package org.springframework.security.web.authentication.ui;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Collections;
import java.util.Map;
import java.util.function.Function;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.eclipse.jetty.http.MimeTypes;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.WebAttributes;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
import org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler;
import org.springframework.util.Assert;
import org.springframework.web.filter.GenericFilterBean;
import org.springframework.web.util.HtmlUtils;

/* loaded from: input_file:org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.class */
public class DefaultLoginPageGeneratingFilter extends GenericFilterBean {
    public static final String DEFAULT_LOGIN_PAGE_URL = "/login";
    public static final String ERROR_PARAMETER_NAME = "error";
    private String loginPageUrl;
    private String logoutSuccessUrl;
    private String failureUrl;
    private boolean formLoginEnabled;
    private boolean openIdEnabled;
    private boolean oauth2LoginEnabled;
    private boolean saml2LoginEnabled;
    private String authenticationUrl;
    private String usernameParameter;
    private String passwordParameter;
    private String rememberMeParameter;
    private String openIDauthenticationUrl;
    private String openIDusernameParameter;
    private String openIDrememberMeParameter;
    private Map<String, String> oauth2AuthenticationUrlToClientName;
    private Map<String, String> saml2AuthenticationUrlToProviderName;
    private Function<HttpServletRequest, Map<String, String>> resolveHiddenInputs = httpServletRequest -> {
        return Collections.emptyMap();
    };

    public DefaultLoginPageGeneratingFilter() {
    }

    public DefaultLoginPageGeneratingFilter(AbstractAuthenticationProcessingFilter abstractAuthenticationProcessingFilter) {
        if (abstractAuthenticationProcessingFilter instanceof UsernamePasswordAuthenticationFilter) {
            init((UsernamePasswordAuthenticationFilter) abstractAuthenticationProcessingFilter, null);
        } else {
            init(null, abstractAuthenticationProcessingFilter);
        }
    }

    public DefaultLoginPageGeneratingFilter(UsernamePasswordAuthenticationFilter usernamePasswordAuthenticationFilter, AbstractAuthenticationProcessingFilter abstractAuthenticationProcessingFilter) {
        init(usernamePasswordAuthenticationFilter, abstractAuthenticationProcessingFilter);
    }

    private void init(UsernamePasswordAuthenticationFilter usernamePasswordAuthenticationFilter, AbstractAuthenticationProcessingFilter abstractAuthenticationProcessingFilter) {
        this.loginPageUrl = DEFAULT_LOGIN_PAGE_URL;
        this.logoutSuccessUrl = RedirectServerLogoutSuccessHandler.DEFAULT_LOGOUT_SUCCESS_URL;
        this.failureUrl = "/login?error";
        if (usernamePasswordAuthenticationFilter != null) {
            this.formLoginEnabled = true;
            this.usernameParameter = usernamePasswordAuthenticationFilter.getUsernameParameter();
            this.passwordParameter = usernamePasswordAuthenticationFilter.getPasswordParameter();
            if (usernamePasswordAuthenticationFilter.getRememberMeServices() instanceof AbstractRememberMeServices) {
                this.rememberMeParameter = ((AbstractRememberMeServices) usernamePasswordAuthenticationFilter.getRememberMeServices()).getParameter();
            }
        }
        if (abstractAuthenticationProcessingFilter != null) {
            this.openIdEnabled = true;
            this.openIDusernameParameter = "openid_identifier";
            if (abstractAuthenticationProcessingFilter.getRememberMeServices() instanceof AbstractRememberMeServices) {
                this.openIDrememberMeParameter = ((AbstractRememberMeServices) abstractAuthenticationProcessingFilter.getRememberMeServices()).getParameter();
            }
        }
    }

    public void setResolveHiddenInputs(Function<HttpServletRequest, Map<String, String>> function) {
        Assert.notNull(function, "resolveHiddenInputs cannot be null");
        this.resolveHiddenInputs = function;
    }

    public boolean isEnabled() {
        return this.formLoginEnabled || this.openIdEnabled || this.oauth2LoginEnabled || this.saml2LoginEnabled;
    }

    public void setLogoutSuccessUrl(String str) {
        this.logoutSuccessUrl = str;
    }

    public String getLoginPageUrl() {
        return this.loginPageUrl;
    }

    public void setLoginPageUrl(String str) {
        this.loginPageUrl = str;
    }

    public void setFailureUrl(String str) {
        this.failureUrl = str;
    }

    public void setFormLoginEnabled(boolean z) {
        this.formLoginEnabled = z;
    }

