package org.jboss.as.web.security.jaspi.modules;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.Principal;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Locale;
import javax.security.auth.Subject;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;
import javax.servlet.ServletInputStream;
import javax.servlet.http.Cookie;
import org.apache.catalina.Context;
import org.apache.catalina.Realm;
import org.apache.catalina.Session;
import org.apache.catalina.authenticator.Constants;
import org.apache.catalina.authenticator.SavedRequest;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.util.StringManager;
import org.apache.coyote.ActionCode;
import org.apache.tomcat.util.buf.ByteChunk;
import org.apache.tomcat.util.buf.MessageBytes;
import org.apache.tomcat.util.http.MimeHeaders;
import org.jboss.as.web.WebLogger;

/* loaded from: input_file:jboss-as-7.1.1.Final/modules/org/jboss/as/web/main/jboss-as-web-7.1.1.Final.jar:org/jboss/as/web/security/jaspi/modules/HTTPFormServerAuthModule.class */
public class HTTPFormServerAuthModule extends WebServerAuthModule {
    protected Context context;
    protected boolean cache;
    protected static final StringManager sm = StringManager.getManager(Constants.Package);
    protected String delegatingLoginContextName;

    public HTTPFormServerAuthModule() {
        this.cache = false;
        this.delegatingLoginContextName = null;
    }

    public HTTPFormServerAuthModule(String str) {
        this.cache = false;
        this.delegatingLoginContextName = null;
        this.delegatingLoginContextName = str;
    }

    @Override // org.jboss.as.web.security.jaspi.modules.WebServerAuthModule, javax.security.auth.message.ServerAuth
    public AuthStatus secureResponse(MessageInfo messageInfo, Subject subject) throws AuthException {
        return AuthStatus.SUCCESS;
    }

