package nl.knowledgeplaza.securityfilter;

import java.io.IOException;
import java.security.Principal;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import nl.knowledgeplaza.servlets.ServletUtil;
import nl.knowledgeplaza.util.ConfigurationProperties;
import nl.knowledgeplaza.util.ExceptionUtil;
import nl.knowledgeplaza.util.StringUtil;
import org.apache.log4j.Logger;
import org.apache.log4j.spi.LocationInfo;

/* loaded from: input_file:WEB-INF/lib/KpSecurityFilter-1.30.jar:nl/knowledgeplaza/securityfilter/SecurityInterfaceForm.class */
public class SecurityInterfaceForm extends SecurityInterface {
    public static final String SOURCECODE_VERSION = "$Revision: 1.10 $";
    static Logger log4j = Logger.getLogger(SecurityInterfaceForm.class.getName());
    private String iLoginPage;
    private String iReloginPage;
    private String iOnAuthenticationFailed;
    private String iOnReloginFailed;
    private String iOnSubmitError;
    private boolean iRedirect;
    private Map iHostMap = new HashMap();

    public SecurityInterfaceForm(ConfigurationProperties configurationProperties, SecurityFilter securityFilter) throws ServletException {
        this.iLoginPage = null;
        this.iReloginPage = null;
        this.iOnAuthenticationFailed = null;
        this.iOnReloginFailed = null;
        this.iOnSubmitError = null;
        this.iRedirect = false;
        this.iLoginPage = configurationProperties.get2(this, "LoginPage");
        if (this.iLoginPage == null) {
            this.iLoginPage = configurationProperties.get2(securityFilter, "LoginPage");
        }
        if (this.iLoginPage == null) {
            this.iLoginPage = "/login.jsp";
        }
        if (log4j.isDebugEnabled()) {
            log4j.debug("LoginPage=" + this.iLoginPage);
        }
        this.iReloginPage = configurationProperties.get2(this, "ReloginPage");
        if (this.iReloginPage == null) {
            this.iReloginPage = configurationProperties.get2(securityFilter, "ReloginPage");
        }
        if (this.iReloginPage == null) {
            this.iReloginPage = this.iLoginPage;
        }
        if (log4j.isDebugEnabled()) {
            log4j.debug("ReloginPage=" + this.iReloginPage);
        }
        this.iOnAuthenticationFailed = configurationProperties.get2(this, "OnAuthenticationFailed");
        if (this.iOnAuthenticationFailed == null) {
            this.iOnAuthenticationFailed = configurationProperties.get2(securityFilter, "OnAuthenticationFailed");
        }
        if (log4j.isDebugEnabled()) {
            log4j.debug("OnAuthenticationFailed=" + this.iOnAuthenticationFailed);
        }
        this.iOnReloginFailed = configurationProperties.get2(this, "OnReloginFailed");
        if (this.iOnReloginFailed == null) {
            this.iOnReloginFailed = configurationProperties.get2(securityFilter, "OnReloginFailed");
        }
        if (this.iOnReloginFailed == null) {
            this.iOnReloginFailed = this.iOnAuthenticationFailed;
        }
        if (log4j.isDebugEnabled()) {
            log4j.debug("OnReloginFailed=" + this.iOnReloginFailed);
        }
        this.iOnSubmitError = configurationProperties.get2(this, "OnSubmitError");
        if (this.iOnSubmitError == null) {
            this.iOnSubmitError = configurationProperties.get2(securityFilter, "OnSubmitError");
        }
        if (log4j.isDebugEnabled()) {
            log4j.debug("OnSubmitError=" + this.iOnSubmitError);
        }
        this.iRedirect = StringUtil.equalsTrueInSomeForm(configurationProperties.get2(this, "Redirect"));
        if (log4j.isDebugEnabled()) {
            log4j.debug("Redirect=" + this.iRedirect);
        }
        int i = 0;
        try {
            String str = configurationProperties.get2(this, "hostmap");
            if (str != null && str.length() > 0) {
                i = Integer.parseInt(str);
            }
        } catch (NumberFormatException e) {
            log4j.error(ExceptionUtil.getStacktrace(e));
        }
        for (int i2 = 1; i2 <= i; i2++) {
            this.iHostMap.put(configurationProperties.get2(this, "hostmap" + i2 + ".from"), configurationProperties.get2(this, "hostmap" + i2 + ".to"));
        }
        if (log4j.isDebugEnabled()) {
            log4j.debug("HostMap=" + this.iHostMap);
        }
    }

