package org.apache.sling.auth.core.impl;

import java.io.IOException;
import javax.servlet.Servlet;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.ReferenceCardinality;
import org.apache.felix.scr.annotations.ReferencePolicy;
import org.apache.felix.scr.annotations.Service;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.auth.Authenticator;
import org.apache.sling.api.auth.NoAuthenticationHandlerException;
import org.apache.sling.api.servlets.ServletResolverConstants;
import org.apache.sling.api.servlets.SlingAllMethodsServlet;
import org.apache.sling.auth.core.AuthUtil;
import org.osgi.framework.Constants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Service({Servlet.class})
@Component
@Properties({@Property(name = Constants.SERVICE_DESCRIPTION, value = {"Authenticator Login Servlet"}), @Property(name = Constants.SERVICE_VENDOR, value = {"The Apache Software Foundation"}), @Property(name = ServletResolverConstants.SLING_SERVLET_METHODS, value = {"GET", "POST"})})
/* loaded from: input_file:resources/install/0/org.apache.sling.auth.core-1.3.26.jar:org/apache/sling/auth/core/impl/LoginServlet.class */
public class LoginServlet extends SlingAllMethodsServlet {
    private static final long serialVersionUID = -8797082194403667968L;
    private final Logger log = LoggerFactory.getLogger(getClass());

    @Reference(cardinality = ReferenceCardinality.OPTIONAL_UNARY, policy = ReferencePolicy.DYNAMIC)
    private volatile Authenticator authenticator;

    @Property(name = ServletResolverConstants.SLING_SERVLET_PATHS)
    public static final String SERVLET_PATH = "/system/sling/login";

    @Override // org.apache.sling.api.servlets.SlingSafeMethodsServlet
    protected void service(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse) throws IOException {
        if (slingHttpServletRequest.getAuthType() != null) {
            String loginResource = AuthUtil.getLoginResource(slingHttpServletRequest, null);
            if (isSelf(loginResource)) {
                String str = slingHttpServletRequest.getContextPath() + "/";
                this.log.warn("doGet: Redirecting to {} to prevent login loop for resource {}", str, loginResource);
                slingHttpServletResponse.sendRedirect(str);
                return;
            }
        }
        Authenticator authenticator = this.authenticator;
        if (authenticator != null) {
            try {
                AuthUtil.setLoginResourceAttribute(slingHttpServletRequest, null);
                authenticator.login(slingHttpServletRequest, slingHttpServletResponse);
                return;
            } catch (IllegalStateException e) {
                this.log.error("doGet: Response already committed, cannot login");
                return;
            } catch (NoAuthenticationHandlerException e2) {
                this.log.error("doGet: No AuthenticationHandler to login registered");
            }
        } else {
            this.log.error("doGet: Authenticator service missing, cannot login");
        }
        slingHttpServletResponse.sendError(403, "Cannot login");
    }

    private boolean isSelf(String str) {
        return str == null || str.startsWith(SERVLET_PATH);
    }

    protected void bindAuthenticator(Authenticator authenticator) {
        this.authenticator = authenticator;
    }

    protected void unbindAuthenticator(Authenticator authenticator) {
        if (this.authenticator == authenticator) {
            this.authenticator = null;
        }
    }
}
