    private static final Logger log = LoggerFactory.getLogger(InitiateLoginServlet.class);
    public static final long LOGIN_VALIDITY = 1000 * ((TicketConfiguration) TicketConfiguration.getInstance(TicketConfiguration.class)).getValidityTime();

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.setContentType("text/html; charset=UTF-8");
        Credentials credentials = getWCIController().getCredentials(httpServletRequest, httpServletResponse);
        if (credentials != null) {
            this.servletContainer.login(httpServletRequest, httpServletResponse, credentials, LOGIN_VALIDITY, this.wciController.getInitialURI(httpServletRequest));
            return;
        }
        String rememberMeTokenCookie = getRememberMeTokenCookie(httpServletRequest);
        if (rememberMeTokenCookie == null) {
            log.debug("Login initiated with no credentials in session and no token cookie, redirecting to login page");
            getWCIController().showLoginForm(httpServletRequest, httpServletResponse);
            return;
        }
        Credentials validateToken = AbstractTokenService.getInstance(CookieTokenService.class).validateToken(rememberMeTokenCookie, false);
        if (validateToken != null) {
            log.debug("Login initiated with no credentials in session but found token " + rememberMeTokenCookie + " with existing credentials, performing authentication");
            getWCIController().sendAuth(httpServletRequest, httpServletResponse, validateToken.getUsername(), rememberMeTokenCookie);
            return;
        }
        log.debug("Login initiated with no credentials in session but found token an invalid " + rememberMeTokenCookie + " that will be cleared in next response");
        Cookie cookie = new Cookie(COOKIE_NAME, "");
        cookie.setPath(httpServletRequest.getContextPath());
        cookie.setMaxAge(0);
        httpServletResponse.addCookie(cookie);
        getWCIController().showLoginForm(httpServletRequest, httpServletResponse);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    public static String getRememberMeTokenCookie(HttpServletRequest httpServletRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            if (COOKIE_NAME.equals(cookie.getName())) {
                return cookie.getValue();
            }
        }
        return null;
    }

    protected boolean requirePortalEnvironment() {
        return true;
    }

    private WCIController getWCIController() {
        if (this.wciController == null) {
            this.wciController = new GateinWCIController(getServletContext());
        }
        return this.wciController;
    }
}
