package com.ibm.ws.webcontainer.security.test.servlets;

import componenttest.topology.impl.LibertyServer;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Map;
import java.util.Set;
import java.util.logging.Logger;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.HttpVersion;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.params.HttpParams;
import org.apache.http.util.EntityUtils;
import org.junit.Assert;

/* loaded from: input_file:com/ibm/ws/webcontainer/security/test/servlets/FormLoginClient.class */
public class FormLoginClient extends ServletClientImpl {
    private static final Class<?> c = FormLoginClient.class;
    public static final String DEFAULT_SERVLET_NAME = "ServletName: FormLoginServlet";
    public static final String DEFAULT_CONTEXT_ROOT = "/formlogin";
    public static final String DEFAULT_JSP_NAME = "JSPName: FormLoginJSP.jsp";
    public static final String DEFAULT_JSP_CONTEXT_ROOT = "/formlogin/JSP";
    public static final String LOGIN_PAGE = "/login.jsp";
    private static final String FORM_LOGIN_PAGE = "Form Login Page";
    private static final String FORM_LOGOUT_PAGE = "Form Logout Page";
    private static final String LOGIN_ERROR_PAGE = "Form Login Error Page";
    private static final String SUCCESSFUL_LOGOUT_PAGE = "Successful Logout";
    private static final String OFF_HOST_PAGE_URL = "http://www.w3.org/Protocols/HTTP/AsImplemented.html";
    private final String servletName;
    private static final String SERVLET_SPEC_30 = "30";
    private static final String SERVLET_SPEC_31 = "31";
    private static final String HTTP_PROTOCOL_10 = "10";
    private static final String HTTP_PROTOCOL_11 = "11";
    private final int REDIRECT_STATUS_DEFAULT = 302;
    private final int REDIRECT_STATUS_SERVLET31 = 303;
    protected String servletSpec;
    protected int redirectStatus;
    protected boolean setRedirectParam;
    protected String httpProtocol;
    protected boolean retryMode;

    /* loaded from: input_file:com/ibm/ws/webcontainer/security/test/servlets/FormLoginClient$LogoutOption.class */
    public enum LogoutOption {
        LOGOUT_DEFAULT_PAGE,
        LOGOUT_TO_LOGIN_PAGE,
        LOGOUT_OFF_HOST_FAIL,
        LOGOUT_OFF_HOST_SUCCESS
    }

    public FormLoginClient(String str, int i) {
        this(str, i, DEFAULT_SERVLET_NAME, DEFAULT_CONTEXT_ROOT);
    }

    public FormLoginClient(String str, int i, String str2, String str3) {
        this(str, i, false, str2, str3);
        this.logger = Logger.getLogger(c.getCanonicalName());
        this.logger.info("Servlet URL: " + this.servletURL);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public FormLoginClient(String str, int i, boolean z, String str2, String str3) {
        super(str, i, z, str3);
        this.REDIRECT_STATUS_DEFAULT = 302;
        this.REDIRECT_STATUS_SERVLET31 = 303;
        this.servletSpec = SERVLET_SPEC_30;
        this.redirectStatus = 302;
        this.setRedirectParam = false;
        this.httpProtocol = HTTP_PROTOCOL_11;
        this.retryMode = false;
        this.servletName = str2;
        this.authType = "FORM";
    }

    public FormLoginClient(LibertyServer libertyServer) {
        this(libertyServer, DEFAULT_SERVLET_NAME, DEFAULT_CONTEXT_ROOT);
    }

    public FormLoginClient(LibertyServer libertyServer, String str, String str2) {
        this(libertyServer, false, str, str2);
        this.logger = Logger.getLogger(c.getCanonicalName());
        this.logger.info("Servlet URL: " + this.servletURL);
    }

    public FormLoginClient(LibertyServer libertyServer, boolean z, String str, String str2, String str3, String str4) {
        this(libertyServer, z, str, str2);
        this.servletSpec = str3;
        this.httpProtocol = str4;
        setupRedirectValues(str3, str4);
        this.logger = Logger.getLogger(c.getCanonicalName());
        this.logger.info("Servlet URL: " + this.servletURL);
        this.logger.info("Servlet Spec: " + str3);
        this.logger.info("HTTP protocol: " + str4);
    }

