package io.undertow.servlet.handlers.security;

import io.undertow.security.api.AuthenticationMechanism;
import io.undertow.security.api.AuthenticationMechanismFactory;
import io.undertow.security.idm.IdentityManager;
import io.undertow.security.impl.FormAuthenticationMechanism;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.handlers.form.FormParserFactory;
import io.undertow.server.session.Session;
import io.undertow.servlet.handlers.ServletRequestContext;
import io.undertow.servlet.spec.HttpSessionImpl;
import io.undertow.servlet.util.SavedRequest;
import io.undertow.util.Headers;
import io.undertow.util.RedirectBuilder;
import java.io.IOException;
import java.security.AccessController;
import java.util.Map;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;

/* JADX WARN: Classes with same name are omitted:
  input_file:m2repo/io/undertow/undertow-servlet/1.4.11.Final/undertow-servlet-1.4.11.Final.jar:io/undertow/servlet/handlers/security/ServletFormAuthenticationMechanism.class
 */
/* loaded from: input_file:m2repo/io/undertow/undertow-servlet/1.4.0.Final/undertow-servlet-1.4.0.Final.jar:io/undertow/servlet/handlers/security/ServletFormAuthenticationMechanism.class */
public class ServletFormAuthenticationMechanism extends FormAuthenticationMechanism {
    private static final String SESSION_KEY = "io.undertow.servlet.form.auth.redirect.location";
    public static final String SAVE_ORIGINAL_REQUEST = "save-original-request";
    private final boolean saveOriginalRequest;

    /* JADX WARN: Classes with same name are omitted:
      input_file:m2repo/io/undertow/undertow-servlet/1.4.11.Final/undertow-servlet-1.4.11.Final.jar:io/undertow/servlet/handlers/security/ServletFormAuthenticationMechanism$Factory.class
     */
    /* loaded from: input_file:m2repo/io/undertow/undertow-servlet/1.4.0.Final/undertow-servlet-1.4.0.Final.jar:io/undertow/servlet/handlers/security/ServletFormAuthenticationMechanism$Factory.class */
    public static class Factory implements AuthenticationMechanismFactory {
        private final IdentityManager identityManager;

        public Factory(IdentityManager identityManager) {
            this.identityManager = identityManager;
        }

        @Override // io.undertow.security.api.AuthenticationMechanismFactory
        public AuthenticationMechanism create(String str, FormParserFactory formParserFactory, Map<String, String> map) {
            boolean z = true;
            if (map.containsKey(ServletFormAuthenticationMechanism.SAVE_ORIGINAL_REQUEST)) {
                z = Boolean.parseBoolean(map.get(ServletFormAuthenticationMechanism.SAVE_ORIGINAL_REQUEST));
            }
            return new ServletFormAuthenticationMechanism(formParserFactory, str, map.get(AuthenticationMechanismFactory.LOGIN_PAGE), map.get(AuthenticationMechanismFactory.ERROR_PAGE), this.identityManager, z);
        }
    }

    /* JADX WARN: Classes with same name are omitted:
      input_file:m2repo/io/undertow/undertow-servlet/1.4.11.Final/undertow-servlet-1.4.11.Final.jar:io/undertow/servlet/handlers/security/ServletFormAuthenticationMechanism$FormResponseWrapper.class
     */
    /* loaded from: input_file:m2repo/io/undertow/undertow-servlet/1.4.0.Final/undertow-servlet-1.4.0.Final.jar:io/undertow/servlet/handlers/security/ServletFormAuthenticationMechanism$FormResponseWrapper.class */
    private static class FormResponseWrapper extends HttpServletResponseWrapper {
        private int status;

        private FormResponseWrapper(HttpServletResponse httpServletResponse) {
            super(httpServletResponse);
            this.status = 200;
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void setStatus(int i, String str) {
            this.status = i;
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public void setStatus(int i) {
            this.status = i;
        }

        @Override // javax.servlet.http.HttpServletResponseWrapper, javax.servlet.http.HttpServletResponse
        public int getStatus() {
            return this.status;
        }
    }

    @Deprecated
    public ServletFormAuthenticationMechanism(String str, String str2, String str3) {
        super(str, str2, str3);
        this.saveOriginalRequest = true;
    }

