package org.jahia.bin;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.jahia.params.valves.LoginEngineAuthValveImpl;
import org.jahia.services.categories.Category;
import org.jahia.services.content.JCRSessionFactory;
import org.jahia.settings.SettingsBean;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.Controller;

/* loaded from: input_file:org/jahia/bin/Login.class */
public class Login implements Controller {
    private static final String CONTROLLER_MAPPING = "/login";

    public static String getMapping() {
        return CONTROLLER_MAPPING;
    }

    public static String getServletPath() {
        return "/cms/login";
    }

    protected String getRedirectUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return httpServletResponse.encodeRedirectURL(StringUtils.defaultIfEmpty(httpServletRequest.getParameter("redirect"), httpServletRequest.getContextPath() + "/welcome"));
    }

    public ModelAndView handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        String parameter;
        boolean booleanValue = Boolean.valueOf(httpServletRequest.getParameter("restMode")).booleanValue();
        boolean z = !booleanValue;
        if (z && (parameter = httpServletRequest.getParameter("redirectActive")) != null) {
            z = Boolean.parseBoolean(parameter);
        }
        String str = (String) httpServletRequest.getAttribute(LoginEngineAuthValveImpl.VALVE_RESULT);
        if (LoginEngineAuthValveImpl.OK.equals(str)) {
            JCRSessionFactory.getInstance().getCurrentUserSession();
            if (z && isAuthorizedRedirect(httpServletRequest, httpServletRequest.getParameter("redirect"), true)) {
                httpServletResponse.sendRedirect(getRedirectUrl(httpServletRequest, httpServletResponse));
                return null;
            }
            httpServletResponse.getWriter().append((CharSequence) "OK");
            return null;
        }
        if (booleanValue) {
            httpServletResponse.getWriter().append((CharSequence) "unauthorized");
            return null;
        }
        String parameter2 = httpServletRequest.getParameter("failureRedirect");
        if (!isAuthorizedRedirect(httpServletRequest, parameter2, false)) {
            if (httpServletRequest.getParameter("redirect") != null) {
                httpServletRequest.setAttribute("javax.servlet.error.request_uri", httpServletRequest.getParameter("redirect"));
            }
            httpServletRequest.getRequestDispatcher("/errors/error_401.jsp").forward(httpServletRequest, httpServletResponse);
            return null;
        }
        if (LoginEngineAuthValveImpl.BAD_PASSWORD.equals(str)) {
            str = LoginEngineAuthValveImpl.UNKNOWN_USER;
        }
        StringBuilder sb = new StringBuilder(64);
        sb.append(parameter2);
        if (parameter2.indexOf(63) == -1) {
            sb.append("?loginError=").append(str);
        } else if (parameter2.indexOf("?loginError=") == -1 && parameter2.indexOf("&loginError=") == -1) {
            sb.append("&loginError=").append(str);
        }
        httpServletResponse.sendRedirect(sb.toString());
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static boolean isAuthorizedRedirect(HttpServletRequest httpServletRequest, String str, boolean z) {
        if (str == null) {
            return z;
        }
        if (!str.contains("://")) {
            int indexOf = str.indexOf(":");
            int indexOf2 = str.indexOf(Category.PATH_DELIMITER);
            if (indexOf >= 0) {
                return indexOf2 >= 0 && indexOf >= indexOf2;
            }
            return true;
        }
        if (!str.startsWith("http://") && !str.startsWith("https://")) {
            return false;
        }
        String substringAfter = StringUtils.substringAfter(str, "://");
        if (substringAfter.startsWith(StringUtils.substringAfter(StringUtils.removeEnd(httpServletRequest.getRequestURL().toString(), httpServletRequest.getRequestURI()), "://"))) {
            return true;
        }
        for (String str2 : SettingsBean.getInstance().getAuthorizedRedirectHosts()) {
            if (substringAfter.startsWith(str2)) {
                return true;
            }
        }
        return false;
    }
}
