package org.apache.catalina.authenticator;

import java.io.IOException;
import java.security.Principal;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Locale;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.HttpRequest;
import org.apache.catalina.HttpResponse;
import org.apache.catalina.Realm;
import org.apache.catalina.Session;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.tomcat.util.buf.MessageBytes;

/* loaded from: input_file:org/apache/catalina/authenticator/FormAuthenticator.class */
public class FormAuthenticator extends AuthenticatorBase {
    private static Log log;
    protected static final String info = "org.apache.catalina.authenticator.FormAuthenticator/1.0";
    static Class class$org$apache$catalina$authenticator$FormAuthenticator;

    @Override // org.apache.catalina.authenticator.AuthenticatorBase, org.apache.catalina.valves.ValveBase, org.apache.catalina.Valve
    public String getInfo() {
        return info;
    }

    @Override // org.apache.catalina.authenticator.AuthenticatorBase
    public boolean authenticate(HttpRequest httpRequest, HttpResponse httpResponse, LoginConfig loginConfig) throws IOException {
        HttpServletRequest request = httpRequest.getRequest();
        HttpServletResponse response = httpResponse.getResponse();
        Session session = null;
        Principal userPrincipal = request.getUserPrincipal();
        String str = (String) httpRequest.getNote(Constants.REQ_SSOID_NOTE);
        if (userPrincipal != null) {
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("Already authenticated '").append(userPrincipal.getName()).append("'").toString());
            }
            if (str == null) {
                return true;
            }
            associate(str, getSession(httpRequest, true));
            return true;
        }
        if (str != null) {
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("SSO Id ").append(str).append(" set; attempting ").append("reauthentication").toString());
            }
            if (reauthenticateFromSSO(str, httpRequest)) {
                return true;
            }
        }
        if (!this.cache) {
            session = getSession(httpRequest, true);
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("Checking for reauthenticate in session ").append(session).toString());
            }
            String str2 = (String) session.getNote(Constants.SESS_USERNAME_NOTE);
            String str3 = (String) session.getNote(Constants.SESS_PASSWORD_NOTE);
            if (str2 != null && str3 != null) {
                if (log.isDebugEnabled()) {
                    log.debug(new StringBuffer().append("Reauthenticating username '").append(str2).append("'").toString());
                }
                Principal authenticate = this.context.getRealm().authenticate(str2, str3);
                if (authenticate != null) {
                    session.setNote(Constants.FORM_PRINCIPAL_NOTE, authenticate);
                    if (!matchRequest(httpRequest)) {
                        register(httpRequest, httpResponse, authenticate, "FORM", str2, str3);
                        return true;
                    }
                }
                if (log.isDebugEnabled()) {
                    log.debug("Reauthentication failed, proceed normally");
                }
            }
        }
        if (matchRequest(httpRequest)) {
            Session session2 = getSession(httpRequest, true);
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("Restore request from session '").append(session2.getId()).append("'").toString());
            }
            register(httpRequest, httpResponse, (Principal) session2.getNote(Constants.FORM_PRINCIPAL_NOTE), "FORM", (String) session2.getNote(Constants.SESS_USERNAME_NOTE), (String) session2.getNote(Constants.SESS_PASSWORD_NOTE));
            if (this.cache) {
                session2.removeNote(Constants.SESS_USERNAME_NOTE);
                session2.removeNote(Constants.SESS_PASSWORD_NOTE);
            }
            if (restoreRequest(httpRequest, session2)) {
                if (!log.isDebugEnabled()) {
                    return true;
                }
                log.debug("Proceed to restored request");
                return true;
            }
            if (log.isDebugEnabled()) {
                log.debug("Restore of original request failed");
            }
            response.sendError(400);
            return false;
        }
        MessageBytes.newInstance().getCharChunk().setLimit(-1);
        String contextPath = request.getContextPath();
        String decodedRequestURI = httpRequest.getDecodedRequestURI();
        httpResponse.setContext(httpRequest.getContext());
        if (!(decodedRequestURI.startsWith(contextPath) && decodedRequestURI.endsWith("/j_security_check"))) {
            Session session3 = getSession(httpRequest, true);
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("Save request in session '").append(session3.getId()).append("'").toString());
            }
            saveRequest(httpRequest, session3);
            try {
                this.context.getServletContext().getRequestDispatcher(loginConfig.getLoginPage()).forward(request, response);
                httpResponse.finishResponse();
                return false;
            } catch (Throwable th) {
                log.warn("Unexpected error forwarding to login page", th);
                return false;
            }
        }
        Realm realm = this.context.getRealm();
        String parameter = request.getParameter(Constants.FORM_USERNAME);
        String parameter2 = request.getParameter(Constants.FORM_PASSWORD);
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append("Authenticating username '").append(parameter).append("'").toString());
        }
        Principal authenticate2 = realm.authenticate(parameter, parameter2);
        if (authenticate2 == null) {
            try {
                this.context.getServletContext().getRequestDispatcher(loginConfig.getErrorPage()).forward(request, response);
                return false;
            } catch (Throwable th2) {
                log.warn("Unexpected error forwarding to error page", th2);
                return false;
            }
        }
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append("Authentication of '").append(parameter).append("' was successful").toString());
        }
        if (session == null) {
            session = getSession(httpRequest, false);
        }
        if (session == null) {
            if (this.debug >= 1) {
                log("User took so long to log on the session expired");
            }
            response.sendError(408, sm.getString("authenticator.sessionExpired"));
            return false;
        }
        session.setNote(Constants.FORM_PRINCIPAL_NOTE, authenticate2);
        session.setNote(Constants.SESS_USERNAME_NOTE, parameter);
        session.setNote(Constants.SESS_PASSWORD_NOTE, parameter2);
        String savedRequestURL = savedRequestURL(session);
        if (log.isDebugEnabled()) {
            log.debug(new StringBuffer().append("Redirecting to original '").append(savedRequestURL).append("'").toString());
        }
        if (savedRequestURL == null) {
            response.sendError(400, sm.getString("authenticator.formlogin"));
            return false;
        }
        response.sendRedirect(response.encodeRedirectURL(savedRequestURL));
        return false;
    }