    private void setupRedirectValues(String str, String str2) {
        if (str.equals(SERVLET_SPEC_31)) {
            this.setRedirectParam = true;
            if (str2.equals(HTTP_PROTOCOL_11)) {
                this.redirectStatus = 303;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public FormLoginClient(LibertyServer libertyServer, boolean z, String str, String str2) {
        super(libertyServer, z, str2);
        this.REDIRECT_STATUS_DEFAULT = 302;
        this.REDIRECT_STATUS_SERVLET31 = 303;
        this.servletSpec = SERVLET_SPEC_30;
        this.redirectStatus = 302;
        this.setRedirectParam = false;
        this.httpProtocol = HTTP_PROTOCOL_11;
        this.retryMode = false;
        this.servletName = str;
        this.authType = "FORM";
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClientImpl
    protected void hookResetClientState() {
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClientImpl, com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public boolean accessPrecludedServlet(String str) {
        String str2 = this.servletURL + str;
        this.logger.info("accessPrecludedServlet: " + str2);
        return accessPageNoChallenge(this.client, str2, 403) == null;
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClientImpl
    protected String access(String str, int i) {
        this.logger.info("access: url=" + str + " expectedStatusCode=" + i);
        return accessPageNoChallenge(this.client, str, i);
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClientImpl
    protected String accessWithException(String str, Class<?> cls) {
        this.logger.info("access: url=" + str + " expectedException=" + cls);
        try {
            this.client.execute(new HttpGet(str));
            failWithMessage("Didn't catch expected exception: " + cls);
            return null;
        } catch (Exception e) {
            if (e.getClass().equals(cls)) {
                return e.getMessage();
            }
            failWithMessage("Caught unexpected exception: " + e);
            return null;
        }
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClientImpl
    protected String accessAndAuthenticate(String str, String str2, String str3, int i) {
        this.ssoCookie = null;
        return accessAndAuthenticate(this.client, str, str2, str3, i);
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClientImpl
    protected String accessAndAuthenticateForExpectedInternalError(String str, String str2, String str3) {
        this.logger.info("accessAndAuthenticate: url=" + str + " user=" + str2 + " password=" + str3);
        this.ssoCookie = null;
        accessFormLoginPage(this.client, str);
        return accessPageNoChallenge(this.client, performFormLogin(this.client, str, str2, str3, 403), 403);
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClientImpl
    protected String accessAndAuthenticateForError500(String str, String str2, String str3, int i) {
        this.logger.info("accessAndAuthenticateForError500: url=" + str + " user=" + str2 + " password=" + str3 + " expectedStatusCode=" + i);
        this.ssoCookie = null;
        accessFormLoginPage(this.client, str);
        return accessPageNoChallenge(this.client, performFormLogin(this.client, str, str2, str3, 403), 500);
    }

    public String accessAndAuthenticate(HttpClient httpClient, String str, String str2, String str3, int i) {
        this.logger.info("accessAndAuthenticate: url=" + str + " user=" + str2 + " password=" + str3 + " expectedStatusCode=" + i);
        accessFormLoginPage(httpClient, str);
        String performFormLogin = performFormLogin(httpClient, str, str2, str3, i);
        return i == 401 ? accessLoginErrorPage(httpClient, performFormLogin) : accessPageNoChallenge(httpClient, performFormLogin, i);
    }

    public void accessFormLoginPage(HttpClient httpClient, String str) {
        accessFormLoginPage(httpClient, str, null, 200);
    }

    public void accessFormLoginPage(HttpClient httpClient, String str, Map<String, String> map, int i) {
        this.logger.info("accessFormLoginPage: url=" + str + "  addlHeaders=" + map);
        HttpGet httpGet = new HttpGet(str);
        if (map != null) {
            for (Map.Entry<String, String> entry : map.entrySet()) {
                httpGet.setHeader(entry.getKey(), entry.getValue());
            }
        }
        accessFormLoginPage(httpClient, httpGet, i);
    }

