package io.milton.http.http11.auth;

import io.milton.http.AbstractWrappingResponseHandler;
import io.milton.http.Auth;
import io.milton.http.Request;
import io.milton.http.ResourceFactory;
import io.milton.http.Response;
import io.milton.http.exceptions.BadRequestException;
import io.milton.http.exceptions.NotAuthorizedException;
import io.milton.http.exceptions.NotFoundException;
import io.milton.http.webdav.WebDavResponseHandler;
import io.milton.resource.GetableResource;
import io.milton.resource.Resource;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import net.sf.json.JSONObject;
import org.apache.commons.collections.CollectionUtils;
import org.apache.velocity.runtime.RuntimeConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sk.mimac.slideshow.http.MimeType;

/* loaded from: classes.dex */
public class LoginResponseHandler extends AbstractWrappingResponseHandler {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) LoginResponseHandler.class);
    private boolean enabled;
    private List<String> excludePaths;
    private String loginPage;
    private final LoginPageTypeHandler loginPageTypeHandler;
    private final ResourceFactory resourceFactory;

    /* loaded from: classes.dex */
    public static class ContentTypeLoginPageTypeHandler implements LoginPageTypeHandler {
        @Override // io.milton.http.http11.auth.LoginResponseHandler.LoginPageTypeHandler
        public boolean canLogin(Resource resource, Request request) {
            Logger logger;
            String str;
            boolean contains;
            Logger logger2;
            StringBuilder sb;
            if (resource instanceof GetableResource) {
                String acceptHeader = request.getAcceptHeader();
                String contentType = ((GetableResource) resource).getContentType(MimeType.MIME_HTML);
                if (contentType != null) {
                    contains = contentType.contains("html");
                    logger2 = LoginResponseHandler.log;
                    sb = new StringBuilder("isPage: resource has content type. is html? ");
                } else if (acceptHeader != null) {
                    contains = acceptHeader.contains("html");
                    logger2 = LoginResponseHandler.log;
                    sb = new StringBuilder("isPage: resource has no content type, depends on requested content type: ");
                } else {
                    logger = LoginResponseHandler.log;
                    str = "isPage: resource has no content type, and no requeted content type, so assume false";
                }
                sb.append(contains);
                logger2.trace(sb.toString());
                return contains;
            }
            logger = LoginResponseHandler.log;
            str = "isPage: resource is not getable";
            logger.trace(str);
            return false;
        }

        @Override // io.milton.http.http11.auth.LoginResponseHandler.LoginPageTypeHandler
        public boolean isAjax(Resource resource, Request request) {
            String acceptHeader = request.getAcceptHeader();
            return acceptHeader != null && (acceptHeader.contains("application/json") || acceptHeader.contains("text/javascript"));
        }
    }

    /* loaded from: classes.dex */
    public interface LoginPageTypeHandler {
        boolean canLogin(Resource resource, Request request);

        boolean isAjax(Resource resource, Request request);
    }

    public LoginResponseHandler(WebDavResponseHandler webDavResponseHandler, ResourceFactory resourceFactory, LoginPageTypeHandler loginPageTypeHandler) {
        super(webDavResponseHandler);
        this.loginPage = "/login.html";
        this.enabled = true;
        this.resourceFactory = resourceFactory;
        this.loginPageTypeHandler = loginPageTypeHandler;
    }