    @Override // org.jboss.as.web.security.jaspi.modules.WebServerAuthModule, javax.security.auth.message.ServerAuth
    public AuthStatus validateRequest(MessageInfo messageInfo, Subject subject, Subject subject2) throws AuthException {
        Request request = (Request) messageInfo.getRequestMessage();
        Response response = (Response) messageInfo.getResponseMessage();
        this.context = request.getContext();
        LoginConfig loginConfig = this.context.getLoginConfig();
        Session session = null;
        this.cache = Boolean.valueOf((String) messageInfo.getMap().get("CACHE")).booleanValue();
        if (!this.cache) {
            session = request.getSessionInternal(true);
            WebLogger.WEB_SECURITY_LOGGER.debugf("Checking for reauthenticate in session %s", session.getIdInternal());
            String str = (String) session.getNote(Constants.SESS_USERNAME_NOTE);
            String str2 = (String) session.getNote(Constants.SESS_PASSWORD_NOTE);
            if (str != null && str2 != null) {
                WebLogger.WEB_SECURITY_LOGGER.debugf("Reauthenticating username '%s'", str);
                Principal authenticate = this.context.getRealm().authenticate(str, str2);
                if (authenticate != null) {
                    session.setNote(Constants.FORM_PRINCIPAL_NOTE, authenticate);
                    if (!matchRequest(request)) {
                        registerWithCallbackHandler(authenticate, str, str2);
                        return AuthStatus.SUCCESS;
                    }
                }
                WebLogger.WEB_SECURITY_LOGGER.tracef("Reauthentication failed, proceed normally", new Object[0]);
            }
        }
        if (matchRequest(request)) {
            Session sessionInternal = request.getSessionInternal(true);
            WebLogger.WEB_SECURITY_LOGGER.tracef("Restore request from session '%s'", sessionInternal.getIdInternal());
            registerWithCallbackHandler((Principal) sessionInternal.getNote(Constants.FORM_PRINCIPAL_NOTE), (String) sessionInternal.getNote(Constants.SESS_USERNAME_NOTE), (String) sessionInternal.getNote(Constants.SESS_PASSWORD_NOTE));
            if (this.cache) {
                sessionInternal.removeNote(Constants.SESS_USERNAME_NOTE);
                sessionInternal.removeNote(Constants.SESS_PASSWORD_NOTE);
            }
            if (restoreRequest(request, sessionInternal)) {
                WebLogger.WEB_SECURITY_LOGGER.tracef("Proceed to restored request", new Object[0]);
                return AuthStatus.SUCCESS;
            }
            WebLogger.WEB_SECURITY_LOGGER.tracef("Restore of original request failed", new Object[0]);
            try {
                response.sendError(400);
            } catch (IOException e) {
            }
            return AuthStatus.FAILURE;
        }
        MessageBytes.newInstance().getCharChunk().setLimit(-1);
        String contextPath = request.getContextPath();
        String decodedRequestURI = request.getDecodedRequestURI();
        if (!(decodedRequestURI.startsWith(contextPath) && decodedRequestURI.endsWith("/j_security_check"))) {
            Session sessionInternal2 = request.getSessionInternal(true);
            WebLogger.WEB_SECURITY_LOGGER.tracef("Save request in session '%s'", sessionInternal2.getIdInternal());
            try {
                saveRequest(request, sessionInternal2);
                forwardToLoginPage(request, response, loginConfig);
                return AuthStatus.SEND_CONTINUE;
            } catch (IOException e2) {
                WebLogger.WEB_SECURITY_LOGGER.tracef("Request body too big to save during authentication", new Object[0]);
                try {
                    response.sendError(403, sm.getString("authenticator.requestBodyTooBig"));
                    return AuthStatus.FAILURE;
                } catch (IOException e3) {
                    throw new AuthException(e3.getLocalizedMessage());
                }
            }
        }
        Realm realm = this.context.getRealm();
        String characterEncoding = request.getCharacterEncoding();
        if (characterEncoding != null) {
            try {
                request.setCharacterEncoding(characterEncoding);
            } catch (UnsupportedEncodingException e4) {
                WebLogger.WEB_SECURITY_LOGGER.unsupportedEncoding(e4.getLocalizedMessage());
            }
        }
        String parameter = request.getParameter(Constants.FORM_USERNAME);
        String parameter2 = request.getParameter(Constants.FORM_PASSWORD);
        WebLogger.WEB_SECURITY_LOGGER.tracef("Authenticating username '%s'", parameter);
        Principal authenticate2 = realm.authenticate(parameter, parameter2);
        if (authenticate2 == null) {
            forwardToErrorPage(request, response, loginConfig);
            return AuthStatus.FAILURE;
        }
        WebLogger.WEB_SECURITY_LOGGER.tracef("Authentication of '%s' was successful", parameter);
        if (session == null) {
            session = request.getSessionInternal(false);
        }
        if (session == null) {
            WebLogger.WEB_SECURITY_LOGGER.tracef("User took so long to log on the session expired", new Object[0]);
            try {
                response.sendError(408, sm.getString("authenticator.sessionExpired"));
            } catch (IOException e5) {
            }
            return AuthStatus.FAILURE;
        }
        session.setNote(Constants.FORM_PRINCIPAL_NOTE, authenticate2);
        session.setNote(Constants.SESS_USERNAME_NOTE, parameter);
        session.setNote(Constants.SESS_PASSWORD_NOTE, parameter2);
        String savedRequestURL = savedRequestURL(session);
        WebLogger.WEB_SECURITY_LOGGER.tracef("Redirecting to original '%s'", savedRequestURL);
        try {
            if (savedRequestURL == null) {
                response.sendError(400, sm.getString("authenticator.formlogin"));
            } else {
                response.sendRedirect(response.encodeRedirectURL(savedRequestURL));
            }
        } catch (IOException e6) {
        }
        return AuthStatus.FAILURE;
    }

    protected boolean matchRequest(Request request) {
        SavedRequest savedRequest;
        String requestURI;
        Session sessionInternal = request.getSessionInternal(false);
        if (sessionInternal == null || (savedRequest = (SavedRequest) sessionInternal.getNote(Constants.FORM_REQUEST_NOTE)) == null || sessionInternal.getNote(Constants.FORM_PRINCIPAL_NOTE) == null || (requestURI = request.getRequestURI()) == null) {
            return false;
        }
        return requestURI.equals(savedRequest.getRequestURI());
    }