    public HttpResponse accessFormLoginPage(HttpClient httpClient, HttpUriRequest httpUriRequest, int i) {
        this.logger.info("accessFormLoginPage: url=" + httpUriRequest.getURI().toString() + " request method=" + httpUriRequest);
        HttpResponse httpResponse = null;
        try {
            httpResponse = httpClient.execute(httpUriRequest);
            this.logger.info("Form login page result: " + httpResponse.getStatusLine());
            Assert.assertEquals("Expected " + i + " status code for form login page was not returned", i, httpResponse.getStatusLine().getStatusCode());
            String entityUtils = EntityUtils.toString(httpResponse.getEntity());
            this.logger.info("Form login page content: " + entityUtils);
            EntityUtils.consume(httpResponse.getEntity());
            if (i == 200) {
                Assert.assertTrue("Did not find expected form login page: Form Login Page", entityUtils.contains(FORM_LOGIN_PAGE));
            }
        } catch (IOException e) {
            failWithMessage("Caught unexpected exception: " + e);
        }
        return httpResponse;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String performFormLogin(HttpClient httpClient, String str, String str2, String str3, int i) {
        this.logger.info("performFormLogin: url=" + str + " user=" + str2 + " password=" + str3 + " expectedStatusCode=" + i);
        this.logger.info("Testing with Servlet Spec " + this.servletSpec + " and HTTP protocol " + this.httpProtocol);
        int i2 = this.redirectStatus;
        if (this.httpProtocol.equals(HTTP_PROTOCOL_10)) {
            httpClient.getParams().setParameter("http.protocol.version", HttpVersion.HTTP_1_0);
        }
        try {
            HttpPost httpPost = new HttpPost(this.servletURL + "/j_security_check");
            if (this.setRedirectParam) {
                HttpParams params = httpPost.getParams();
                params.setParameter("http.protocol.handle-redirects", Boolean.FALSE);
                httpPost.setParams(params);
                if (i == 401) {
                    i2 = 302;
                }
                this.logger.info("The expected redirect status is " + i2);
            }
            ArrayList arrayList = new ArrayList();
            arrayList.add(new BasicNameValuePair("j_username", str2));
            arrayList.add(new BasicNameValuePair("j_password", str3));
            httpPost.setEntity(new UrlEncodedFormEntity(arrayList, "UTF-8"));
            HttpResponse execute = httpClient.execute(httpPost);
            Assert.assertEquals("Expecting form login getStatusCode " + i2, i2, execute.getStatusLine().getStatusCode());
            String value = execute.getFirstHeader("Location").getValue();
            this.logger.info("Redirect location: " + value);
            EntityUtils.consume(execute.getEntity());
            if (i != 401) {
                setSSOCookieForLastLogin(execute);
            } else {
                validateNoSSOCookie(execute);
            }
            if (i == 200) {
                Assert.assertEquals("Redirect location was not the original URL!", str, value);
            }
            return value;
        } catch (Exception e) {
            failWithMessage("Caught unexpected exception: " + e);
            return null;
        }
    }

    protected String accessPageNoChallenge(HttpClient httpClient, String str, int i) {
        return accessPageNoChallenge(httpClient, str, i, null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String accessPageNoChallenge(HttpClient httpClient, String str, int i, Map<String, String> map) {
        this.logger.info("accessPageNoChallenge: location=" + str + " expectedStatusCode=" + i + "  addlHeaders=" + map);
        try {
            HttpGet httpGet = new HttpGet(str);
            if (map != null) {
                for (Map.Entry<String, String> entry : map.entrySet()) {
                    httpGet.setHeader(entry.getKey(), entry.getValue());
                }
            }
            HttpResponse execute = httpClient.execute(httpGet);
            this.logger.info("getMethod status: " + execute.getStatusLine());
            Assert.assertEquals("Expected " + i + " was not returned", i, execute.getStatusLine().getStatusCode());
            String entityUtils = EntityUtils.toString(execute.getEntity());
            this.logger.info("Servlet content: " + entityUtils);
            EntityUtils.consume(execute.getEntity());
            if (execute.getStatusLine().getStatusCode() == 200) {
                Assert.assertTrue("Response did not contain expected servlet name (" + this.servletName + ")", entityUtils.contains(this.servletName));
                return entityUtils;
            }
            if (i != 401) {
                return null;
            }
            Assert.assertTrue("Response was not the expected error page: Form Login Error Page", entityUtils.contains(LOGIN_ERROR_PAGE));
            return null;
        } catch (IOException e) {
            failWithMessage("Caught unexpected exception: " + e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String accessLoginErrorPage(HttpClient httpClient, String str) {
        this.logger.info("accessLoginErrorPage: location=" + str);
        try {
            HttpResponse execute = httpClient.execute(new HttpGet(str));
            this.logger.info("Form login error page result: " + execute.getStatusLine());
            Assert.assertEquals("Expected 200 status code for form login page error was not returned", 200L, execute.getStatusLine().getStatusCode());
            String entityUtils = EntityUtils.toString(execute.getEntity());
            this.logger.info("Form login error page content: " + entityUtils);
            Assert.assertTrue("Response was not the expected error page: Form Login Error Page", entityUtils.contains(LOGIN_ERROR_PAGE));
            return null;
        } catch (IOException e) {
            failWithMessage("Caught unexpected exception: " + e);
            return null;
        }
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClientImpl
    protected String accessWithCookie(String str, String str2, int i) {
        this.logger.info("accessWithCookie: url=" + str + " cookie=" + str2 + " expectedStatusCode=" + i);
        try {
            HttpGet httpGet = new HttpGet(str);
            httpGet.setHeader(PostParamsClient.STORE_COOKIE, this.ssoCookieName + "=" + str2);
            HttpResponse execute = this.client.execute(httpGet);
            this.logger.info("getMethod status: " + execute.getStatusLine());
            Assert.assertEquals("Expected " + i + " was not returned", i, execute.getStatusLine().getStatusCode());
            String entityUtils = EntityUtils.toString(execute.getEntity());
            this.logger.info("Servlet content: " + execute);
            if (i != 200) {
                return null;
            }
            Assert.assertTrue("Response did not contain expected servlet name (" + this.servletName + ")", entityUtils.contains(this.servletName));
            return entityUtils;
        } catch (Exception e) {
            failWithMessage("Caught unexpected exception: " + e);
            return null;
        }
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClientImpl, com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public boolean accessProtectedServletWithInvalidCookie(String str, String str2) {
        String str3 = this.servletURL + str;
        this.logger.info("accessProtectedServletWithInvalidCookie: " + str3 + " cookie=" + str2);
        try {
            HttpGet httpGet = new HttpGet(str3);
            httpGet.setHeader(PostParamsClient.STORE_COOKIE, this.ssoCookieName + "=" + str2);
            HttpResponse execute = this.client.execute(httpGet);
            this.logger.info("Form login page result: " + execute.getStatusLine());
            Assert.assertEquals("Expected 200 status code for form login page was not returned", 200L, execute.getStatusLine().getStatusCode());
            String entityUtils = EntityUtils.toString(execute.getEntity());
            this.logger.info("Form login page content: " + entityUtils);
            Assert.assertTrue("Did not find expected form login page: Form Login Page", entityUtils.contains(FORM_LOGIN_PAGE));
            return true;
        } catch (IOException e) {
            failWithMessage("Caught unexpected exception: " + e);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String servletURLForLogout() {
        return this.servletURL + "/logout.html";
    }

