package com.inet.authentication.script;

import com.inet.authentication.AuthenticationDescription;
import com.inet.authentication.RemoteLoginProcessor;
import com.inet.http.error.ServletErrorHandler;
import com.inet.http.security.TrustAllTrustManager;
import com.inet.http.servlet.SessionStore;
import com.inet.lib.io.UTF8StreamWriter;
import com.inet.lib.util.IOFunctions;
import com.inet.logging.LogManager;
import com.inet.logging.Logger;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpCookie;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.HashSet;
import java.util.InvalidPropertiesFormatException;
import java.util.Iterator;
import java.util.Properties;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.annotation.SuppressFBWarnings;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@SuppressFBWarnings(value = {"URLCONNECTION_SSRF_FD", "COOKIE_USAGE"}, justification = "Caller must validate the URL")
/* loaded from: input_file:com/inet/authentication/script/d.class */
public class d extends RemoteLoginProcessor {
    public static final Logger n = LogManager.getLogger("Authentication");
    private static final HashSet<String> o = new HashSet<>();
    private final URL p;
    private final boolean q;
    private final Properties r;
    private String s;
    private String t;
    private URL u;
    private String v;
    private static String w;

    public d(AuthenticationDescription authenticationDescription, URL url, boolean z) {
        super(authenticationDescription);
        this.r = new Properties();
        this.p = url;
        this.q = z;
    }

    @Nonnull
    public String getLoginSource() {
        return "system";
    }

    String a() {
        return this.r.getProperty("username");
    }

    public String getLoginID() {
        String a = a();
        if (a == null) {
            try {
                HttpServletRequest httpServletRequest = SessionStore.getHttpServletRequest();
                Cookie[] cookies = httpServletRequest.getCookies();
                if (cookies != null) {
                    String id = httpServletRequest.getSession().getId();
                    String str = null;
                    for (Cookie cookie : cookies) {
                        if (id.equals(cookie.getValue())) {
                            w = cookie.getName();
                        } else if (!cookie.getName().equals(w)) {
                            String httpCookie = new HttpCookie(cookie.getName(), cookie.getValue()).toString();
                            str = str == null ? httpCookie : str + ";" + httpCookie;
                        }
                    }
                    if (str != null && !str.equals(this.s) && !str.equals(this.v)) {
                        String str2 = this.s;
                        String str3 = str;
                        this.s = str3;
                        this.v = str3;
                        transferClientLoginData(httpServletRequest, null);
                        a = this.r.getProperty("username");
                        if (a == null) {
                            this.s = str2;
                        }
                    }
                }
            } catch (Throwable th) {
            }
        }
        return a;
    }

    public boolean isWebUserInRole(String str) {
        String property = this.r.getProperty(str);
        if (property == null && (this.s != null || this.t != null)) {
            o.add(str);
            try {
                a((HttpURLConnection) this.p.openConnection());
                property = this.r.getProperty(str);
            } catch (Exception e) {
                n.error(e);
                return false;
            }
        }
        if (property == null) {
            return false;
        }
        if ("true".equalsIgnoreCase(property)) {
            return true;
        }
        try {
            return Integer.parseInt(property) != 0;
        } catch (Throwable th) {
            return false;
        }
    }

    public void requestLoginData(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpURLConnection[] httpURLConnectionArr = new HttpURLConnection[1];
        boolean z = a() != null;
        try {
            a(httpURLConnectionArr);
        } catch (b e) {
            if (!"java2".equals(httpServletRequest.getParameter("viewer"))) {
                try {
                    e.a(this, httpServletRequest, httpServletResponse, z);
                    return;
                } catch (IOException e2) {
                    a(e2, httpServletRequest, httpServletResponse);
                    return;
                }
            }
            if (httpServletResponse != null) {
                try {
                    httpServletResponse.setStatus(403);
                    httpServletResponse.setContentType("text/html");
                    byte[] bytes = "<html><head><title>Unauthorized</title></head><body><h1>403 Forbidden (External formular authentication required)</h1><p>You are not allowed to access this content. Please log in again.</p></body></html>".getBytes("UTF-8");
                    httpServletResponse.setContentLength(bytes.length);
                    ServletOutputStream outputStream = httpServletResponse.getOutputStream();
                    outputStream.write(bytes);
                    outputStream.flush();
                } catch (IOException e3) {
                    n.error(e3);
                }
            }
        } catch (InvalidPropertiesFormatException e4) {
            a(e4, httpServletRequest, httpServletResponse);
        } catch (IOException e5) {
            try {
                a(httpURLConnectionArr[0], httpServletResponse);
            } catch (IOException e6) {
                a(e6, httpServletRequest, httpServletResponse);
            }
        } catch (Throwable th) {
            a(th, httpServletRequest, httpServletResponse);
        }
    }