    protected boolean restoreRequest(Request request, Session session) {
        ByteChunk body;
        SavedRequest savedRequest = (SavedRequest) session.getNote(Constants.FORM_REQUEST_NOTE);
        session.removeNote(Constants.FORM_REQUEST_NOTE);
        session.removeNote(Constants.FORM_PRINCIPAL_NOTE);
        if (savedRequest == null) {
            return false;
        }
        request.clearCookies();
        Iterator cookies = savedRequest.getCookies();
        while (cookies.hasNext()) {
            request.addCookie((Cookie) cookies.next());
        }
        MimeHeaders mimeHeaders = request.getCoyoteRequest().getMimeHeaders();
        mimeHeaders.recycle();
        boolean z = "GET".equalsIgnoreCase(savedRequest.getMethod()) || "HEAD".equalsIgnoreCase(savedRequest.getMethod());
        Iterator headerNames = savedRequest.getHeaderNames();
        while (headerNames.hasNext()) {
            String str = (String) headerNames.next();
            if (!"If-Modified-Since".equalsIgnoreCase(str) && (!z || !"If-None-Match".equalsIgnoreCase(str))) {
                Iterator headerValues = savedRequest.getHeaderValues(str);
                while (headerValues.hasNext()) {
                    mimeHeaders.addValue(str).setString((String) headerValues.next());
                }
            }
        }
        request.clearLocales();
        Iterator locales = savedRequest.getLocales();
        while (locales.hasNext()) {
            request.addLocale((Locale) locales.next());
        }
        request.getCoyoteRequest().getParameters().recycle();
        if ("POST".equalsIgnoreCase(savedRequest.getMethod()) && (body = savedRequest.getBody()) != null) {
            request.getCoyoteRequest().action(ActionCode.ACTION_REQ_SET_BODY_REPLAY, body);
            MessageBytes newInstance = MessageBytes.newInstance();
            String contentType = savedRequest.getContentType();
            if (contentType == null) {
                contentType = "application/x-www-form-urlencoded";
            }
            newInstance.setString(contentType);
            request.getCoyoteRequest().setContentType(newInstance);
        }
        request.getCoyoteRequest().method().setString(savedRequest.getMethod());
        request.getCoyoteRequest().queryString().setString(savedRequest.getQueryString());
        request.getCoyoteRequest().requestURI().setString(savedRequest.getRequestURI());
        return true;
    }

    protected void saveRequest(Request request, Session session) throws IOException {
        SavedRequest savedRequest = new SavedRequest();
        Cookie[] cookies = request.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                savedRequest.addCookie(cookie);
            }
        }
        Enumeration headerNames = request.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str = (String) headerNames.nextElement();
            Enumeration headers = request.getHeaders(str);
            while (headers.hasMoreElements()) {
                savedRequest.addHeader(str, (String) headers.nextElement());
            }
        }
        Enumeration locales = request.getLocales();
        while (locales.hasMoreElements()) {
            savedRequest.addLocale((Locale) locales.nextElement());
        }
        if ("POST".equalsIgnoreCase(request.getMethod())) {
            ByteChunk byteChunk = new ByteChunk();
            byteChunk.setLimit(request.getConnector().getMaxSavePostSize());
            byte[] bArr = new byte[4096];
            ServletInputStream inputStream = request.getInputStream();
            while (true) {
                int read = inputStream.read(bArr);
                if (read < 0) {
                    break;
                } else {
                    byteChunk.append(bArr, 0, read);
                }
            }
            savedRequest.setBody(byteChunk);
            savedRequest.setContentType(request.getContentType());
        }
        savedRequest.setMethod(request.getMethod());
        savedRequest.setQueryString(request.getQueryString());
        savedRequest.setRequestURI(request.getRequestURI());
        session.setNote(Constants.FORM_REQUEST_NOTE, savedRequest);
    }

    protected String savedRequestURL(Session session) {
        SavedRequest savedRequest = (SavedRequest) session.getNote(Constants.FORM_REQUEST_NOTE);
        if (savedRequest == null) {
            return null;
        }
        StringBuilder sb = new StringBuilder(savedRequest.getRequestURI());
        if (savedRequest.getQueryString() != null) {
            sb.append('?');
            sb.append(savedRequest.getQueryString());
        }
        return sb.toString();
    }

    protected void forwardToLoginPage(Request request, Response response, LoginConfig loginConfig) {
        try {
            this.context.getServletContext().getRequestDispatcher(loginConfig.getLoginPage()).forward(request.getRequest(), response.getResponse());
            response.finishResponse();
        } catch (Throwable th) {
            WebLogger.WEB_SECURITY_LOGGER.errorForwardingToLoginPage(th.getLocalizedMessage());
        }
    }

    protected void forwardToErrorPage(Request request, Response response, LoginConfig loginConfig) {
        try {
            this.context.getServletContext().getRequestDispatcher(loginConfig.getErrorPage()).forward(request.getRequest(), response.getResponse());
        } catch (Throwable th) {
            WebLogger.WEB_SECURITY_LOGGER.errorForwardingToErrorPage(th.getLocalizedMessage());
        }
    }
}
