package com.tridium.web;

import com.tridium.httpd.CookieUtil;
import javax.baja.naming.BModuleScheme;
import javax.baja.naming.BOrd;
import javax.baja.naming.OrdQuery;
import javax.baja.user.BUserService;
import javax.baja.util.BTypeSpec;
import javax.baja.util.Lexicon;
import javax.baja.web.BLoginTemplate;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/tridium/web/LoginServlet.class */
public class LoginServlet {
    static BLoginTemplate defaultTemplate = new BDefaultLoginTemplate();
    static Lexicon lex = Lexicon.make("web");
    public static final int CookieAge = 1296000;
    public static final String QUERY_LOGIN_FAILED = "loginFailed";
    private static final String KERB_REQUIRED_JAVA_VERSION = "1.6";
    SysServlet sys;

    public void service(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (httpServletRequest.getMethod().equals("GET")) {
            doGet(str, httpServletRequest, httpServletResponse);
        } else {
            if (!httpServletRequest.getMethod().equals("POST")) {
                throw new WebProcessException(HttpServletResponse.SC_BAD_REQUEST);
            }
            doPost(str, httpServletRequest, httpServletResponse);
        }
    }

    public void doGet(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        int indexOf;
        BLoginTemplate bLoginTemplate;
        BUserService service = BUserService.getService();
        if (service == null) {
            httpServletResponse.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE);
            return;
        }
        BHttpAuthAgent bHttpAuthAgent = (BHttpAuthAgent) service.getAuthAgent(BHttpAuthAgent.TYPE);
        if (bHttpAuthAgent == null) {
            bHttpAuthAgent = BHttpUsernamePasswordAuthAgent.INSTANCE;
        }
        if (str.toLowerCase().equalsIgnoreCase("/logout") || str.toLowerCase().equalsIgnoreCase("/logout/")) {
            String queryString = httpServletRequest.getQueryString();
            if (queryString != null && queryString.startsWith(QUERY_LOGIN_FAILED) && (indexOf = queryString.indexOf("=")) > 0) {
                Cookie cookie = new Cookie(CookieUtil.getCookieName(httpServletRequest, "niagara_login_state"), String.valueOf(Integer.parseInt(queryString.substring(indexOf + 1))));
                cookie.setPath("/");
                httpServletResponse.addCookie(cookie);
            }
            httpServletResponse.setHeader(HttpHeaderUtil.H_CACHE_CONTROL, "no-cache, no-store");
            bHttpAuthAgent.doLogoutGet(httpServletRequest, httpServletResponse);
            return;
        }
        if (str.toLowerCase().startsWith("/login-kerb")) {
            if (System.getProperty("java.version", "1.5").compareTo(KERB_REQUIRED_JAVA_VERSION) <= 0) {
                Cookie cookie2 = new Cookie(CookieUtil.getCookieName(httpServletRequest, "niagara_login_state"), String.valueOf(4));
                cookie2.setPath("/");
                httpServletResponse.addCookie(cookie2);
                httpServletResponse.sendRedirect(new StringBuffer().append(WebUtil.getAbsolutePathBase(httpServletRequest)).append("login").toString());
                return;
            }
            if (httpServletRequest.getHeader("authorization") == null) {
                httpServletResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                httpServletResponse.addHeader("www-authenticate", "Negotiate");
            }
        } else if (str.length() > "/login".length()) {
            BTypeSpec bTypeSpec = this.sys.service.get("loginTemplate");
            if (bTypeSpec == null || bTypeSpec.isNull()) {
                bLoginTemplate = defaultTemplate;
            } else {
                try {
                    bLoginTemplate = (BLoginTemplate) bTypeSpec.getInstance();
                } catch (Exception e) {
                    e.printStackTrace();
                    bLoginTemplate = defaultTemplate;
                }
            }
            String substring = str.substring("/login/".length());
            if (substring.length() > 0) {
                BOrd bOrd = null;
                if (str.equalsIgnoreCase("/login/logo")) {
                    bOrd = BOrd.make(WebUtil.getLogo(this.sys.service));
                } else {
                    OrdQuery[] parse = bLoginTemplate.resourceToOrd(substring).normalize().parse();
                    int i = 0;
                    while (true) {
                        if (i >= parse.length) {
                            break;
                        }
                        if (parse[i].getScheme().equals(BModuleScheme.INSTANCE.getId())) {
                            bOrd = BOrd.make(parse[i]);
                            break;
                        }
                        i++;
                    }
                    if (bOrd == null) {
                        httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND);
                        return;
                    }
                }
                try {
                    this.sys.sendFile(httpServletRequest, httpServletResponse, bOrd.get());
                    return;
                } catch (Exception e2) {
                    httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND);
                    return;
                }
            }
        }
        httpServletResponse.setHeader(HttpHeaderUtil.H_CACHE_CONTROL, "no-cache, no-store");
        bHttpAuthAgent.doLoginGet(httpServletRequest, httpServletResponse);
    }

    public void doPost(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        BUserService service = BUserService.getService();
        if (service == null) {
            httpServletResponse.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE);
            return;
        }
        BHttpAuthAgent bHttpAuthAgent = (BHttpAuthAgent) service.getAuthAgent(BHttpAuthAgent.TYPE);
        if (bHttpAuthAgent == null) {
            bHttpAuthAgent = BHttpUsernamePasswordAuthAgent.INSTANCE;
        }
        bHttpAuthAgent.doLoginPost(httpServletRequest, httpServletResponse);
    }

    public LoginServlet(SysServlet sysServlet) {
        this.sys = sysServlet;
    }
}
