package io.undertow.security.impl;

import io.undertow.UndertowLogger;
import io.undertow.UndertowMessages;
import io.undertow.security.api.AuthenticationMechanism;
import io.undertow.security.api.SecurityContext;
import io.undertow.security.idm.Account;
import io.undertow.security.idm.PasswordCredential;
import io.undertow.server.DefaultResponseListener;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.handlers.Cookie;
import io.undertow.server.handlers.CookieImpl;
import io.undertow.server.handlers.form.FormData;
import io.undertow.server.handlers.form.FormDataParser;
import io.undertow.util.Headers;
import io.undertow.util.Methods;
import io.undertow.util.StatusCodes;
import java.io.IOException;
import java.util.Map;

/* loaded from: input_file:io/undertow/security/impl/FormAuthenticationMechanism.class */
public class FormAuthenticationMechanism implements AuthenticationMechanism {
    public static final String LOCATION_COOKIE = "FORM_AUTH_ORIGINAL_URL";
    private final String name;
    private final String loginPage;
    private final String errorPage;
    private final String postLocation;

    public FormAuthenticationMechanism(String str, String str2, String str3) {
        this.name = str;
        this.loginPage = str2;
        this.errorPage = str3;
        this.postLocation = "/j_security_check";
    }

    public FormAuthenticationMechanism(String str, String str2, String str3, String str4) {
        this.name = str;
        this.loginPage = str2;
        this.errorPage = str3;
        this.postLocation = str4;
    }

    @Override // io.undertow.security.api.AuthenticationMechanism
    public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        return (httpServerExchange.getRequestURI().endsWith(this.postLocation) && httpServerExchange.getRequestMethod().equals(Methods.POST)) ? runFormAuth(httpServerExchange, securityContext) : AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_ATTEMPTED;
    }

    public AuthenticationMechanism.AuthenticationMechanismOutcome runFormAuth(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        FormDataParser formDataParser = (FormDataParser) httpServerExchange.getAttachment(FormDataParser.ATTACHMENT_KEY);
        if (formDataParser == null) {
            UndertowLogger.REQUEST_LOGGER.debug("Could not authenticate as no form parser is present");
            return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
        }
        try {
            FormData parseBlocking = formDataParser.parseBlocking();
            FormData.FormValue first = parseBlocking.getFirst("j_username");
            FormData.FormValue first2 = parseBlocking.getFirst("j_password");
            if (first == null || first2 == null) {
                UndertowLogger.REQUEST_LOGGER.debug("Could not authenticate as username or password was not present in the posted result");
                return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
            }
            String value = first.getValue();
            AuthenticationMechanism.AuthenticationMechanismOutcome authenticationMechanismOutcome = null;
            try {
                Account verify = securityContext.getIdentityManager().verify(value, new PasswordCredential(first2.getValue().toCharArray()));
                if (verify != null) {
                    securityContext.authenticationComplete(verify, this.name);
                    authenticationMechanismOutcome = AuthenticationMechanism.AuthenticationMechanismOutcome.AUTHENTICATED;
                } else {
                    securityContext.authenticationFailed(UndertowMessages.MESSAGES.authenticationFailed(value), getName());
                }
                if (authenticationMechanismOutcome == AuthenticationMechanism.AuthenticationMechanismOutcome.AUTHENTICATED) {
                    handleRedirectBack(httpServerExchange);
                }
                return authenticationMechanismOutcome != null ? authenticationMechanismOutcome : AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
            } catch (Throwable th) {
                if (null == AuthenticationMechanism.AuthenticationMechanismOutcome.AUTHENTICATED) {
                    handleRedirectBack(httpServerExchange);
                }
                if (0 != 0) {
                    return null;
                }
                return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
            }
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    protected void handleRedirectBack(HttpServerExchange httpServerExchange) {
        Map<String, Cookie> requestCookies = CookieImpl.getRequestCookies(httpServerExchange);
        if (requestCookies == null || !requestCookies.containsKey(LOCATION_COOKIE)) {
            return;
        }
        final String value = requestCookies.get(LOCATION_COOKIE).getValue();
        httpServerExchange.addDefaultResponseListener(new DefaultResponseListener() { // from class: io.undertow.security.impl.FormAuthenticationMechanism.1
            @Override // io.undertow.server.DefaultResponseListener
            public boolean handleDefaultResponse(HttpServerExchange httpServerExchange2) {
                FormAuthenticationMechanism.sendRedirect(httpServerExchange2, value);
                httpServerExchange2.endExchange();
                return true;
            }
        });
        CookieImpl cookieImpl = new CookieImpl(LOCATION_COOKIE);
        cookieImpl.setMaxAge((Integer) 0);
        CookieImpl.addResponseCookie(httpServerExchange, cookieImpl);
    }

    @Override // io.undertow.security.api.AuthenticationMechanism
    public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        if (httpServerExchange.getRequestURI().endsWith(this.postLocation) && httpServerExchange.getRequestMethod().equals(Methods.POST)) {
            return new AuthenticationMechanism.ChallengeResult(true, servePage(httpServerExchange, this.errorPage));
        }
        storeInitialLocation(httpServerExchange);
        return new AuthenticationMechanism.ChallengeResult(true, servePage(httpServerExchange, this.loginPage));
    }

    protected void storeInitialLocation(HttpServerExchange httpServerExchange) {
        CookieImpl.addResponseCookie(httpServerExchange, new CookieImpl(LOCATION_COOKIE, httpServerExchange.getRequestURI()));
    }

    protected Integer servePage(HttpServerExchange httpServerExchange, String str) {
        sendRedirect(httpServerExchange, str);
        return Integer.valueOf(StatusCodes.TEMPORARY_REDIRECT);
    }

    static void sendRedirect(HttpServerExchange httpServerExchange, String str) {
        String first = httpServerExchange.getRequestHeaders().getFirst(Headers.HOST);
        if (first == null) {
            first = httpServerExchange.getDestinationAddress().getAddress().getHostAddress();
        }
        httpServerExchange.getResponseHeaders().put(Headers.LOCATION, httpServerExchange.getRequestScheme() + "://" + first + str);
    }

    @Override // io.undertow.security.api.AuthenticationMechanism
    public String getName() {
        return this.name;
    }
}