    public void a(HttpURLConnection[] httpURLConnectionArr) throws IOException, b {
        this.s = null;
        this.t = null;
        httpURLConnectionArr[0] = (HttpURLConnection) this.p.openConnection();
        a(httpURLConnectionArr[0]);
        this.r.clear();
        this.s = null;
        this.t = null;
        if (!this.p.getPath().endsWith("/LoginServlet")) {
            throw new IllegalStateException("The login script \"" + this.p + "\" does not request login information (no HTTP status code 401).");
        }
        throw new IllegalStateException("The LoginServlet does not request login information (no HTTP status code 401). The current request requires a login. You need to set a login script or change the deployment configuration of the LoginServlet.");
    }

    private static void a(Throwable th, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        n.error(th);
        ServletErrorHandler.sendErrorPage(httpServletRequest, httpServletResponse, th);
    }

    public static void a(HttpURLConnection httpURLConnection, boolean z) throws IOException {
        if (z) {
            TrustAllTrustManager.trustAllCerticates(httpURLConnection, false);
        }
    }

    private void a(HttpURLConnection httpURLConnection, HttpServletResponse httpServletResponse) throws IOException {
        this.s = httpURLConnection.getHeaderField("Set-Cookie");
        try {
            httpServletResponse.setStatus(httpURLConnection.getResponseCode());
        } catch (IllegalStateException e) {
        }
        for (String str : httpURLConnection.getHeaderFields().keySet()) {
            if (str != null && !"Set-Cookie".equalsIgnoreCase(str) && !"Server".equalsIgnoreCase(str)) {
                httpServletResponse.setHeader(str, httpURLConnection.getHeaderField(str));
                if (n.isDebug()) {
                    n.debug(str + "=" + httpURLConnection.getHeaderField(str));
                }
            }
        }
        ServletOutputStream outputStream = httpServletResponse.getOutputStream();
        InputStream errorStream = httpURLConnection.getErrorStream();
        if (errorStream != null) {
            IOFunctions.copyData(errorStream, outputStream);
        }
    }

    public boolean transferClientLoginData(HttpServletRequest httpServletRequest, @Nullable HttpServletResponse httpServletResponse) {
        if (this.u != null || getLoginID() != null) {
            return true;
        }
        try {
            HttpURLConnection httpURLConnection = (HttpURLConnection) this.p.openConnection();
            this.t = httpServletRequest.getHeader("Authorization");
            if (this.t == null && this.s == null) {
                return true;
            }
            a(httpURLConnection);
            return true;
        } catch (Exception e) {
            return true;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:39:0x016f  */
    /* JADX WARN: Removed duplicated region for block: B:41:? A[RETURN, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean transferFormLoginData(javax.servlet.http.HttpServletRequest r7, javax.servlet.http.HttpServletResponse r8) {
        /*
            Method dump skipped, instructions count: 406
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.inet.authentication.script.d.transferFormLoginData(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse):boolean");
    }

    public boolean supportsFormLogin() {
        return this.u != null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(String str) throws MalformedURLException {
        this.u = new URL(this.p, str);
    }

    private void a(HttpURLConnection httpURLConnection) throws IOException, b {
        this.r.clear();
        a(httpURLConnection, this.q);
        httpURLConnection.setAllowUserInteraction(false);
        if (this.s != null) {
            httpURLConnection.setRequestProperty("Cookie", this.s);
        } else if (this.t != null) {
            httpURLConnection.setRequestProperty("Authorization", this.t);
        }
        httpURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
        if (o.size() > 0) {
            httpURLConnection.setDoOutput(true);
            UTF8StreamWriter uTF8StreamWriter = new UTF8StreamWriter(httpURLConnection.getOutputStream());
            Iterator<String> it = o.iterator();
            while (it.hasNext()) {
                uTF8StreamWriter.append(URLEncoder.encode(it.next(), "UTF8"));
                uTF8StreamWriter.append("=&");
            }
            uTF8StreamWriter.close();
        }
        InputStream inputStream = httpURLConnection.getInputStream();
        byte[] readBytes = IOFunctions.readBytes(inputStream);
        inputStream.close();
        String headerField = httpURLConnection.getHeaderField("Set-Cookie");
        if (headerField != null) {
            this.s = headerField;
        }
        try {
            this.r.loadFromXML(new ByteArrayInputStream(readBytes));
        } catch (InvalidPropertiesFormatException e) {
            b.a(readBytes, httpURLConnection.getContentType());
            n.error(e);
            throw e;
        }
    }
}
