package org.apache.sling.auth.core.spi;

import groovy.servlet.AbstractHttpServlet;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.http.client.cache.HeaderConstants;
import org.apache.sling.auth.core.AuthUtil;

/* loaded from: input_file:resources/install/5/org.apache.sling.auth.core-1.4.4.jar:org/apache/sling/auth/core/spi/AbstractAuthenticationFormServlet.class */
public abstract class AbstractAuthenticationFormServlet extends HttpServlet {
    public static final String DEFAULT_FORM_PATH = "login.html";
    public static final String CUSTOM_FORM_PATH = "custom_login.html";
    private volatile String rawForm;

    @Override // javax.servlet.http.HttpServlet
    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        handle(httpServletRequest, httpServletResponse);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // javax.servlet.http.HttpServlet
    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        handle(httpServletRequest, httpServletResponse);
    }

    private void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.reset();
        httpServletResponse.setContentType(AbstractHttpServlet.CONTENT_TYPE_TEXT_HTML);
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setHeader("Cache-Control", HeaderConstants.CACHE_CONTROL_NO_CACHE);
        httpServletResponse.addHeader("Cache-Control", HeaderConstants.CACHE_CONTROL_NO_STORE);
        httpServletResponse.setHeader("Pragma", HeaderConstants.CACHE_CONTROL_NO_CACHE);
        httpServletResponse.setHeader("Expires", "0");
        httpServletResponse.getWriter().print(getForm(httpServletRequest));
        httpServletResponse.flushBuffer();
    }

    protected String getForm(HttpServletRequest httpServletRequest) throws IOException {
        return getRawForm().replace("${resource}", escape(cleanse(httpServletRequest, getResource(httpServletRequest)))).replace("${j_reason}", escape(getReason(httpServletRequest))).replace("${requestContextPath}", escape(cleanse(httpServletRequest, getContextPath(httpServletRequest)))).replace("${contextPath}", escape(httpServletRequest.getContextPath()));
    }

    private static String cleanse(HttpServletRequest httpServletRequest, String str) {
        return (str.length() <= 0 || AuthUtil.isRedirectValid(httpServletRequest, str)) ? str : "";
    }

    private static String escape(String str) {
        if (str == null) {
            return null;
        }
        StringBuilder sb = new StringBuilder(str.length());
        for (int i = 0; i < str.length(); i++) {
            char charAt = str.charAt(i);
            if (charAt == '&') {
                sb.append("&amp;");
            } else if (charAt == '<') {
                sb.append("&lt;");
            } else if (charAt == '>') {
                sb.append("&gt;");
            } else if (charAt == '\"') {
                sb.append("%22");
            } else if (charAt == '\'') {
                sb.append("%27");
            } else {
                sb.append(charAt);
            }
        }
        return sb.toString();
    }

    protected String getResource(HttpServletRequest httpServletRequest) {
        return AuthUtil.getLoginResource(httpServletRequest, "");
    }

    protected abstract String getReason(HttpServletRequest httpServletRequest);

    protected String getContextPath(HttpServletRequest httpServletRequest) {
        String resource = getResource(httpServletRequest);
        if ("".equals(resource)) {
            resource = httpServletRequest.getContextPath();
        }
        int indexOf = resource.indexOf(63);
        if (indexOf > 0) {
            resource = resource.substring(0, indexOf);
        }
        return removeEndingSlash(resource);
    }

    private static String removeEndingSlash(String str) {
        return (str == null || !str.endsWith("/")) ? str : str.substring(0, str.length() - 1);
    }

    private String getRawForm() throws IOException {
        if (this.rawForm == null) {
            InputStream inputStream = null;
            try {
                inputStream = getClass().getResourceAsStream(getCustomFormPath());
                if (inputStream == null) {
                    inputStream = getClass().getResourceAsStream(getDefaultFormPath());
                }
                if (inputStream != null) {
                    StringBuilder sb = new StringBuilder();
                    InputStreamReader inputStreamReader = new InputStreamReader(inputStream, "UTF-8");
                    char[] cArr = new char[1024];
                    while (true) {
                        int read = inputStreamReader.read(cArr);
                        if (read < 0) {
                            break;
                        }
                        sb.append(cArr, 0, read);
                    }
                    this.rawForm = sb.toString();
                }
                if (this.rawForm == null) {
                    throw new IOException("Failed reading form template");
                }
            } finally {
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e) {
                    }
                }
            }
        }
        return this.rawForm;
    }

    protected String getDefaultFormPath() {
        return DEFAULT_FORM_PATH;
    }

    protected String getCustomFormPath() {
        return CUSTOM_FORM_PATH;
    }
}
