package com.inet.authentication.script;

import com.inet.authentication.AuthenticationDescription;
import com.inet.authentication.RemoteLoginProcessor;
import com.inet.http.error.ServletErrorHandler;
import com.inet.http.security.TrustAllTrustManager;
import com.inet.http.servlet.SessionStore;
import com.inet.lib.io.UTF8StreamWriter;
import com.inet.lib.util.IOFunctions;
import jakarta.servlet.ServletOutputStream;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpServletResponseWrapper;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpCookie;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.HashSet;
import java.util.InvalidPropertiesFormatException;
import java.util.Iterator;
import java.util.Properties;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.annotation.SuppressFBWarnings;

@SuppressFBWarnings(value = {"URLCONNECTION_SSRF_FD", "COOKIE_USAGE"}, justification = "Caller must validate the URL")
/* loaded from: input_file:com/inet/authentication/script/d.class */
public class d extends RemoteLoginProcessor {
    private static final HashSet<String> n = new HashSet<>();
    private final URL o;
    private final boolean p;
    private final Properties q;
    private String r;
    private String s;
    private URL t;
    private String u;
    private static String v;

    public d(AuthenticationDescription authenticationDescription, URL url, boolean z) {
        super(authenticationDescription);
        this.q = new Properties();
        this.o = url;
        this.p = z;
    }

    @Nonnull
    public String getLoginSource() {
        return "system";
    }

    String a() {
        return this.q.getProperty("username");
    }

    public String getLoginID() {
        String a = a();
        if (a == null) {
            try {
                HttpServletRequest httpServletRequest = SessionStore.getHttpServletRequest();
                Cookie[] cookies = httpServletRequest.getCookies();
                if (cookies != null) {
                    String id = httpServletRequest.getSession().getId();
                    String str = null;
                    for (Cookie cookie : cookies) {
                        if (id.equals(cookie.getValue())) {
                            v = cookie.getName();
                        } else if (!cookie.getName().equals(v)) {
                            String str2 = cookie.getName() + "=" + cookie.getValue();
                            str = str == null ? str2 : str + ";" + str2;
                        }
                    }
                    if (str != null && !str.equals(this.r) && !str.equals(this.u)) {
                        String str3 = this.r;
                        String str4 = str;
                        this.r = str4;
                        this.u = str4;
                        transferClientLoginData(httpServletRequest, null);
                        a = this.q.getProperty("username");
                        if (a == null) {
                            this.r = str3;
                        }
                    }
                }
            } catch (Throwable th) {
            }
        }
        return a;
    }

    public boolean supportsRoles() {
        return true;
    }

    public boolean isWebUserInRole(String str) {
        String property = this.q.getProperty(str);
        if (property == null && (this.r != null || this.s != null)) {
            n.add(str);
            try {
                a((HttpURLConnection) this.o.openConnection());
                property = this.q.getProperty(str);
            } catch (Exception e) {
                LOGGER.error(e);
                return false;
            }
        }
        if (property == null) {
            return false;
        }
        if ("true".equalsIgnoreCase(property)) {
            return true;
        }
        try {
            return Integer.parseInt(property) != 0;
        } catch (Throwable th) {
            return false;
        }
    }

    public void requestLoginData(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpURLConnection[] httpURLConnectionArr = new HttpURLConnection[1];
        boolean z = a() != null;
        try {
            a(httpURLConnectionArr);
        } catch (b e) {
            if (!"java2".equals(httpServletRequest.getParameter("viewer"))) {
                try {
                    e.a(this, httpServletRequest, httpServletResponse, z);
                    return;
                } catch (IOException e2) {
                    a(e2, httpServletRequest, httpServletResponse);
                    return;
                }
            }
            if (httpServletResponse != null) {
                try {
                    httpServletResponse.setStatus(403);
                    httpServletResponse.setContentType("text/html");
                    byte[] bytes = "<html><head><title>Unauthorized</title></head><body><h1>403 Forbidden (External formular authentication required)</h1><p>You are not allowed to access this content. Please log in again.</p></body></html>".getBytes("UTF-8");
                    httpServletResponse.setContentLength(bytes.length);
                    ServletOutputStream outputStream = httpServletResponse.getOutputStream();
                    outputStream.write(bytes);
                    outputStream.flush();
                } catch (IOException e3) {
                    LOGGER.error(e3);
                }
            }
        } catch (InvalidPropertiesFormatException e4) {
            a(e4, httpServletRequest, httpServletResponse);
        } catch (IOException e5) {
            try {
                a(httpURLConnectionArr[0], httpServletResponse);
            } catch (IOException e6) {
                a(e6, httpServletRequest, httpServletResponse);
            }
        } catch (Throwable th) {
            a(th, httpServletRequest, httpServletResponse);
        }
    }