    @Override // nl.knowledgeplaza.securityfilter.SecurityInterface
    public Principal authenticate(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Principal principal) throws ServletException {
        String str;
        try {
            HttpSession session = httpServletRequest.getSession();
            if (log4j.isDebugEnabled()) {
                log4j.debug("Is this request a FORM login?");
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("Saved request present: " + (session.getAttribute(SecurityFilter.SESSIONATTRIBUTE_SAVEDREQUEST) == null ? "no" : "yes"));
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("Method=" + httpServletRequest.getMethod());
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("URL: " + ((Object) httpServletRequest.getRequestURL()) + " == " + (session.getAttribute(SecurityFilter.SESSIONATTRIBUTE_SAVEDREQUEST) == null ? "<no session>" : ((SavedRequest) session.getAttribute(SecurityFilter.SESSIONATTRIBUTE_SAVEDREQUEST)).getURL().toString()));
            }
            if (session.getAttribute(SecurityFilter.SESSIONATTRIBUTE_SAVEDREQUEST) != null && "post".equalsIgnoreCase(httpServletRequest.getMethod()) && httpServletRequest.getRequestURL().toString().equals(((SavedRequest) session.getAttribute(SecurityFilter.SESSIONATTRIBUTE_SAVEDREQUEST)).getURL())) {
                if (log4j.isDebugEnabled()) {
                    log4j.debug("FORM LOGIN!");
                }
                try {
                    return doProcessLogin(securityFilter, httpServletRequest, httpServletResponse);
                } catch (IOException e) {
                    throw new ServletException(e);
                }
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("Is this request a forward to FORM login?");
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("Saved request present: " + (session.getAttribute(SecurityFilter.SESSIONATTRIBUTE_SAVEDREQUEST) == null ? "no" : "yes"));
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("Method=" + httpServletRequest.getMethod());
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("URL: " + ((Object) httpServletRequest.getRequestURL()) + " must end with " + this.iLoginPage);
            }
            if (session.getAttribute(SecurityFilter.SESSIONATTRIBUTE_SAVEDREQUEST) != null && "get".equalsIgnoreCase(httpServletRequest.getMethod()) && httpServletRequest.getRequestURL().toString().endsWith(this.iLoginPage)) {
                if (log4j.isDebugEnabled()) {
                    log4j.debug("FORWARD TO LOGIN FORM!");
                }
                if (log4j.isDebugEnabled()) {
                    log4j.debug("we are logging in using a login.jsp, continue to that page...");
                }
                return SecurityFilter.ALLOW_REQUEST_WITHOUT_AUTHENTICATION;
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("FORM AUTHENTICATION!");
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("persisting request in session under " + SecurityFilter.SESSIONATTRIBUTE_SAVEDREQUEST);
            }
            SavedRequest savedRequest = new SavedRequest(httpServletRequest);
            savedRequest.addAdditionalParameter("ddservletSkipIpCheck", "yes");
            session.setAttribute(SecurityFilter.SESSIONATTRIBUTE_SAVEDREQUEST, savedRequest);
            try {
                if (httpServletRequest.getUserPrincipal() == null) {
                    if (log4j.isDebugEnabled()) {
                        log4j.debug("This is a regular login");
                    }
                    str = this.iLoginPage;
                } else {
                    if (log4j.isDebugEnabled()) {
                        log4j.debug("This is a relogin");
                    }
                    str = this.iReloginPage;
                }
                if (log4j.isDebugEnabled()) {
                    log4j.debug("forwarding to " + str);
                }
                ServletUtil.setNoCache(httpServletResponse);
                httpServletRequest.getRequestDispatcher(str).forward(httpServletRequest, httpServletResponse);
                return SecurityFilter.AUTHENTICATION_IN_PROGRESS;
            } catch (IOException e2) {
                throw new ServletException(e2);
            }
        } catch (RuntimeException e3) {
            log4j.error(ExceptionUtil.describe(e3));
            throw e3;
        }
        log4j.error(ExceptionUtil.describe(e3));
        throw e3;
    }