    public void setOpenIdEnabled(boolean z) {
        this.openIdEnabled = z;
    }

    public void setOauth2LoginEnabled(boolean z) {
        this.oauth2LoginEnabled = z;
    }

    public void setSaml2LoginEnabled(boolean z) {
        this.saml2LoginEnabled = z;
    }

    public void setAuthenticationUrl(String str) {
        this.authenticationUrl = str;
    }

    public void setUsernameParameter(String str) {
        this.usernameParameter = str;
    }

    public void setPasswordParameter(String str) {
        this.passwordParameter = str;
    }

    public void setRememberMeParameter(String str) {
        this.rememberMeParameter = str;
        this.openIDrememberMeParameter = str;
    }

    public void setOpenIDauthenticationUrl(String str) {
        this.openIDauthenticationUrl = str;
    }

    public void setOpenIDusernameParameter(String str) {
        this.openIDusernameParameter = str;
    }

    public void setOauth2AuthenticationUrlToClientName(Map<String, String> map) {
        this.oauth2AuthenticationUrlToClientName = map;
    }

    public void setSaml2AuthenticationUrlToProviderName(Map<String, String> map) {
        this.saml2AuthenticationUrlToProviderName = map;
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        boolean isErrorPage = isErrorPage(httpServletRequest);
        boolean isLogoutSuccess = isLogoutSuccess(httpServletRequest);
        if (!isLoginUrlRequest(httpServletRequest) && !isErrorPage && !isLogoutSuccess) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        String generateLoginPageHtml = generateLoginPageHtml(httpServletRequest, isErrorPage, isLogoutSuccess);
        httpServletResponse.setContentType(MimeTypes.TEXT_HTML_UTF_8);
        httpServletResponse.setContentLength(generateLoginPageHtml.getBytes(StandardCharsets.UTF_8).length);
        httpServletResponse.getWriter().write(generateLoginPageHtml);
    }

    private String generateLoginPageHtml(HttpServletRequest httpServletRequest, boolean z, boolean z2) {
        HttpSession session;
        String str = "Invalid credentials";
        if (z && (session = httpServletRequest.getSession(false)) != null) {
            AuthenticationException authenticationException = (AuthenticationException) session.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
            str = authenticationException != null ? authenticationException.getMessage() : "Invalid credentials";
        }
        StringBuilder sb = new StringBuilder();
        sb.append("<!DOCTYPE html>\n<html lang=\"en\">\n  <head>\n    <meta charset=\"utf-8\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1, shrink-to-fit=no\">\n    <meta name=\"description\" content=\"\">\n    <meta name=\"author\" content=\"\">\n    <title>Please sign in</title>\n    <link href=\"https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/bootstrap.min.css\" rel=\"stylesheet\" integrity=\"sha384-/Y6pD6FV/Vv2HJnA6t+vslU6fwYXjCFtcEpHbNJ0lyAFsXTsjBbfaDjzALeQsN6M\" crossorigin=\"anonymous\">\n    <link href=\"https://getbootstrap.com/docs/4.0/examples/signin/signin.css\" rel=\"stylesheet\" crossorigin=\"anonymous\"/>\n  </head>\n  <body>\n     <div class=\"container\">\n");
        String contextPath = httpServletRequest.getContextPath();
        if (this.formLoginEnabled) {
            sb.append("      <form class=\"form-signin\" method=\"post\" action=\"" + contextPath + this.authenticationUrl + "\">\n        <h2 class=\"form-signin-heading\">Please sign in</h2>\n" + createError(z, str) + createLogoutSuccess(z2) + "        <p>\n          <label for=\"username\" class=\"sr-only\">Username</label>\n          <input type=\"text\" id=\"username\" name=\"" + this.usernameParameter + "\" class=\"form-control\" placeholder=\"Username\" required autofocus>\n        </p>\n        <p>\n          <label for=\"password\" class=\"sr-only\">Password</label>\n          <input type=\"password\" id=\"password\" name=\"" + this.passwordParameter + "\" class=\"form-control\" placeholder=\"Password\" required>\n        </p>\n" + createRememberMe(this.rememberMeParameter) + renderHiddenInputs(httpServletRequest) + "        <button class=\"btn btn-lg btn-primary btn-block\" type=\"submit\">Sign in</button>\n      </form>\n");
        }
        if (this.openIdEnabled) {
            sb.append("      <form name=\"oidf\" class=\"form-signin\" method=\"post\" action=\"" + contextPath + this.openIDauthenticationUrl + "\">\n        <h2 class=\"form-signin-heading\">Login with OpenID Identity</h2>\n" + createError(z, str) + createLogoutSuccess(z2) + "        <p>\n          <label for=\"username\" class=\"sr-only\">Identity</label>\n          <input type=\"text\" id=\"username\" name=\"" + this.openIDusernameParameter + "\" class=\"form-control\" placeholder=\"Username\" required autofocus>\n        </p>\n" + createRememberMe(this.openIDrememberMeParameter) + renderHiddenInputs(httpServletRequest) + "        <button class=\"btn btn-lg btn-primary btn-block\" type=\"submit\">Sign in</button>\n      </form>\n");
        }
        if (this.oauth2LoginEnabled) {
            sb.append("<h2 class=\"form-signin-heading\">Login with OAuth 2.0</h2>");
            sb.append(createError(z, str));
            sb.append(createLogoutSuccess(z2));
            sb.append("<table class=\"table table-striped\">\n");
            for (Map.Entry<String, String> entry : this.oauth2AuthenticationUrlToClientName.entrySet()) {
                sb.append(" <tr><td>");
                sb.append("<a href=\"").append(contextPath).append(entry.getKey()).append("\">");
                sb.append(HtmlUtils.htmlEscape(entry.getValue()));
                sb.append("</a>");
                sb.append("</td></tr>\n");
            }
            sb.append("</table>\n");
        }
        if (this.saml2LoginEnabled) {
            sb.append("<h2 class=\"form-signin-heading\">Login with SAML 2.0</h2>");
            sb.append(createError(z, str));
            sb.append(createLogoutSuccess(z2));
            sb.append("<table class=\"table table-striped\">\n");
            for (Map.Entry<String, String> entry2 : this.saml2AuthenticationUrlToProviderName.entrySet()) {
                sb.append(" <tr><td>");
                sb.append("<a href=\"").append(contextPath).append(entry2.getKey()).append("\">");
                sb.append(HtmlUtils.htmlEscape(entry2.getValue()));
                sb.append("</a>");
                sb.append("</td></tr>\n");
            }
            sb.append("</table>\n");
        }
        sb.append("</div>\n");
        sb.append("</body></html>");
        return sb.toString();
    }

