package org.eclipse.lyo.client;

import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;
import javax.ws.rs.ProcessingException;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientRequestContext;
import javax.ws.rs.client.ClientRequestFilter;
import javax.ws.rs.client.ClientResponseContext;
import javax.ws.rs.client.ClientResponseFilter;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.Invocation;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedHashMap;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/lyo/client/JEEFormAuthenticator.class */
public class JEEFormAuthenticator implements ClientRequestFilter, ClientResponseFilter {
    private final Logger log;
    private static final String COOKIE = "Cookie";
    private static final String J_SECURITY_CHECK = "j_security_check";
    private static final String J_USERNAME = "j_username";
    private static final String J_PASSWORD = "j_password";
    private static final String FORM_AUTHENTICATOR_REUSED = "org.eclipse.lyo.client.oslc.JEEFormAuthenticator.reused";
    private static final String JAZZ_AUTH_MESSAGE_HEADER = "X-com-ibm-team-repository-web-auth-msg";
    private static final String JAZZ_AUTH_REQUIRED = "authrequired";
    private static final String JAZZ_AUTH_FAILED = "authfailed";
    private final String userId;
    private final String password;
    private final String baseUri;
    private boolean followingRedirects;
    Client authClient;
    private final List<Object> cookies;

    public JEEFormAuthenticator() {
        this.log = LoggerFactory.getLogger(JEEFormAuthenticator.class);
        this.followingRedirects = false;
        this.authClient = null;
        this.cookies = new ArrayList();
        this.userId = null;
        this.password = null;
        this.baseUri = null;
    }

    public JEEFormAuthenticator(String str, String str2, String str3) {
        this.log = LoggerFactory.getLogger(JEEFormAuthenticator.class);
        this.followingRedirects = false;
        this.authClient = null;
        this.cookies = new ArrayList();
        this.userId = str2;
        this.password = str3;
        this.baseUri = str;
    }

    public void filter(ClientRequestContext clientRequestContext, ClientResponseContext clientResponseContext) {
        if (this.followingRedirects) {
            return;
        }
        boolean equals = JAZZ_AUTH_REQUIRED.equals(clientResponseContext.getHeaderString(JAZZ_AUTH_MESSAGE_HEADER));
        boolean isAuthAlreadyAttempted = isAuthAlreadyAttempted(clientRequestContext);
        if (equals && isAuthAlreadyAttempted) {
            clientResponseContext.setStatus(Response.Status.UNAUTHORIZED.getStatusCode());
            this.log.trace("Jazz auth cookies were appended but the request was UNAUTHORIZED anyway");
            return;
        }
        if (!equals) {
            this.log.trace("Response was non-401, skipping the ClientResponseFilter for Jazz Forms auth");
            return;
        }
        this.log.trace("Response is 401, attempting Jazz Forms authentication");
        this.cookies.clear();
        this.authClient = clientRequestContext.getClient();
        Form form = new Form();
        form.param(J_USERNAME, this.userId);
        form.param(J_PASSWORD, this.password);
        Response post = this.authClient.target(this.baseUri).path(J_SECURITY_CHECK).request(new String[]{"application/x-www-form-urlencoded"}).property(FORM_AUTHENTICATOR_REUSED, "true").header("Accept", "*/*").header("X-Requested-With", "XMLHttpRequest").header(OSLCConstants.OSLC_CORE_VERSION, OSLCConstants.OSLC2_0).post(Entity.form(form));
        post.getCookies().values().forEach(newCookie -> {
            this.cookies.add(newCookie.toCookie());
        });
        int status = post.getStatus();
        String headerString = post.getHeaderString(JAZZ_AUTH_MESSAGE_HEADER);
        if (headerString != null && headerString.equalsIgnoreCase(JAZZ_AUTH_FAILED)) {
            post.close();
            clientResponseContext.setStatus(Response.Status.UNAUTHORIZED.getStatusCode());
            this.log.trace("Jazz Forms authentication failed");
            return;
        }
        String headerString2 = post.getHeaderString("Location");
        try {
            post.close();
        } catch (ProcessingException e) {
            this.log.warn("Connection not closed cleanly");
        }
        followRedirects(status, headerString2);
        Invocation.Builder request = clientRequestContext.getClient().target(clientRequestContext.getUri()).request(new MediaType[]{clientRequestContext.getMediaType()});
        request.property(FORM_AUTHENTICATOR_REUSED, "true");
        MultivaluedHashMap multivaluedHashMap = new MultivaluedHashMap();
        multivaluedHashMap.putAll(clientRequestContext.getHeaders());
        multivaluedHashMap.add(COOKIE, this.cookies);
        request.headers(multivaluedHashMap);
        String method = clientRequestContext.getMethod();
        Invocation build = clientRequestContext.getEntity() == null ? request.build(method) : request.build(method, Entity.entity(clientRequestContext.getEntity(), clientRequestContext.getMediaType()));
        this.log.trace("Retrying the failed request with Jazz cookies");
        Response invoke = build.invoke();
        if (invoke.hasEntity()) {
            clientResponseContext.setEntityStream((InputStream) invoke.readEntity(InputStream.class));
        }
        MultivaluedMap headers = clientResponseContext.getHeaders();
        headers.clear();
        headers.putAll(invoke.getStringHeaders());
        clientResponseContext.setStatus(invoke.getStatus());
    }

    private boolean isAuthAlreadyAttempted(ClientRequestContext clientRequestContext) {
        return "true".equals(clientRequestContext.getProperty(FORM_AUTHENTICATOR_REUSED));
    }

    private int followRedirects(int i, String str) {
        this.followingRedirects = true;
        while (str != null && i >= 301 && i <= 399) {
            Response response = this.authClient.target(str).request().get();
            i = response.getStatus();
            str = response.getHeaderString("Location");
            try {
                response.close();
            } catch (ProcessingException e) {
                this.log.warn("Last redirect connection not closed cleanly");
            }
        }
        this.followingRedirects = false;
        return i;
    }

    public void filter(ClientRequestContext clientRequestContext) {
        if (this.cookies.size() <= 0) {
            this.log.trace("Not appending Jazz auth cookies to the request");
        } else {
            clientRequestContext.getHeaders().add(COOKIE, this.cookies);
            this.log.trace("Jazz auth cookies appended to the request");
        }
    }
}