    public void a(HttpURLConnection[] httpURLConnectionArr) throws IOException, b {
        this.r = null;
        this.s = null;
        httpURLConnectionArr[0] = (HttpURLConnection) this.o.openConnection();
        a(httpURLConnectionArr[0]);
        this.q.clear();
        this.r = null;
        this.s = null;
        if (!this.o.getPath().endsWith("/LoginServlet")) {
            throw new IllegalStateException("The login script \"" + String.valueOf(this.o) + "\" does not request login information (no HTTP status code 401).");
        }
        throw new IllegalStateException("The LoginServlet does not request login information (no HTTP status code 401). The current request requires a login. You need to set a login script or change the deployment configuration of the LoginServlet.");
    }

    private static void a(Throwable th, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        LOGGER.error(th);
        ServletErrorHandler.sendErrorPage(httpServletRequest, httpServletResponse, th);
    }

    public static void a(HttpURLConnection httpURLConnection, boolean z) throws IOException {
        if (z) {
            TrustAllTrustManager.trustAllCerticates(httpURLConnection, false);
        }
    }

    private void a(HttpURLConnection httpURLConnection, HttpServletResponse httpServletResponse) throws IOException {
        this.r = b(httpURLConnection);
        for (String str : httpURLConnection.getHeaderFields().keySet()) {
            if ("WWW-Authenticate".equalsIgnoreCase(str) || "Content-Type".equalsIgnoreCase(str) || "Content-Language".equalsIgnoreCase(str)) {
                httpServletResponse.setHeader(str, httpURLConnection.getHeaderField(str));
                if (LOGGER.isDebug()) {
                    LOGGER.debug(str + "=" + httpURLConnection.getHeaderField(str));
                }
            }
        }
        ServletOutputStream outputStream = httpServletResponse.getOutputStream();
        InputStream errorStream = httpURLConnection.getErrorStream();
        if (errorStream == null || errorStream.available() <= 0) {
            httpServletResponse.setStatus(httpURLConnection.getResponseCode());
            return;
        }
        while (httpServletResponse instanceof HttpServletResponseWrapper) {
            httpServletResponse = (HttpServletResponse) ((HttpServletResponseWrapper) httpServletResponse).getResponse();
        }
        httpServletResponse.setStatus(httpURLConnection.getResponseCode());
        IOFunctions.copyData(errorStream, outputStream);
    }

    public boolean transferClientLoginData(HttpServletRequest httpServletRequest, @Nullable HttpServletResponse httpServletResponse) {
        if (this.t != null || getLoginID() != null) {
            return true;
        }
        try {
            HttpURLConnection httpURLConnection = (HttpURLConnection) this.o.openConnection();
            this.s = httpServletRequest.getHeader("Authorization");
            if (this.s == null && this.r == null) {
                return true;
            }
            a(httpURLConnection);
            return true;
        } catch (Exception e) {
            return true;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:39:0x016d  */
    /* JADX WARN: Removed duplicated region for block: B:41:? A[RETURN, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean transferFormLoginData(jakarta.servlet.http.HttpServletRequest r7, jakarta.servlet.http.HttpServletResponse r8) {
        /*
            Method dump skipped, instructions count: 407
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.inet.authentication.script.d.transferFormLoginData(jakarta.servlet.http.HttpServletRequest, jakarta.servlet.http.HttpServletResponse):boolean");
    }

    public boolean supportsFormLogin() {
        return this.t != null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(String str) throws MalformedURLException {
        this.t = new URL(this.o, str);
    }

    private void a(HttpURLConnection httpURLConnection) throws IOException, b {
        this.q.clear();
        a(httpURLConnection, this.p);
        httpURLConnection.setAllowUserInteraction(false);
        if (this.r != null) {
            httpURLConnection.setRequestProperty("Cookie", this.r);
        } else if (this.s != null) {
            httpURLConnection.setRequestProperty("Authorization", this.s);
        }
        httpURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
        if (n.size() > 0) {
            httpURLConnection.setDoOutput(true);
            UTF8StreamWriter uTF8StreamWriter = new UTF8StreamWriter(httpURLConnection.getOutputStream());
            Iterator<String> it = n.iterator();
            while (it.hasNext()) {
                uTF8StreamWriter.append(URLEncoder.encode(it.next(), "UTF8"));
                uTF8StreamWriter.append("=&");
            }
            uTF8StreamWriter.close();
        }
        InputStream inputStream = httpURLConnection.getInputStream();
        byte[] readBytes = IOFunctions.readBytes(inputStream);
        inputStream.close();
        String b = b(httpURLConnection);
        if (b != null) {
            this.r = b;
        }
        try {
            this.q.loadFromXML(new ByteArrayInputStream(readBytes));
        } catch (InvalidPropertiesFormatException e) {
            b.a(readBytes, httpURLConnection.getContentType());
            LOGGER.error(e);
            throw e;
        }
    }

    @Nullable
    private static String b(@Nonnull HttpURLConnection httpURLConnection) {
        String headerField = httpURLConnection.getHeaderField("Set-Cookie");
        if (headerField == null) {
            return null;
        }
        try {
            String str = null;
            for (HttpCookie httpCookie : HttpCookie.parse(headerField)) {
                String str2 = httpCookie.getName() + "=" + httpCookie.getValue();
                str = str == null ? str2 : str + ";" + str2;
            }
            return str;
        } catch (Exception e) {
            return null;
        }
    }
}
