package org.geoserver.security.web.auth;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.logging.Level;
import javax.servlet.AsyncContext;
import javax.servlet.DispatcherType;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.servlet.http.Part;
import org.apache.batik.ext.swing.JAffineTransformChooser;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.ajax.form.OnChangeAjaxBehavior;
import org.apache.wicket.ajax.markup.html.form.AjaxSubmitLink;
import org.apache.wicket.markup.html.form.CheckBox;
import org.apache.wicket.markup.html.form.DropDownChoice;
import org.apache.wicket.markup.html.form.Form;
import org.apache.wicket.markup.html.form.FormComponent;
import org.apache.wicket.markup.html.form.FormComponentPanel;
import org.apache.wicket.markup.html.form.SubmitLink;
import org.apache.wicket.markup.html.form.TextField;
import org.apache.wicket.markup.html.form.validation.AbstractFormValidator;
import org.apache.wicket.markup.html.link.Link;
import org.apache.wicket.model.CompoundPropertyModel;
import org.apache.wicket.model.IModel;
import org.apache.wicket.model.Model;
import org.apache.wicket.model.PropertyModel;
import org.apache.wicket.util.convert.IConverter;
import org.apache.wicket.validation.IValidatable;
import org.apache.wicket.validation.IValidator;
import org.apache.wicket.validation.validator.RangeValidator;
import org.geoserver.platform.GeoServerExtensions;
import org.geoserver.security.GeoServerSecurityFilterChain;
import org.geoserver.security.GeoServerSecurityFilterChainProxy;
import org.geoserver.security.HTTPMethod;
import org.geoserver.security.RequestFilterChain;
import org.geoserver.security.config.LogoutFilterConfig;
import org.geoserver.security.config.SSLFilterConfig;
import org.geoserver.security.config.SecurityManagerConfig;
import org.geoserver.security.web.AbstractSecurityPage;
import org.geoserver.web.wicket.HelpLink;
import org.geoserver.web.wicket.ParamResourceModel;
import org.springframework.security.web.util.matcher.IpAddressMatcher;

/* loaded from: input_file:WEB-INF/lib/gs-web-sec-core-2.18.7.jar:org/geoserver/security/web/auth/AuthenticationPage.class */
public class AuthenticationPage extends AbstractSecurityPage {
    Form<SecurityManagerConfig> form;
    LogoutFilterConfig logoutFilterConfig;
    SSLFilterConfig sslFilterConfig;
    SecurityManagerConfig config;
    AuthFilterChainPanel authFilterChainPanel;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/gs-web-sec-core-2.18.7.jar:org/geoserver/security/web/auth/AuthenticationPage$AuthFilterChainPanel.class */
    public class AuthFilterChainPanel extends FormComponentPanel {
        DropDownChoice<HTTPMethod> httpMethodChoice;
        TextField<String> urlPathField;
        TextField<String> chainTestResultField;
        String urlPath;
        String chainTestResult;
        HTTPMethod httpMethod;