    @Deprecated
    public ServletFormAuthenticationMechanism(String str, String str2, String str3, String str4) {
        super(str, str2, str3, str4);
        this.saveOriginalRequest = true;
    }

    public ServletFormAuthenticationMechanism(FormParserFactory formParserFactory, String str, String str2, String str3, String str4) {
        super(formParserFactory, str, str2, str3, str4);
        this.saveOriginalRequest = true;
    }

    public ServletFormAuthenticationMechanism(FormParserFactory formParserFactory, String str, String str2, String str3) {
        super(formParserFactory, str, str2, str3);
        this.saveOriginalRequest = true;
    }

    public ServletFormAuthenticationMechanism(FormParserFactory formParserFactory, String str, String str2, String str3, IdentityManager identityManager) {
        super(formParserFactory, str, str2, str3, identityManager);
        this.saveOriginalRequest = true;
    }

    public ServletFormAuthenticationMechanism(FormParserFactory formParserFactory, String str, String str2, String str3, IdentityManager identityManager, boolean z) {
        super(formParserFactory, str, str2, str3, identityManager);
        this.saveOriginalRequest = z;
    }

    @Override // io.undertow.security.impl.FormAuthenticationMechanism
    protected Integer servePage(HttpServerExchange httpServerExchange, String str) {
        ServletRequestContext servletRequestContext = (ServletRequestContext) httpServerExchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
        ServletRequest servletRequest = servletRequestContext.getServletRequest();
        ServletResponse servletResponse = servletRequestContext.getServletResponse();
        RequestDispatcher requestDispatcher = servletRequest.getRequestDispatcher(str);
        httpServerExchange.getResponseHeaders().add(Headers.CACHE_CONTROL, "no-cache, no-store, must-revalidate");
        httpServerExchange.getResponseHeaders().add(Headers.PRAGMA, "no-cache");
        httpServerExchange.getResponseHeaders().add(Headers.EXPIRES, "0");
        FormResponseWrapper formResponseWrapper = (httpServerExchange.getStatusCode() == 200 || !(servletResponse instanceof HttpServletResponse)) ? null : new FormResponseWrapper((HttpServletResponse) servletResponse);
        try {
            requestDispatcher.forward(servletRequest, formResponseWrapper != null ? formResponseWrapper : servletResponse);
            if (formResponseWrapper != null) {
                return Integer.valueOf(formResponseWrapper.getStatus());
            }
            return null;
        } catch (IOException e) {
            throw new RuntimeException(e);
        } catch (ServletException e2) {
            throw new RuntimeException(e2);
        }
    }

    @Override // io.undertow.security.impl.FormAuthenticationMechanism
    protected void storeInitialLocation(HttpServerExchange httpServerExchange) {
        if (this.saveOriginalRequest) {
            HttpSessionImpl session = ((ServletRequestContext) httpServerExchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY)).getCurrentServletContext().getSession(httpServerExchange, true);
            (System.getSecurityManager() == null ? session.getSession() : (Session) AccessController.doPrivileged(new HttpSessionImpl.UnwrapSessionAction(session))).setAttribute(SESSION_KEY, RedirectBuilder.redirect(httpServerExchange, httpServerExchange.getRelativePath()));
            SavedRequest.trySaveRequest(httpServerExchange);
        }
    }

    @Override // io.undertow.security.impl.FormAuthenticationMechanism
    protected void handleRedirectBack(HttpServerExchange httpServerExchange) {
        ServletRequestContext servletRequestContext = (ServletRequestContext) httpServerExchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletRequestContext.getServletResponse();
        HttpSessionImpl session = servletRequestContext.getCurrentServletContext().getSession(httpServerExchange, false);
        if (session != null) {
            String str = (String) (System.getSecurityManager() == null ? session.getSession() : (Session) AccessController.doPrivileged(new HttpSessionImpl.UnwrapSessionAction(session))).getAttribute(SESSION_KEY);
            if (str != null) {
                try {
                    httpServletResponse.sendRedirect(str);
                } catch (IOException e) {
                    throw new RuntimeException(e);
                }
            }
        }
    }
}
