package electric.servlet.authenticators.form;

import electric.security.ICredentials;
import electric.security.IRealm;
import electric.security.credentials.PasswordCredentials;
import electric.servlet.HTTPContext;
import electric.servlet.InboundHTTPRequest;
import electric.servlet.OutboundHTTPResponse;
import electric.servlet.authenticators.IHTTPAuthenticator;
import electric.servlet.security.WebResourceCollection;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:electric/servlet/authenticators/form/FormAuthenticator.class */
public class FormAuthenticator implements IHTTPAuthenticator {
    private HTTPContext context;

    @Override // electric.servlet.authenticators.IHTTPAuthenticator
    public void setContext(HTTPContext hTTPContext) {
        this.context = hTTPContext;
    }

    @Override // electric.servlet.authenticators.IHTTPAuthenticator
    public String getAuthMethod() {
        return "FORM";
    }

    public ICredentials getExistingFormCredentials(InboundHTTPRequest inboundHTTPRequest) {
        Object attribute;
        HttpSession session = inboundHTTPRequest.getSession(false);
        if (session == null || (attribute = session.getAttribute("electric.servlet.http.form.credentials")) == null || !(attribute instanceof ICredentials)) {
            return null;
        }
        return (ICredentials) attribute;
    }

    private void handleSecurityCheckForm(InboundHTTPRequest inboundHTTPRequest, OutboundHTTPResponse outboundHTTPResponse, HttpSession httpSession, IRealm iRealm) throws IOException {
        String parameter = inboundHTTPRequest.getParameter("j_username");
        String parameter2 = inboundHTTPRequest.getParameter("j_password");
        String str = (String) httpSession.getAttribute("electric.servlet.http.form.originalURL");
        PasswordCredentials passwordCredentials = new PasswordCredentials(parameter, parameter2);
        if (iRealm.authenticate(passwordCredentials)) {
            httpSession.setAttribute("electric.servlet.http.form.credentials", passwordCredentials);
            outboundHTTPResponse.sendRedirect(str);
            return;
        }
        String formErrorPage = this.context.getFormErrorPage();
        if (formErrorPage == null) {
            outboundHTTPResponse.sendError(404);
        } else {
            outboundHTTPResponse.sendRedirect(formErrorPage);
        }
    }

    @Override // electric.servlet.authenticators.IHTTPAuthenticator
    public boolean authenticate(InboundHTTPRequest inboundHTTPRequest, OutboundHTTPResponse outboundHTTPResponse, String str, WebResourceCollection webResourceCollection) throws IOException {
        IRealm realm = this.context.getRealm();
        if (realm == null) {
            outboundHTTPResponse.sendError(403);
            return false;
        }
        HttpSession session = inboundHTTPRequest.getSession();
        if (session == null) {
            return true;
        }
        if (str.equals("/j_security_check")) {
            handleSecurityCheckForm(inboundHTTPRequest, outboundHTTPResponse, session, realm);
            return false;
        }
        if (webResourceCollection == null) {
            return true;
        }
        ICredentials existingFormCredentials = getExistingFormCredentials(inboundHTTPRequest);
        if (existingFormCredentials != null) {
            inboundHTTPRequest.setAuthenticatedCredentials(new ICredentials[]{existingFormCredentials});
            return true;
        }
        sendNoAuthenticationResponse(inboundHTTPRequest, outboundHTTPResponse, realm);
        return false;
    }

    @Override // electric.servlet.authenticators.IHTTPAuthenticator
    public boolean sendNoAuthenticationResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, IRealm iRealm) throws IOException {
        String formLoginPage = this.context.getFormLoginPage();
        httpServletRequest.getSession().setAttribute("electric.servlet.http.form.originalURL", httpServletRequest.getRequestURI());
        httpServletResponse.sendRedirect(formLoginPage);
        return false;
    }
}