    private void attemptRespondLoginPage(Request request, Resource resource, Response response) {
        Map<String, Object> attributes;
        String str;
        Logger logger = log;
        logger.trace("attemptRespondLoginPage");
        try {
            Resource resource2 = this.resourceFactory.getResource(request.getHostHeader(), this.loginPage);
            if (resource2 == null || !(resource2 instanceof GetableResource)) {
                logger.info("Couldnt find login resource: " + request.getHostHeader() + this.loginPage + " with resource factory: " + this.resourceFactory.getClass());
                this.wrapped.respondUnauthorised(resource, response, request);
                return;
            }
            logger.trace("respond with 200 to suppress login prompt, using resource: " + resource2.getName() + " - " + resource2.getClass());
            try {
                Auth authorization = request.getAuthorization();
                if (authorization == null || authorization.getTag() == null) {
                    attributes = request.getAttributes();
                    str = "required";
                } else {
                    attributes = request.getAttributes();
                    str = "notPermitted";
                }
                attributes.put("authReason", str);
                response.setStatus(Response.Status.SC_BAD_REQUEST);
                GetableResource getableResource = (GetableResource) resource2;
                getableResource.sendContent(response.getOutputStream(), null, null, getableResource.getContentType(null));
                response.getOutputStream().flush();
            } catch (BadRequestException e) {
                e = e;
                response.setStatus(Response.Status.SC_INTERNAL_SERVER_ERROR);
                response.close();
                log.error("Exception generating login page", e);
            } catch (NotAuthorizedException e2) {
                e = e2;
                response.setStatus(Response.Status.SC_INTERNAL_SERVER_ERROR);
                response.close();
                log.error("Exception generating login page", e);
            } catch (NotFoundException e3) {
                e = e3;
                response.setStatus(Response.Status.SC_INTERNAL_SERVER_ERROR);
                response.close();
                log.error("Exception generating login page", e);
            } catch (IOException e4) {
                e = e4;
                response.setStatus(Response.Status.SC_INTERNAL_SERVER_ERROR);
                response.close();
                log.error("Exception generating login page", e);
            }
        } catch (BadRequestException e5) {
            throw new RuntimeException(e5);
        } catch (NotAuthorizedException e6) {
            throw new RuntimeException(e6);
        }
    }

    private boolean excluded(Request request) {
        if (CollectionUtils.isEmpty(this.excludePaths)) {
            return false;
        }
        Iterator<String> it = this.excludePaths.iterator();
        while (it.hasNext()) {
            if (request.getAbsolutePath().startsWith(it.next())) {
                return true;
            }
        }
        return false;
    }

    private boolean isGetOrPost(Request request) {
        return request.getMethod().equals(Request.Method.GET) || request.getMethod().equals(Request.Method.POST);
    }

    private void respondJson(Request request, Response response, Resource resource) {
        JSONObject jSONObject = new JSONObject();
        jSONObject.accumulate("loginResult", (Boolean) request.getAttributes().get("loginResult"));
        Auth authorization = request.getAuthorization();
        jSONObject.accumulate("authReason", (authorization == null || authorization.getTag() == null) ? "required" : "notPermitted");
        String str = (String) request.getAttributes().get("userUrl");
        if (str != null) {
            jSONObject.accumulate("userUrl", str);
        }
        response.setStatus(Response.Status.SC_BAD_REQUEST);
        response.setCacheControlNoCacheHeader();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(byteArrayOutputStream, RuntimeConstants.ENCODING_DEFAULT);
            jSONObject.write(outputStreamWriter);
            outputStreamWriter.flush();
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            response.setContentLengthHeader(Long.valueOf(byteArray.length));
            response.getOutputStream().write(byteArray);
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public static void setDisableHtmlResponse(Request request) {
        log.trace("html login response disabled for this request");
        request.getAttributes().put("auth.disable.html", Boolean.TRUE);
    }

    public boolean isEnabled() {
        return this.enabled;
    }

    @Override // io.milton.http.AbstractWrappingResponseHandler, io.milton.http.http11.Http11ResponseHandler
    public void respondUnauthorised(Resource resource, Response response, Request request) {
        Logger logger = log;
        logger.info("respondUnauthorised");
        Boolean bool = (Boolean) request.getAttributes().get("auth.disable.html");
        if (bool != null && bool.booleanValue()) {
            logger.trace("html login form has been disabled for this request");
        } else if (isEnabled() && !excluded(request) && isGetOrPost(request)) {
            if (this.loginPageTypeHandler.canLogin(resource, request)) {
                attemptRespondLoginPage(request, resource, response);
                return;
            } else if (this.loginPageTypeHandler.isAjax(resource, request)) {
                respondJson(request, response, resource);
                return;
            }
        }
        logger.trace("respond with normal 401");
        this.wrapped.respondUnauthorised(resource, response, request);
    }

    public void setExcludePaths(List<String> list) {
        this.excludePaths = list;
    }

    public void setLoginPage(String str) {
        this.loginPage = str;
    }
}
