package com.google.apphosting.utils.jetty;

import com.google.appengine.api.users.User;
import com.google.appengine.api.users.UserService;
import com.google.appengine.api.users.UserServiceFactory;
import com.google.apphosting.api.ApiProxy;
import java.io.IOException;
import java.security.Principal;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import org.mortbay.jetty.HttpStatus;
import org.mortbay.jetty.Request;
import org.mortbay.jetty.Response;
import org.mortbay.jetty.security.Authenticator;
import org.mortbay.jetty.security.SecurityHandler;
import org.mortbay.jetty.security.UserRealm;
import org.mortbay.util.URIUtil;

/* loaded from: input_file:com/google/apphosting/utils/jetty/AppEngineAuthentication.class */
class AppEngineAuthentication {
    private static final Logger log = Logger.getLogger(AppEngineAuthentication.class.getName());
    private static final String AUTH_URL_PREFIX = "/_ah/";
    private static final String AUTH_METHOD = "Google Login";
    private static final String AUTH_TYPE = "GOOGLE_AUTH";
    private static final String REALM_NAME = "Google App Engine";
    private static final String SKIP_ADMIN_CHECK_ATTR = "com.google.apphosting.internal.SkipAdminCheck";

    /* loaded from: input_file:com/google/apphosting/utils/jetty/AppEngineAuthentication$AppEngineAuthenticator.class */
    private static class AppEngineAuthenticator implements Authenticator {
        private AppEngineAuthenticator() {
        }

        @Override // org.mortbay.jetty.security.Authenticator
        public Principal authenticate(UserRealm userRealm, String str, Request request, Response response) {
            UserService userService = UserServiceFactory.getUserService();
            if (URIUtil.addPaths(request.getServletPath(), request.getPathInfo()).startsWith(AppEngineAuthentication.AUTH_URL_PREFIX)) {
                Logger logger = AppEngineAuthentication.log;
                Level level = Level.FINE;
                String requestURI = request.getRequestURI();
                logger.logp(level, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineAuthenticator", "authenticate", new StringBuilder(62 + String.valueOf(requestURI).length()).append("Got ").append(requestURI).append(", returning NOBODY to imply authentication is in progress.").toString());
                return SecurityHandler.__NOBODY;
            }
            if (request.getAttribute(AppEngineAuthentication.SKIP_ADMIN_CHECK_ATTR) != null) {
                AppEngineAuthentication.log.logp(Level.INFO, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineAuthenticator", "authenticate", "Returning NOBODY because of SkipAdminCheck.");
                return SecurityHandler.__NOBODY;
            }
            if (userService.isUserLoggedIn()) {
                User currentUser = userService.getCurrentUser();
                Logger logger2 = AppEngineAuthentication.log;
                Level level2 = Level.FINE;
                String valueOf = String.valueOf(currentUser);
                logger2.logp(level2, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineAuthenticator", "authenticate", new StringBuilder(43 + String.valueOf(valueOf).length()).append("authenticate() returning new principal for ").append(valueOf).toString());
                AppEnginePrincipal appEnginePrincipal = new AppEnginePrincipal(currentUser);
                request.setUserPrincipal(appEnginePrincipal);
                request.setAuthType(AppEngineAuthentication.AUTH_TYPE);
                return appEnginePrincipal;
            }
            if (response == null) {
                Logger logger3 = AppEngineAuthentication.log;
                Level level3 = Level.FINE;
                String requestURI2 = request.getRequestURI();
                logger3.logp(level3, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineAuthenticator", "authenticate", new StringBuilder(40 + String.valueOf(requestURI2).length()).append("Got ").append(requestURI2).append(" with null response, returning null.").toString());
                return null;
            }
            Logger logger4 = AppEngineAuthentication.log;
            Level level4 = Level.INFO;
            String requestURI3 = request.getRequestURI();
            logger4.logp(level4, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineAuthenticator", "authenticate", new StringBuilder(43 + String.valueOf(requestURI3).length()).append("Got ").append(requestURI3).append(" but no one was logged in, redirecting.").toString());
            try {
                try {
                    response.sendRedirect(userService.createLoginURL(AppEngineAuthentication.getFullURL(request)));
                    return null;
                } catch (ApiProxy.ApiProxyException e) {
                    AppEngineAuthentication.log.logp(Level.SEVERE, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineAuthenticator", "authenticate", "Could not get login URL:", e);
                    response.sendError(HttpStatus.ORDINAL_403_Forbidden);
                    return null;
                }
            } catch (IOException e2) {
                AppEngineAuthentication.log.logp(Level.WARNING, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineAuthenticator", "authenticate", "Got an IOException from sendRedirect:", (Throwable) e2);
                return null;
            }
        }