        public AuthFilterChainPanel(String str, IModel<GeoServerSecurityFilterChain> iModel) {
            super(str, new Model());
            this.httpMethod = HTTPMethod.GET;
            setOutputMarkupId(true);
            TextField<String> textField = new TextField<>("urlPath", new PropertyModel(this, "urlPath"));
            this.urlPathField = textField;
            add(textField);
            this.urlPathField.setOutputMarkupId(true);
            this.urlPathField.add(new OnChangeAjaxBehavior() { // from class: org.geoserver.security.web.auth.AuthenticationPage.AuthFilterChainPanel.1
                @Override // org.apache.wicket.ajax.form.AjaxFormComponentUpdatingBehavior
                protected void onUpdate(AjaxRequestTarget ajaxRequestTarget) {
                }
            });
            TextField<String> textField2 = new TextField<>("chainTestResult", new PropertyModel(this, "chainTestResult"));
            this.chainTestResultField = textField2;
            add(textField2);
            this.chainTestResultField.setEnabled(false);
            this.chainTestResultField.setOutputMarkupId(true);
            DropDownChoice<HTTPMethod> dropDownChoice = new DropDownChoice<>("httpMethod", new PropertyModel(this, "httpMethod"), (List<? extends HTTPMethod>) Arrays.asList(HTTPMethod.values()));
            this.httpMethodChoice = dropDownChoice;
            add(dropDownChoice);
            this.httpMethodChoice.setOutputMarkupId(true);
            this.httpMethodChoice.setNullValid(false);
            this.httpMethodChoice.add(new OnChangeAjaxBehavior() { // from class: org.geoserver.security.web.auth.AuthenticationPage.AuthFilterChainPanel.2
                @Override // org.apache.wicket.ajax.form.AjaxFormComponentUpdatingBehavior
                protected void onUpdate(AjaxRequestTarget ajaxRequestTarget) {
                }
            });
            add(new AjaxSubmitLink("chainTest") { // from class: org.geoserver.security.web.auth.AuthenticationPage.AuthFilterChainPanel.3
                @Override // org.apache.wicket.ajax.markup.html.form.AjaxSubmitLink
                protected void onSubmit(AjaxRequestTarget ajaxRequestTarget, Form<?> form) {
                    try {
                        String str2 = "NONE";
                        HttpServletRequest httpRequest = getHttpRequest();
                        Iterator<RequestFilterChain> it2 = AuthenticationPage.this.config.getFilterChain().getRequestChains().iterator();
                        while (true) {
                            if (!it2.hasNext()) {
                                break;
                            }
                            RequestFilterChain next = it2.next();
                            if (AuthFilterChainPanel.this.httpMethod != null && AuthFilterChainPanel.this.urlPath != null && getProxy().matcherForChain(next).matches(httpRequest)) {
                                str2 = next.getName();
                                break;
                            }
                        }
                        AuthFilterChainPanel.this.chainTestResultField.getModel().setObject(str2);
                        ajaxRequestTarget.add(AuthFilterChainPanel.this.chainTestResultField);
                    } catch (Exception e) {
                        error(e);
                        AuthenticationPage.LOGGER.log(Level.WARNING, "Connection error", (Throwable) e);
                        AuthenticationPage.this.addFeedbackPanels(ajaxRequestTarget);
                    }
                }

                protected GeoServerSecurityFilterChainProxy getProxy() {
                    return (GeoServerSecurityFilterChainProxy) GeoServerExtensions.bean(GeoServerSecurityFilterChainProxy.class);
                }

                HttpServletRequest getHttpRequest() {
                    return new HttpServletRequest() { // from class: org.geoserver.security.web.auth.AuthenticationPage.AuthFilterChainPanel.3.1
                        @Override // javax.servlet.ServletRequest
                        public void setCharacterEncoding(String str2) throws UnsupportedEncodingException {
                        }

                        @Override // javax.servlet.ServletRequest
                        public void setAttribute(String str2, Object obj) {
                        }

                        @Override // javax.servlet.ServletRequest
                        public void removeAttribute(String str2) {
                        }

                        @Override // javax.servlet.ServletRequest
                        public boolean isSecure() {
                            return false;
                        }

                        @Override // javax.servlet.ServletRequest
                        public int getServerPort() {
                            return 0;
                        }

                        @Override // javax.servlet.ServletRequest
                        public String getServerName() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public String getScheme() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public RequestDispatcher getRequestDispatcher(String str2) {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public int getRemotePort() {
                            return 0;
                        }

                        @Override // javax.servlet.ServletRequest
                        public String getRemoteHost() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public String getRemoteAddr() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public String getRealPath(String str2) {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public BufferedReader getReader() throws IOException {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public String getProtocol() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public String[] getParameterValues(String str2) {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public Enumeration getParameterNames() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public Map getParameterMap() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public String getParameter(String str2) {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public Enumeration getLocales() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public Locale getLocale() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public int getLocalPort() {
                            return 0;
                        }

                        @Override // javax.servlet.ServletRequest
                        public ServletContext getServletContext() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public AsyncContext startAsync() throws IllegalStateException {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public AsyncContext startAsync(ServletRequest servletRequest, ServletResponse servletResponse) throws IllegalStateException {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public boolean isAsyncStarted() {
                            return false;
                        }

                        @Override // javax.servlet.ServletRequest
                        public boolean isAsyncSupported() {
                            return false;
                        }

                        @Override // javax.servlet.ServletRequest
                        public AsyncContext getAsyncContext() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public DispatcherType getDispatcherType() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public String getLocalName() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public String getLocalAddr() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public ServletInputStream getInputStream() throws IOException {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public String getContentType() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public int getContentLength() {
                            return 0;
                        }

                        @Override // javax.servlet.ServletRequest
                        public String getCharacterEncoding() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public Enumeration getAttributeNames() {
                            return null;
                        }