    protected boolean matchRequest(HttpRequest httpRequest) {
        SavedRequest savedRequest;
        String requestURI;
        Session session = getSession(httpRequest, false);
        if (session == null || (savedRequest = (SavedRequest) session.getNote(Constants.FORM_REQUEST_NOTE)) == null || session.getNote(Constants.FORM_PRINCIPAL_NOTE) == null || (requestURI = httpRequest.getRequest().getRequestURI()) == null) {
            return false;
        }
        return requestURI.equals(savedRequest.getRequestURI());
    }

    protected boolean restoreRequest(HttpRequest httpRequest, Session session) {
        SavedRequest savedRequest = (SavedRequest) session.getNote(Constants.FORM_REQUEST_NOTE);
        session.removeNote(Constants.FORM_REQUEST_NOTE);
        session.removeNote(Constants.FORM_PRINCIPAL_NOTE);
        if (savedRequest == null) {
            return false;
        }
        httpRequest.clearCookies();
        Iterator cookies = savedRequest.getCookies();
        while (cookies.hasNext()) {
            httpRequest.addCookie((Cookie) cookies.next());
        }
        httpRequest.clearHeaders();
        Iterator headerNames = savedRequest.getHeaderNames();
        while (headerNames.hasNext()) {
            String str = (String) headerNames.next();
            Iterator headerValues = savedRequest.getHeaderValues(str);
            while (headerValues.hasNext()) {
                httpRequest.addHeader(str, (String) headerValues.next());
            }
        }
        httpRequest.clearLocales();
        Iterator locales = savedRequest.getLocales();
        while (locales.hasNext()) {
            httpRequest.addLocale((Locale) locales.next());
        }
        httpRequest.clearParameters();
        if ("POST".equalsIgnoreCase(savedRequest.getMethod())) {
            Iterator parameterNames = savedRequest.getParameterNames();
            while (parameterNames.hasNext()) {
                String str2 = (String) parameterNames.next();
                httpRequest.addParameter(str2, savedRequest.getParameterValues(str2));
            }
        }
        httpRequest.setMethod(savedRequest.getMethod());
        httpRequest.setQueryString(savedRequest.getQueryString());
        httpRequest.setRequestURI(savedRequest.getRequestURI());
        return true;
    }

    private void saveRequest(HttpRequest httpRequest, Session session) {
        HttpServletRequest request = httpRequest.getRequest();
        SavedRequest savedRequest = new SavedRequest();
        Cookie[] cookies = request.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                savedRequest.addCookie(cookie);
            }
        }
        Enumeration headerNames = request.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str = (String) headerNames.nextElement();
            Enumeration headers = request.getHeaders(str);
            while (headers.hasMoreElements()) {
                savedRequest.addHeader(str, (String) headers.nextElement());
            }
        }
        Enumeration locales = request.getLocales();
        while (locales.hasMoreElements()) {
            savedRequest.addLocale((Locale) locales.nextElement());
        }
        Map parameterMap = request.getParameterMap();
        for (String str2 : parameterMap.keySet()) {
            savedRequest.addParameter(str2, (String[]) parameterMap.get(str2));
        }
        savedRequest.setMethod(request.getMethod());
        savedRequest.setQueryString(request.getQueryString());
        savedRequest.setRequestURI(request.getRequestURI());
        session.setNote(Constants.FORM_REQUEST_NOTE, savedRequest);
    }

    private String savedRequestURL(Session session) {
        SavedRequest savedRequest = (SavedRequest) session.getNote(Constants.FORM_REQUEST_NOTE);
        if (savedRequest == null) {
            return null;
        }
        StringBuffer stringBuffer = new StringBuffer(savedRequest.getRequestURI());
        if (savedRequest.getQueryString() != null) {
            stringBuffer.append('?');
            stringBuffer.append(savedRequest.getQueryString());
        }
        return stringBuffer.toString();
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$apache$catalina$authenticator$FormAuthenticator == null) {
            cls = class$("org.apache.catalina.authenticator.FormAuthenticator");
            class$org$apache$catalina$authenticator$FormAuthenticator = cls;
        } else {
            cls = class$org$apache$catalina$authenticator$FormAuthenticator;
        }
        log = LogFactory.getLog(cls);
    }
}
