package org.uberfire.ext.security.server;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Map;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/uberfire-servlet-security-7.37.0-SNAPSHOT.jar:org/uberfire/ext/security/server/LoginRedirectServlet.class */
public class LoginRedirectServlet extends HttpServlet {
    public static final String DISPLAY_AFTER_LOGIN_INIT_PARAM = "display-after-login";
    public static final String DISPLAY_WHEN_NOT_AUTH_INIT_PARAM = "display-when-not-authenticated";
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) LoginRedirectServlet.class);
    private String displayAfterLoginUri;
    private String displayWhenNotAuthenticatedUri;

    private static String extractParameters(HttpServletRequest httpServletRequest) {
        try {
            StringBuilder sb = new StringBuilder();
            for (Map.Entry entry : httpServletRequest.getParameterMap().entrySet()) {
                String encode = URLEncoder.encode((String) entry.getKey(), "UTF-8");
                if (!encode.equals("j_username") && !encode.equals("j_password")) {
                    for (String str : (String[]) entry.getValue()) {
                        if (sb.length() != 0) {
                            sb.append("&");
                        }
                        sb.append(encode).append("=").append(URLEncoder.encode(str, "UTF-8"));
                    }
                }
            }
            return sb.toString();
        } catch (UnsupportedEncodingException e) {
            throw new AssertionError("UTF-8 not supported on this JVM?");
        }
    }

    public void init(ServletConfig servletConfig) throws ServletException {
        String initParameter = servletConfig.getInitParameter(DISPLAY_AFTER_LOGIN_INIT_PARAM);
        if (initParameter == null) {
            throw new IllegalStateException(getClass().getSimpleName() + " requires that you set the init parameter \"" + DISPLAY_AFTER_LOGIN_INIT_PARAM + "\" to the context-relative URI of the host page.");
        }
        this.displayAfterLoginUri = servletConfig.getServletContext().getContextPath() + initParameter;
        String initParameter2 = servletConfig.getInitParameter(DISPLAY_WHEN_NOT_AUTH_INIT_PARAM);
        if (initParameter2 != null) {
            this.displayWhenNotAuthenticatedUri = servletConfig.getServletContext().getContextPath() + initParameter2;
        }
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (this.displayWhenNotAuthenticatedUri != null && httpServletRequest.getUserPrincipal() == null) {
            logger.debug("No authorized user thus cleaning up session and redirecting to " + this.displayWhenNotAuthenticatedUri);
            try {
                httpServletRequest.logout();
                httpServletRequest.getSession().invalidate();
            } catch (Exception e) {
            }
            httpServletResponse.sendRedirect(this.displayWhenNotAuthenticatedUri);
            return;
        }
        logger.debug("Redirecting " + httpServletRequest.getUserPrincipal() + " to " + this.displayAfterLoginUri);
        StringBuilder sb = new StringBuilder(this.displayAfterLoginUri);
        String extractParameters = extractParameters(httpServletRequest);
        if (extractParameters.length() > 0) {
            sb.append("?").append(extractParameters);
        }
        httpServletResponse.sendRedirect(sb.toString());
    }
}
