package com.inet.authentication;

import com.inet.authentication.base.LoginManager;
import com.inet.authentication.base.TwoFactorManager;
import com.inet.authentication.stayloggedin.StayLoggedInHandler;
import com.inet.http.PluginServlet;
import com.inet.http.error.ServletErrorHandler;
import com.inet.id.GUID;
import com.inet.plugin.ServerPluginManager;
import com.inet.shared.servlet.ServletUtils;
import com.inet.usersandgroups.api.user.BaseUserManager;
import java.io.IOException;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.annotation.SuppressFBWarnings;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/inet/authentication/FormLoginServlet.class */
public class FormLoginServlet extends HttpServlet implements PluginServlet {
    private static TwoFactorManager a;

    @Override // com.inet.http.PluginServlet
    @Nonnull
    public String getPathSpec() {
        return "/formlogin";
    }

    @Override // com.inet.http.PluginServlet
    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        a = (TwoFactorManager) ServerPluginManager.getInstance().getOptionalInstance(TwoFactorManager.class);
    }

    @Override // com.inet.http.PluginServlet
    @SuppressFBWarnings(value = {"UNVALIDATED_REDIRECT"}, justification = "Validation occur in ServletUtils.createRedirectURL")
    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String requestPage = ServletUtils.getRequestPage(httpServletRequest);
        if (requestPage == null) {
            ServletErrorHandler.sendErrorPage(httpServletRequest, httpServletResponse, new ServletException("Do not call this URL directly."));
            return;
        }
        Object attribute = httpServletRequest.getSession(true).getAttribute(LoginManager.WEB_USER_INFO);
        if (!(attribute instanceof RemoteLoginProcessor) || !((RemoteLoginProcessor) attribute).supportsFormLogin()) {
            ServletErrorHandler.sendErrorPage(httpServletRequest, httpServletResponse, new ServletException("Session lost. You need to enable cookies."));
            return;
        }
        RemoteLoginProcessor remoteLoginProcessor = (RemoteLoginProcessor) attribute;
        if (remoteLoginProcessor.transferFormLoginData(httpServletRequest, httpServletResponse)) {
            getUserAccountIDInternal(remoteLoginProcessor, httpServletRequest, httpServletResponse);
            int indexOf = requestPage.indexOf(63);
            if (indexOf > 0) {
                final String substring = requestPage.substring(indexOf + 1);
                requestPage = requestPage.substring(0, indexOf);
                httpServletRequest = new HttpServletRequestWrapper(httpServletRequest) { // from class: com.inet.authentication.FormLoginServlet.1
                    public String getQueryString() {
                        return substring;
                    }
                };
            }
            httpServletResponse.sendRedirect(ServletUtils.createRedirectURL(httpServletRequest, requestPage));
        }
    }

    public static GUID getUserAccountIDInternal(@Nonnull LoginProcessor loginProcessor, @Nullable HttpServletRequest httpServletRequest, @Nullable HttpServletResponse httpServletResponse) {
        return loginProcessor.a(userAccount -> {
            if (httpServletRequest == null || httpServletResponse == null || loginProcessor.getClass() == BaseUserManager.NonSessionLoginProcessor.class) {
                return true;
            }
            if (a != null && !a.check(userAccount, httpServletRequest, httpServletResponse)) {
                return false;
            }
            AuthenticationDescription authenticationDescription = loginProcessor.getAuthenticationDescription();
            String name = authenticationDescription != null ? authenticationDescription.getName() : loginProcessor.getLoginSource();
            if (name == null) {
                return true;
            }
            StayLoggedInHandler.handleCookie(name, httpServletRequest, httpServletResponse, true);
            return true;
        });
    }
}