    private String renderHiddenInputs(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder();
        for (Map.Entry<String, String> entry : this.resolveHiddenInputs.apply(httpServletRequest).entrySet()) {
            sb.append("<input name=\"").append(entry.getKey()).append("\" type=\"hidden\" value=\"").append(entry.getValue()).append("\" />\n");
        }
        return sb.toString();
    }

    private String createRememberMe(String str) {
        return str == null ? "" : "<p><input type='checkbox' name='" + str + "'/> Remember me on this computer.</p>\n";
    }

    private boolean isLogoutSuccess(HttpServletRequest httpServletRequest) {
        return this.logoutSuccessUrl != null && matches(httpServletRequest, this.logoutSuccessUrl);
    }

    private boolean isLoginUrlRequest(HttpServletRequest httpServletRequest) {
        return matches(httpServletRequest, this.loginPageUrl);
    }

    private boolean isErrorPage(HttpServletRequest httpServletRequest) {
        return matches(httpServletRequest, this.failureUrl);
    }

    private static String createError(boolean z, String str) {
        return z ? "<div class=\"alert alert-danger\" role=\"alert\">" + HtmlUtils.htmlEscape(str) + "</div>" : "";
    }

    private static String createLogoutSuccess(boolean z) {
        return z ? "<div class=\"alert alert-success\" role=\"alert\">You have been signed out</div>" : "";
    }

    private boolean matches(HttpServletRequest httpServletRequest, String str) {
        if (!"GET".equals(httpServletRequest.getMethod()) || str == null) {
            return false;
        }
        String requestURI = httpServletRequest.getRequestURI();
        int indexOf = requestURI.indexOf(59);
        if (indexOf > 0) {
            requestURI = requestURI.substring(0, indexOf);
        }
        if (httpServletRequest.getQueryString() != null) {
            requestURI = requestURI + "?" + httpServletRequest.getQueryString();
        }
        return "".equals(httpServletRequest.getContextPath()) ? requestURI.equals(str) : requestURI.equals(httpServletRequest.getContextPath() + str);
    }
}