                        @Override // javax.servlet.ServletRequest
                        public Object getAttribute(String str2) {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public boolean isUserInRole(String str2) {
                            return false;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public boolean isRequestedSessionIdValid() {
                            return false;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public boolean isRequestedSessionIdFromUrl() {
                            return false;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public boolean authenticate(HttpServletResponse httpServletResponse) throws IOException, ServletException {
                            return false;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public void login(String str2, String str3) throws ServletException {
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public void logout() throws ServletException {
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public Collection<Part> getParts() throws IOException, ServletException {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public Part getPart(String str2) throws IOException, ServletException {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public boolean isRequestedSessionIdFromURL() {
                            return false;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public boolean isRequestedSessionIdFromCookie() {
                            return false;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public Principal getUserPrincipal() {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public HttpSession getSession(boolean z) {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public HttpSession getSession() {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public String getServletPath() {
                            return "";
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public String getRequestedSessionId() {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public StringBuffer getRequestURL() {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public String getRequestURI() {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public String getRemoteUser() {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public String getQueryString() {
                            if (AuthFilterChainPanel.this.urlPath == null || AuthFilterChainPanel.this.urlPath.indexOf("?") == -1) {
                                return null;
                            }
                            return AuthFilterChainPanel.this.urlPath.substring(AuthFilterChainPanel.this.urlPath.indexOf("?") + 1);
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public String getPathTranslated() {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public String getPathInfo() {
                            return (AuthFilterChainPanel.this.urlPath == null || AuthFilterChainPanel.this.urlPath.indexOf("?") == -1) ? AuthFilterChainPanel.this.urlPath : AuthFilterChainPanel.this.urlPath.substring(0, AuthFilterChainPanel.this.urlPath.indexOf("?"));
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public String getMethod() {
                            return AuthFilterChainPanel.this.httpMethod.toString();
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public int getIntHeader(String str2) {
                            return 0;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public Enumeration getHeaders(String str2) {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public Enumeration getHeaderNames() {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public String getHeader(String str2) {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public long getDateHeader(String str2) {
                            return 0L;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public Cookie[] getCookies() {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public String getContextPath() {
                            return null;
                        }

                        @Override // javax.servlet.http.HttpServletRequest
                        public String getAuthType() {
                            return null;
                        }
                    };
                }
            }.setDefaultFormProcessing(false));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/gs-web-sec-core-2.18.7.jar:org/geoserver/security/web/auth/AuthenticationPage$AuthenticationChainPanel.class */
    public class AuthenticationChainPanel extends FormComponentPanel {
        public AuthenticationChainPanel(String str, Form form) {
            super(str, new Model());
            add(new AuthenticationChainPalette("authProviderNames"));
        }
    }

