package de.adorsys.oauth.server;

import io.undertow.security.api.AuthenticationMechanism;
import io.undertow.security.api.SecurityContext;
import io.undertow.security.idm.Account;
import io.undertow.security.idm.PasswordCredential;
import io.undertow.server.HttpServerExchange;
import io.undertow.servlet.api.LoginConfig;
import io.undertow.servlet.handlers.ServletRequestContext;
import io.undertow.servlet.spec.HttpServletRequestImpl;
import io.undertow.servlet.spec.ServletContextImpl;
import io.undertow.util.Methods;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:WEB-INF/lib/oauth-wildfly-support-0.28.jar:de/adorsys/oauth/server/FormAuthenticationMatcher.class */
public class FormAuthenticationMatcher implements AuthenticatorMatcher {
    private static final String FORM_PASSWORD = "j_password";
    private static final String FORM_USERNAME = "j_username";
    private static final String DEFAULT_LOGIN_ERROR_PAGE = "/loginError.jsp";
    private static final String DEFAULT_LOGIN_PAGE = "/login.jsp";
    private static final String DEFAULT_POST_LOCATION = "/api/auth";
    private String loginPage;
    private String loginErrorPage;

    @Override // de.adorsys.oauth.server.AuthenticatorMatcher
    public void initialize(ServletContext servletContext) {
        ServletContextImpl servletContextImpl = (ServletContextImpl) servletContext;
        this.loginPage = resolveLoginPage(servletContextImpl);
        this.loginErrorPage = resolveLoginErrorPage(servletContextImpl);
    }

    private String resolveLoginErrorPage(ServletContextImpl servletContextImpl) {
        LoginConfig loginConfig = servletContextImpl.getDeployment().getDeploymentInfo().getLoginConfig();
        String errorPage = loginConfig == null ? null : loginConfig.getErrorPage();
        if (errorPage == null) {
            errorPage = DEFAULT_LOGIN_ERROR_PAGE;
        }
        return errorPage;
    }

    private String resolveLoginPage(ServletContextImpl servletContextImpl) {
        LoginConfig loginConfig = servletContextImpl.getDeployment().getDeploymentInfo().getLoginConfig();
        String loginPage = loginConfig == null ? null : loginConfig.getLoginPage();
        if (loginPage == null) {
            loginPage = DEFAULT_LOGIN_PAGE;
        }
        return loginPage;
    }

    @Override // de.adorsys.oauth.server.AuthenticatorMatcher
    public boolean match(HttpServerExchange httpServerExchange, HttpServletRequest httpServletRequest) {
        String queryString = httpServletRequest.getQueryString();
        return (queryString != null && queryString.contains("response_type")) || httpServletRequest.getParameter("response_type") != null;
    }

    public AuthenticationMechanism.AuthenticationMechanismOutcome authenticate(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        HttpServletRequestImpl originalRequest = ((ServletRequestContext) httpServerExchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY)).getOriginalRequest();
        if (!"POST".equals(originalRequest.getMethod())) {
            return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_ATTEMPTED;
        }
        String parameter = originalRequest.getParameter(FORM_USERNAME);
        String parameter2 = originalRequest.getParameter(FORM_PASSWORD);
        Account verify = (parameter2 == null || parameter == null) ? null : securityContext.getIdentityManager().verify(parameter, new PasswordCredential(parameter2.toCharArray()));
        if (verify == null) {
            return AuthenticationMechanism.AuthenticationMechanismOutcome.NOT_AUTHENTICATED;
        }
        securityContext.authenticationComplete(verify, "OAUTH", false);
        return AuthenticationMechanism.AuthenticationMechanismOutcome.AUTHENTICATED;
    }

    public AuthenticationMechanism.ChallengeResult sendChallenge(HttpServerExchange httpServerExchange, SecurityContext securityContext) {
        String str = this.loginPage;
        if (httpServerExchange.getRequestURI().endsWith(DEFAULT_POST_LOCATION) && httpServerExchange.getRequestMethod().equals(Methods.POST)) {
            str = this.loginErrorPage;
        }
        forward(httpServerExchange, str);
        return new AuthenticationMechanism.ChallengeResult(false);
    }

    private void forward(HttpServerExchange httpServerExchange, String str) {
        ServletRequestContext servletRequestContext = (ServletRequestContext) httpServerExchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY);
        HttpServletRequestImpl originalRequest = servletRequestContext.getOriginalRequest();
        try {
            originalRequest.getRequestDispatcher(str).forward(originalRequest, servletRequestContext.getServletResponse());
        } catch (Exception e) {
        }
    }
}
