package net.sf.jguard.jee.authentication.schemes;

import java.io.IOException;
import java.security.Permission;
import java.util.Map;
import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.jguard.core.authentication.exception.AuthenticationException;
import net.sf.jguard.core.authentication.schemes.LoginPasswordFormSchemeHandler;
import net.sf.jguard.core.authorization.permissions.PermissionFactory;
import net.sf.jguard.core.authorization.permissions.URLPermission;
import net.sf.jguard.core.lifecycle.Request;
import net.sf.jguard.core.lifecycle.Response;
import net.sf.jguard.core.technology.StatefulScopes;
import net.sf.jguard.jee.HttpConstants;
import net.sf.jguard.jee.HttpPermissionFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/sf/jguard/jee/authentication/schemes/HttpServletLoginPasswordFormSchemeHandler.class */
public class HttpServletLoginPasswordFormSchemeHandler extends LoginPasswordFormSchemeHandler<HttpServletRequest, HttpServletResponse> {
    private String loginField;
    private String passwordField;
    private String authenticationSucceedURI;
    private String logonProcessURI;
    private Permission logonProcessPermission;
    private String logonURI;
    private Permission logonPermission;
    private String logoffURI;
    private Permission logoffPermission;
    private static final Logger logger = LoggerFactory.getLogger(HttpServletLoginPasswordFormSchemeHandler.class.getName());
    private URLPermission authenticationSucceedPermission;
    private URLPermission authenticationFailedPermission;
    public static final String LOGON_PROCESS_URI = "logonProcessURI";
    public static final String LOGIN_FIELD = "loginField";
    public static final String PASSWORD_FIELD = "passwordField";
    public static final String AUTHENTICATION_SUCCEED_URI = "authenticationSucceedURI";
    public static final String AUTHENTICATION_FAILED_URI = "authenticationFailedURI";

    public HttpServletLoginPasswordFormSchemeHandler(Map<String, String> map, StatefulScopes statefulScopes) {
        super(map, statefulScopes);
        this.loginField = map.get("loginField");
        this.passwordField = map.get("passwordField");
        this.authenticationSucceedURI = map.get("authenticationSucceedURI");
        if (this.authenticationSucceedURI == null && "".equals(this.authenticationSucceedURI)) {
            throw new IllegalArgumentException("authenticationSucceedURI parameter is null but is required to instantiate HttpServletLoginPasswordFormSchemeHandler");
        }
        this.authenticationSucceedPermission = new URLPermission("authenticationSucceedURI", this.authenticationSucceedURI);
        String str = map.get("authenticationFailedURI");
        if (str == null || "".equals(str)) {
            throw new IllegalArgumentException("authenticationFailedURI parameter is null but is required to instantiate HttpServletLoginPasswordFormSchemeHandler");
        }
        this.authenticationFailedPermission = new URLPermission("authenticationFailedURI", str);
        this.logonProcessURI = map.get("logonProcessURI");
        if (this.logonProcessURI == null || "".equals(this.logonProcessURI)) {
            throw new IllegalArgumentException("logonProcessURI parameter is null but is required to instantiate HttpServletLoginPasswordFormSchemeHandler");
        }
        this.logonProcessPermission = new URLPermission("logonProcessURI", this.logonProcessURI);
        this.logonURI = map.get(HttpConstants.LOGON_URI);
        if (this.logonURI == null || "".equals(this.logonURI)) {
            throw new IllegalArgumentException("logonURI parameter is null but is required to instantiate HttpServletLoginPasswordFormSchemeHandler");
        }
        this.logonPermission = new URLPermission(HttpConstants.LOGON_URI, this.logonURI);
        this.logoffURI = map.get(HttpConstants.LOGOFF_URI);
        if (this.logoffURI == null || "".equals(this.logoffURI)) {
            throw new IllegalArgumentException("logoffURI parameter is null but is required to instantiate HttpServletLoginPasswordFormSchemeHandler");
        }
        this.logoffPermission = new URLPermission(HttpConstants.LOGOFF_URI, this.logoffURI);
        buildGrantedPermissions();
    }

    protected Permission getLogonProcessPermission() {
        return this.logonProcessPermission;
    }

    public Permission getLogoffPermission() {
        return this.logoffPermission;
    }

    public Permission getLogonPermission() {
        return this.logonPermission;
    }

    protected PermissionFactory<HttpServletRequest> getPermissionFactory() {
        return new HttpPermissionFactory();
    }

    public void buildChallenge(Request<HttpServletRequest> request, Response<HttpServletResponse> response) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) request.get();
        HttpServletResponse httpServletResponse = (HttpServletResponse) response.get();
        if (httpServletResponse.isCommitted()) {
            return;
        }
        try {
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(httpServletRequest.getContextPath() + this.logonURI));
        } catch (IOException e) {
            logger.error(e.getMessage(), e);
            throw new AuthenticationException(e);
        }
    }

    public void authenticationSucceed(Subject subject, Request<HttpServletRequest> request, Response<HttpServletResponse> response) {
        this.authenticationBindings.setSessionAttribute("redirect", "true");
        HttpServletRequest httpServletRequest = (HttpServletRequest) request.get();
        HttpServletResponse httpServletResponse = (HttpServletResponse) response.get();
        String str = this.authenticationSucceedURI;
        URLPermission uRLPermission = (URLPermission) this.authenticationBindings.getSessionAttribute("lastAccessDeniedPermission");
        String uri = uRLPermission == null ? this.authenticationSucceedURI : uRLPermission.getURI();
        if (uri != null && !"".equals(uri)) {
            if (this.goToLastAccessDeniedUriOnSuccess) {
                str = uri;
                httpServletRequest.getSession(true).setAttribute(HttpConstants.GO_TO_LAST_ACCESS_DENIED_URI_ON_SUCCESS, Boolean.TRUE.toString());
            } else {
                str = this.logonURI;
            }
        }
        logger.debug(" user is authenticated ", " redirect to " + str);
        if (httpServletResponse.isCommitted()) {
            return;
        }
        try {
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(httpServletRequest.getContextPath() + str));
        } catch (IOException e) {
            logger.error(e.getMessage(), e);
            throw new AuthenticationException(e);
        }
    }

    public void authenticationFailed(Request<HttpServletRequest> request, Response<HttpServletResponse> response) {
        this.authenticationBindings.setSessionAttribute("redirect", "true");
        HttpServletRequest httpServletRequest = (HttpServletRequest) request.get();
        HttpServletResponse httpServletResponse = (HttpServletResponse) response.get();
        if (httpServletResponse.isCommitted()) {
            logger.warn(" response is already committed ");
            return;
        }
        if (this.authenticationFailedPermission == null || this.authenticationFailedPermission.getURI().equals("")) {
            return;
        }
        try {
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(httpServletRequest.getContextPath() + this.authenticationFailedPermission.getURI()));
            logger.debug("authentication failed redirect to " + this.authenticationFailedPermission.getURI());
            logger.debug(" user is not authenticated  and redirected to " + httpServletRequest.getContextPath() + this.authenticationFailedPermission.getURI());
        } catch (IOException e) {
            logger.error(e.getMessage(), e);
            throw new AuthenticationException(e);
        }
    }

    protected String getLogin(Request<HttpServletRequest> request) {
        return ((HttpServletRequest) request.get()).getParameter(this.loginField);
    }

    protected String getPassword(Request<HttpServletRequest> request) {
        return ((HttpServletRequest) request.get()).getParameter(this.passwordField);
    }
}
