package org.securityfilter.authenticator;

import java.security.Principal;
import javax.security.auth.login.FailedLoginException;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.securityfilter.filter.SecurityRequestWrapper;
import org.securityfilter.filter.URLPatternMatcher;
import org.securityfilter.realm.FlexibleRealmInterface;

/* loaded from: input_file:WEB-INF/lib/securityfilter-b3p-5.0.1.jar:org/securityfilter/authenticator/ExtendedFormAuthenticator.class */
public class ExtendedFormAuthenticator extends FormAuthenticator {
    @Override // org.securityfilter.authenticator.FormAuthenticator, org.securityfilter.authenticator.Authenticator
    public boolean processLogin(SecurityRequestWrapper securityRequestWrapper, HttpServletResponse httpServletResponse) throws Exception {
        if (securityRequestWrapper.getRemoteUser() == null && this.persistentLoginManager != null && this.persistentLoginManager.rememberingLogin(securityRequestWrapper)) {
            Principal authenticate = this.realm.authenticate(this.persistentLoginManager.getRememberedUsername(securityRequestWrapper, httpServletResponse), this.persistentLoginManager.getRememberedPassword(securityRequestWrapper, httpServletResponse));
            if (authenticate != null) {
                securityRequestWrapper.setUserPrincipal(authenticate);
            } else {
                this.persistentLoginManager.forgetLogin(securityRequestWrapper, httpServletResponse);
            }
        }
        if (!securityRequestWrapper.getMatchableURL().endsWith(this.loginSubmitPattern)) {
            return false;
        }
        HttpSession session = securityRequestWrapper.getSession();
        String parameter = securityRequestWrapper.getParameter("j_username");
        session.setAttribute("j_username", parameter);
        session.removeAttribute("j_exception");
        String parameter2 = securityRequestWrapper.getParameter("j_password");
        try {
            Principal authenticate2 = this.realm instanceof FlexibleRealmInterface ? ((FlexibleRealmInterface) this.realm).authenticate(securityRequestWrapper) : this.realm.authenticate(parameter, parameter2);
            if (authenticate2 == null) {
                throw new FailedLoginException();
            }
            String continueToURL = getContinueToURL(securityRequestWrapper);
            if (securityRequestWrapper.getUserPrincipal() != null && false == securityRequestWrapper.getUserPrincipal().equals(authenticate2)) {
                securityRequestWrapper.getSession().invalidate();
            }
            if (this.persistentLoginManager != null && parameter != null && parameter2 != null) {
                if (securityRequestWrapper.getParameter("j_rememberme") != null) {
                    this.persistentLoginManager.rememberLogin(securityRequestWrapper, httpServletResponse, parameter, parameter2);
                } else {
                    this.persistentLoginManager.forgetLogin(securityRequestWrapper, httpServletResponse);
                }
            }
            securityRequestWrapper.setUserPrincipal(authenticate2);
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(continueToURL));
            return true;
        } catch (Exception e) {
            session.setAttribute("j_exception", e);
            securityRequestWrapper.getRequestDispatcher(this.errorPage).forward(securityRequestWrapper, httpServletResponse);
            return true;
        }
    }

    @Override // org.securityfilter.authenticator.FormAuthenticator, org.securityfilter.authenticator.Authenticator
    public boolean processLogout(SecurityRequestWrapper securityRequestWrapper, HttpServletResponse httpServletResponse, URLPatternMatcher uRLPatternMatcher) throws Exception {
        HttpSession session = securityRequestWrapper.getSession();
        session.removeAttribute("j_username");
        session.removeAttribute("j_exception");
        return super.processLogout(securityRequestWrapper, httpServletResponse, uRLPatternMatcher);
    }

    @Override // org.securityfilter.authenticator.FormAuthenticator, org.securityfilter.authenticator.Authenticator
    public String getAuthMethod() {
        return "EXTENDED_FORM";
    }
}