    public void formLogout(LogoutOption logoutOption, String str, String str2) {
        this.logger.info("formLogout: logoutOption=" + logoutOption + " user=" + str + " password=" + str2);
        try {
            accessAndAuthenticate(this.client, this.servletURL + ServletClient.PROTECTED_SIMPLE, str, str2, 200);
            Assert.assertNotNull("The SSO cookie was null", getCookieFromLastLogin());
            Assert.assertFalse("The SSO cookie had an empty String value", "".equals(getCookieFromLastLogin()));
            HttpResponse execute = this.client.execute(new HttpGet(servletURLForLogout()));
            String entityUtils = EntityUtils.toString(execute.getEntity());
            this.logger.info("getMethod.getStatusCode(): " + execute.getStatusLine().getStatusCode());
            this.logger.info("Get response for logout page: " + execute);
            Assert.assertEquals("The response code was not 200 as expected", 200L, execute.getStatusLine().getStatusCode());
            Assert.assertTrue("Form logout page not found: Form Logout Page", entityUtils.contains(FORM_LOGOUT_PAGE));
            EntityUtils.consume(execute.getEntity());
            this.logger.info("logout URL: " + this.servletURL + "/ibm_security_logout");
            HttpPost httpPost = new HttpPost(this.servletURL + "/ibm_security_logout");
            switch (logoutOption) {
                case LOGOUT_TO_LOGIN_PAGE:
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(new BasicNameValuePair("logout", "Logout2"));
                    arrayList.add(new BasicNameValuePair("logoutExitPage", LOGIN_PAGE));
                    httpPost.setEntity(new UrlEncodedFormEntity(arrayList, "UTF-8"));
                    break;
                case LOGOUT_OFF_HOST_SUCCESS:
                case LOGOUT_OFF_HOST_FAIL:
                    ArrayList arrayList2 = new ArrayList();
                    arrayList2.add(new BasicNameValuePair("logout", "Logout3"));
                    arrayList2.add(new BasicNameValuePair("logoutExitPage", OFF_HOST_PAGE_URL));
                    httpPost.setEntity(new UrlEncodedFormEntity(arrayList2, "UTF-8"));
                    break;
            }
            HttpResponse execute2 = this.client.execute(httpPost);
            this.logger.info("postMethod.getStatusCode(): " + execute2.getStatusLine().getStatusCode());
            String entityUtils2 = EntityUtils.toString(execute2.getEntity());
            this.logger.info("Form logout getResponseBodyAsString: " + entityUtils2);
            EntityUtils.consume(execute2.getEntity());
            setSSOCookieForLastLogin(execute2);
            Assert.assertEquals("", getCookieFromLastLogin());
            switch (logoutOption) {
                case LOGOUT_DEFAULT_PAGE:
                case LOGOUT_OFF_HOST_FAIL:
                    Assert.assertEquals("Expected 200 status code in resposne to logout", 200L, execute2.getStatusLine().getStatusCode());
                    Assert.assertTrue("Form logout page output not found: Successful Logout", entityUtils2.contains(SUCCESSFUL_LOGOUT_PAGE));
                    break;
                case LOGOUT_TO_LOGIN_PAGE:
                    Assert.assertEquals("Expected redirect status code", 302L, execute2.getStatusLine().getStatusCode());
                    HttpResponse execute3 = this.client.execute(new HttpGet(execute2.getFirstHeader("Location").getValue()));
                    String entityUtils3 = EntityUtils.toString(execute3.getEntity());
                    this.logger.info("Redirected getResponseBodyAsString: " + entityUtils3);
                    Assert.assertTrue("Form login page not found: Form Login Page", entityUtils3.contains(FORM_LOGIN_PAGE));
                    EntityUtils.consume(execute3.getEntity());
                    break;
                case LOGOUT_OFF_HOST_SUCCESS:
                    Assert.assertEquals("Expected redirect status code", 302L, execute2.getStatusLine().getStatusCode());
                    String value = execute2.getFirstHeader("Location").getValue();
                    Assert.assertEquals("Returned URL to redirect client to should have been http://www.w3.org/Protocols/HTTP/AsImplemented.html but was " + value, value, OFF_HOST_PAGE_URL);
                    break;
            }
        } catch (IOException e) {
            failWithMessage("Caught unexpected exception: " + e);
        }
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClientImpl
    protected String accessWithHeaders(String str, int i, Map<String, String> map, Boolean bool, Boolean bool2) {
        this.logger.info("accessWithHeaders: url=" + str + " expectedStatusCode=" + i);
        try {
            HttpGet httpGet = new HttpGet(str);
            Set<String> keySet = map.keySet();
            StringBuilder sb = new StringBuilder();
            sb.append("[");
            for (String str2 : keySet) {
                httpGet.setHeader(str2, map.get(str2));
                sb.append(str2 + ": " + map.get(str2) + ", ");
            }
            this.logger.info("accessWithHeaders: headers=" + sb.delete(sb.lastIndexOf(","), sb.length()).append("]").toString());
            return executeAndProcessGetMethod(httpGet, Integer.valueOf(i), bool2, bool);
        } catch (Exception e) {
            failWithMessage("Caught unexpected exception: " + e);
            return null;
        }
    }