        @Override // org.mortbay.jetty.security.Authenticator
        public String getAuthMethod() {
            return AppEngineAuthentication.AUTH_METHOD;
        }
    }

    /* loaded from: input_file:com/google/apphosting/utils/jetty/AppEngineAuthentication$AppEnginePrincipal.class */
    public static class AppEnginePrincipal implements Principal {
        private final User user;

        public AppEnginePrincipal(User user) {
            this.user = user;
        }

        public User getUser() {
            return this.user;
        }

        @Override // java.security.Principal
        public String getName() {
            return (this.user.getFederatedIdentity() == null || this.user.getFederatedIdentity().length() <= 0) ? this.user.getEmail() : this.user.getFederatedIdentity();
        }

        @Override // java.security.Principal
        public boolean equals(Object obj) {
            if (obj instanceof AppEnginePrincipal) {
                return this.user.equals(((AppEnginePrincipal) obj).user);
            }
            return false;
        }

        @Override // java.security.Principal
        public String toString() {
            return this.user.toString();
        }

        @Override // java.security.Principal
        public int hashCode() {
            return this.user.hashCode();
        }
    }

    /* loaded from: input_file:com/google/apphosting/utils/jetty/AppEngineAuthentication$AppEngineUserRealm.class */
    private static class AppEngineUserRealm implements UserRealm {
        private static final String USER_ROLE = "*";
        private static final String ADMIN_ROLE = "admin";

        private AppEngineUserRealm() {
        }

        @Override // org.mortbay.jetty.security.UserRealm
        public boolean isUserInRole(Principal principal, String str) {
            String str2;
            UserService userService = UserServiceFactory.getUserService();
            Logger logger = AppEngineAuthentication.log;
            Level level = Level.INFO;
            String valueOf = String.valueOf(principal);
            logger.logp(level, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineUserRealm", "isUserInRole", new StringBuilder(34 + String.valueOf(valueOf).length() + String.valueOf(str).length()).append("Checking if principal ").append(valueOf).append(" is in role ").append(str).toString());
            if (principal == null) {
                AppEngineAuthentication.log.logp(Level.INFO, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineUserRealm", "isUserInRole", "isUserInRole() called with null principal.");
                return false;
            }
            if (!(principal instanceof AppEnginePrincipal)) {
                Logger logger2 = AppEngineAuthentication.log;
                Level level2 = Level.INFO;
                String valueOf2 = String.valueOf(principal.getClass().getName());
                if (valueOf2.length() != 0) {
                    str2 = "Got an unexpected principal of type: ".concat(valueOf2);
                } else {
                    str2 = r5;
                    String str3 = new String("Got an unexpected principal of type: ");
                }
                logger2.logp(level2, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineUserRealm", "isUserInRole", str2);
                return false;
            }
            User user = ((AppEnginePrincipal) principal).getUser();
            if ("*".equals(str)) {
                return true;
            }
            if (!ADMIN_ROLE.equals(str)) {
                AppEngineAuthentication.log.logp(Level.WARNING, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineUserRealm", "isUserInRole", new StringBuilder(15 + String.valueOf(str).length()).append("Unknown role: ").append(str).append(".").toString());
                return false;
            }
            if (user.equals(userService.getCurrentUser())) {
                return userService.isUserAdmin();
            }
            Logger logger3 = AppEngineAuthentication.log;
            Level level3 = Level.WARNING;
            String valueOf3 = String.valueOf(user);
            logger3.logp(level3, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineUserRealm", "isUserInRole", new StringBuilder(47 + String.valueOf(valueOf3).length()).append("Cannot tell if non-logged-in user ").append(valueOf3).append(" is an admin.").toString());
            return false;
        }