    private Principal doProcessLogin(SecurityFilter securityFilter, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        HttpSession session = httpServletRequest.getSession();
        if (session == null) {
            throw new ServletException("SecurityFilterLoginServlet didn't find a session");
        }
        SavedRequest savedRequest = (SavedRequest) session.getAttribute(SecurityFilter.SESSIONATTRIBUTE_SAVEDREQUEST);
        if (savedRequest == null) {
            throw new ServletException("SecurityFilterLoginServlet didn't find a saved request");
        }
        String parameter = httpServletRequest.getParameter("username");
        String parameter2 = httpServletRequest.getParameter("credentials");
        String parameter3 = httpServletRequest.getParameter("context");
        if (log4j.isDebugEnabled()) {
            log4j.debug("username = " + parameter + (parameter3 == null ? "" : ", context = " + parameter3));
        }
        if (parameter == null || parameter2 == null) {
            log4j.warn("Improper data submitted");
            try {
                if (log4j.isDebugEnabled()) {
                    log4j.debug("forwarding to " + this.iOnSubmitError);
                }
                httpServletRequest.getRequestDispatcher(this.iOnSubmitError).forward(httpServletRequest, httpServletResponse);
                return SecurityFilter.AUTHENTICATION_IN_PROGRESS;
            } catch (IOException e) {
                throw new ServletException(e);
            }
        }
        Principal userPrincipal = httpServletRequest.getUserPrincipal();
        if (userPrincipal != null) {
            if (log4j.isDebugEnabled()) {
                log4j.debug("This is a relogin for " + userPrincipal.getName());
            }
            if (!userPrincipal.getName().equals(parameter)) {
                securityFilter.writeToAccesLog(httpServletRequest, parameter, "login failed - relogin not for same user");
                if (log4j.isDebugEnabled()) {
                    log4j.debug("Relogin is not for the same user");
                }
                try {
                    if (this.iOnReloginFailed != null) {
                        if (log4j.isDebugEnabled()) {
                            log4j.debug("forwarding to " + this.iOnReloginFailed);
                        }
                        httpServletRequest.getRequestDispatcher(this.iOnReloginFailed).forward(httpServletRequest, httpServletResponse);
                        return SecurityFilter.AUTHENTICATION_IN_PROGRESS;
                    }
                    if (log4j.isDebugEnabled()) {
                        log4j.debug("'on relogin failed' not set in the configuration, going to self");
                    }
                    String str = "" + httpServletRequest.getContextPath() + httpServletRequest.getServletPath() + LocationInfo.NA + httpServletRequest.getQueryString();
                    if (log4j.isDebugEnabled()) {
                        log4j.debug("redirecting to " + str);
                    }
                    httpServletResponse.sendRedirect(str);
                    return SecurityFilter.AUTHENTICATION_IN_PROGRESS;
                } catch (IOException e2) {
                    throw new ServletException(e2);
                }
            }
        }
        session.removeAttribute(SecurityFilter.SESSIONATTRIBUTE_REASON);
        Principal authenticate = securityFilter.authenticate(httpServletRequest, parameter, parameter2, parameter3);
        if (log4j.isDebugEnabled()) {
            log4j.debug("Authenticated as " + authenticate);
        }
        if (authenticate != null) {
            if (log4j.isDebugEnabled()) {
                log4j.debug("Removing saved request from session");
            }
            session.removeAttribute(SecurityFilter.SESSIONATTRIBUTE_SAVEDREQUEST);
            SecurityFilter.storePrincipal(session, authenticate);
            securityFilter.writeToAccesLog(httpServletRequest, authenticate.getName(), "login succeeded");
            SecurityFilter.updateTimestamp(session);
            if (this.iRedirect) {
                if (log4j.isDebugEnabled()) {
                    log4j.debug("Redirecting to the orginal (prelogin) request...");
                }
                savedRequest.redirect(httpServletRequest, httpServletResponse);
            } else {
                if (log4j.isDebugEnabled()) {
                    log4j.debug("Sending the orginal (prelogin) request...");
                }
                savedRequest.repostRequest(httpServletResponse, this.iHostMap);
            }
            return SecurityFilter.AUTHENTICATION_IN_PROGRESS;
        }
        securityFilter.writeToAccesLog(httpServletRequest, parameter, "login failed");
        if (log4j.isDebugEnabled()) {
            log4j.debug("Authentication failed");
        }
        try {
            if (this.iOnAuthenticationFailed != null) {
                if (log4j.isDebugEnabled()) {
                    log4j.debug("forwarding to " + this.iOnAuthenticationFailed);
                }
                httpServletRequest.getRequestDispatcher(this.iOnAuthenticationFailed).forward(httpServletRequest, httpServletResponse);
                return SecurityFilter.AUTHENTICATION_IN_PROGRESS;
            }
            if (log4j.isDebugEnabled()) {
                log4j.debug("'on authentication failed' not set in the configuration, going to self");
            }
            String str2 = "" + httpServletRequest.getContextPath() + httpServletRequest.getServletPath() + LocationInfo.NA + httpServletRequest.getQueryString();
            if (log4j.isDebugEnabled()) {
                log4j.debug("redirecting to " + str2);
            }
            httpServletResponse.sendRedirect(str2);
            return SecurityFilter.AUTHENTICATION_IN_PROGRESS;
        } catch (IOException e3) {
            throw new ServletException(e3);
        }
    }
}