    private String executeAndProcessGetMethod(HttpGet httpGet, Integer num, Boolean bool, Boolean bool2) throws IOException {
        HttpResponse execute = this.client.execute(httpGet);
        String entityContent = getEntityContent(execute);
        int statusCode = execute.getStatusLine().getStatusCode();
        if (this.retryMode && statusCode == 404 && (num == null || num.intValue() != 404)) {
            try {
                Thread.sleep(30000L);
            } catch (InterruptedException e) {
            }
            this.logger.info("Retry servlet access ");
            execute = this.client.execute(httpGet);
            entityContent = getEntityContent(execute);
            statusCode = execute.getStatusLine().getStatusCode();
        }
        if (num == null) {
            return null;
        }
        Assert.assertEquals("Expected " + num + " was not returned", num.intValue(), statusCode);
        if (statusCode == 200) {
            Assert.assertTrue("Response did not contain expected servlet name (" + this.servletName + ")", entityContent.contains(this.servletName));
        } else if (bool2.booleanValue()) {
            entityContent = null;
        }
        if (bool != null) {
            if (!bool.booleanValue() || num.intValue() == 401) {
                validateNoSSOCookie(execute);
            } else {
                setSSOCookieForLastLogin(execute);
            }
        }
        return entityContent;
    }

    private String getEntityContent(HttpResponse httpResponse) throws IOException {
        this.logger.info("getMethod status: " + httpResponse.getStatusLine());
        HttpEntity entity = httpResponse.getEntity();
        String entityUtils = EntityUtils.toString(entity);
        this.logger.info("Servlet response: " + entityUtils);
        EntityUtils.consume(entity);
        return entityUtils;
    }
}