        @Override // org.mortbay.jetty.security.UserRealm
        public String getName() {
            return AppEngineAuthentication.REALM_NAME;
        }

        @Override // org.mortbay.jetty.security.UserRealm
        public void disassociate(Principal principal) {
            if (principal != null) {
                Logger logger = AppEngineAuthentication.log;
                Level level = Level.FINE;
                String valueOf = String.valueOf(principal);
                logger.logp(level, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineUserRealm", "disassociate", new StringBuilder(32 + String.valueOf(valueOf).length()).append("Ignoring disassociate call for: ").append(valueOf).toString());
            }
        }

        @Override // org.mortbay.jetty.security.UserRealm
        public Principal getPrincipal(String str) {
            AppEngineAuthentication.log.logp(Level.INFO, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineUserRealm", "getPrincipal", new StringBuilder(54 + String.valueOf(str).length()).append("getPrincipal(").append(str).append(") throwing UnsupportedOperationException.").toString());
            throw new UnsupportedOperationException();
        }

        @Override // org.mortbay.jetty.security.UserRealm
        public Principal authenticate(String str, Object obj, Request request) {
            Logger logger = AppEngineAuthentication.log;
            Level level = Level.INFO;
            String valueOf = String.valueOf(obj);
            logger.logp(level, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineUserRealm", "authenticate", new StringBuilder(56 + String.valueOf(str).length() + String.valueOf(valueOf).length()).append("Authenticate(").append(str).append(", ").append(valueOf).append(") throwing UnsupportedOperationException.").toString());
            throw new UnsupportedOperationException();
        }

        @Override // org.mortbay.jetty.security.UserRealm
        public boolean reauthenticate(Principal principal) {
            Logger logger = AppEngineAuthentication.log;
            Level level = Level.INFO;
            String valueOf = String.valueOf(principal);
            logger.logp(level, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineUserRealm", "reauthenticate", new StringBuilder(56 + String.valueOf(valueOf).length()).append("reauthenticate(").append(valueOf).append(") throwing UnsupportedOperationException.").toString());
            throw new UnsupportedOperationException();
        }

        @Override // org.mortbay.jetty.security.UserRealm
        public Principal pushRole(Principal principal, String str) {
            AppEngineAuthentication.log.logp(Level.WARNING, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineUserRealm", "pushRole", "pushRole throwing an UnsupportedOperationException");
            throw new UnsupportedOperationException();
        }

        @Override // org.mortbay.jetty.security.UserRealm
        public Principal popRole(Principal principal) {
            AppEngineAuthentication.log.logp(Level.WARNING, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineUserRealm", "popRole", "popRole throwing an UnsupportedOperationException");
            throw new UnsupportedOperationException();
        }

        @Override // org.mortbay.jetty.security.UserRealm
        public void logout(Principal principal) {
            Logger logger = AppEngineAuthentication.log;
            Level level = Level.WARNING;
            String valueOf = String.valueOf(principal);
            logger.logp(level, "com.google.apphosting.utils.jetty.AppEngineAuthentication$AppEngineUserRealm", "logout", new StringBuilder(50 + String.valueOf(valueOf).length()).append("logout(").append(valueOf).append(") throwing an UnsupportedOperationException").toString());
            throw new UnsupportedOperationException();
        }
    }

    AppEngineAuthentication() {
    }

    public static void configureSecurityHandler(SecurityHandler securityHandler) {
        securityHandler.setAuthenticator(new AppEngineAuthenticator());
        securityHandler.setUserRealm(new AppEngineUserRealm());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String getFullURL(HttpServletRequest httpServletRequest) {
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        if (httpServletRequest.getQueryString() != null) {
            requestURL.append('?');
            requestURL.append(httpServletRequest.getQueryString());
        }
        return requestURL.toString();
    }
}