    public AuthenticationPage() {
        initComponents();
    }

    void initComponents() {
        this.config = getSecurityManager().getSecurityConfig();
        ArrayList arrayList = new ArrayList();
        Iterator<RequestFilterChain> it2 = this.config.getFilterChain().getRequestChains().iterator();
        while (it2.hasNext()) {
            try {
                arrayList.add((RequestFilterChain) it2.next().clone());
            } catch (CloneNotSupportedException e) {
                throw new RuntimeException(e);
            }
        }
        this.config.setFilterChain(new GeoServerSecurityFilterChain(arrayList));
        this.form = new Form<>("form", new CompoundPropertyModel(this.config));
        add(this.form);
        try {
            this.logoutFilterConfig = (LogoutFilterConfig) getSecurityManager().loadFilterConfig(GeoServerSecurityFilterChain.FORM_LOGOUT_FILTER);
            this.form.add(new TextField("redirectURL", new PropertyModel(this, "logoutFilterConfig.redirectURL")));
            try {
                this.sslFilterConfig = (SSLFilterConfig) getSecurityManager().loadFilterConfig(GeoServerSecurityFilterChain.SSL_FILTER);
                this.form.add(new TextField("sslPort", new PropertyModel(this, "sslFilterConfig.sslPort")));
                this.form.add(new CheckBox("bfEnabled", new PropertyModel(this, "config.bruteForcePrevention.enabled")));
                final TextField textField = new TextField("bfMinDelaySeconds", new PropertyModel(this, "config.bruteForcePrevention.minDelaySeconds"));
                textField.add(RangeValidator.minimum(0));
                this.form.add(textField);
                final TextField textField2 = new TextField("bfMaxDelaySeconds", new PropertyModel(this, "config.bruteForcePrevention.maxDelaySeconds"));
                textField2.add(RangeValidator.minimum(0));
                this.form.add(textField2);
                TextField<List<String>> textField3 = new TextField<List<String>>("bfWhitelistedNetmasks", new PropertyModel(this, "config.bruteForcePrevention.whitelistedMasks")) { // from class: org.geoserver.security.web.auth.AuthenticationPage.1
                    @Override // org.apache.wicket.Component, org.apache.wicket.IConverterLocator
                    public <C> IConverter<C> getConverter(Class<C> cls) {
                        return new CommaSeparatedListConverter();
                    }
                };
                textField3.add(new IValidator<List<String>>() { // from class: org.geoserver.security.web.auth.AuthenticationPage.2
                    @Override // org.apache.wicket.validation.IValidator
                    public void validate(IValidatable<List<String>> iValidatable) {
                        for (String str : iValidatable.getValue()) {
                            try {
                                new IpAddressMatcher(str);
                            } catch (Exception e2) {
                                AuthenticationPage.this.form.error(new ParamResourceModel("invalidMask", AuthenticationPage.this.getPage(), str).getString());
                            }
                        }
                    }
                });
                this.form.add(textField3);
                this.form.add(new AbstractFormValidator() { // from class: org.geoserver.security.web.auth.AuthenticationPage.3
                    /* JADX WARN: Multi-variable type inference failed */
                    @Override // org.apache.wicket.markup.html.form.validation.IFormValidator
                    public void validate(Form<?> form) {
                        if (((Integer) textField2.getConvertedInput()).intValue() < ((Integer) textField.getConvertedInput()).intValue()) {
                            form.error(new ParamResourceModel("bfInvalidMinMax", AuthenticationPage.this.getPage(), new Object[0]).getString());
                        }
                    }

                    @Override // org.apache.wicket.markup.html.form.validation.IFormValidator
                    public FormComponent<?>[] getDependentFormComponents() {
                        return new FormComponent[]{textField, textField2};
                    }
                });
                TextField textField4 = new TextField("bfMaxBlockedThreads", new PropertyModel(this, "config.bruteForcePrevention.maxBlockedThreads"));
                textField4.add(RangeValidator.minimum(0));
                this.form.add(textField4);
                this.form.add(new AuthenticationFiltersPanel("authFilters"));
                this.form.add(new HelpLink("authFiltersHelp").setDialog(this.dialog));
                this.form.add(new AuthenticationProvidersPanel("authProviders"));
                this.form.add(new HelpLink("authProvidersHelp").setDialog(this.dialog));
                this.form.add(new SecurityFilterChainsPanel("authChains", this.config));
                this.form.add(new HelpLink("authChainsHelp").setDialog(this.dialog));
                Form<SecurityManagerConfig> form = this.form;
                AuthFilterChainPanel authFilterChainPanel = new AuthFilterChainPanel("filterChain", new PropertyModel(this.form.getModel(), "filterChain"));
                this.authFilterChainPanel = authFilterChainPanel;
                form.add(authFilterChainPanel);
                this.form.add(new HelpLink("filterChainHelp").setDialog(this.dialog));
                this.form.add(new AuthenticationChainPanel("providerChain", this.form));
                this.form.add(new HelpLink("providerChainHelp").setDialog(this.dialog));
                this.form.add(new SubmitLink("save", this.form) { // from class: org.geoserver.security.web.auth.AuthenticationPage.4
                    @Override // org.apache.wicket.markup.html.form.SubmitLink, org.apache.wicket.markup.html.form.IFormSubmitter
                    public void onSubmit() {
                        try {
                            AuthenticationPage.this.getSecurityManager().saveSecurityConfig((SecurityManagerConfig) getForm().getModelObject());
                            AuthenticationPage.this.getSecurityManager().saveFilter(AuthenticationPage.this.logoutFilterConfig);
                            AuthenticationPage.this.getSecurityManager().saveFilter(AuthenticationPage.this.sslFilterConfig);
                            AuthenticationPage.this.doReturn();
                        } catch (Exception e2) {
                            AuthenticationPage.LOGGER.log(Level.WARNING, "Error saving authentication config", (Throwable) e2);
                            error(e2);
                        }
                    }
                });
                this.form.add(new Link(JAffineTransformChooser.Dialog.ACTION_COMMAND_CANCEL) { // from class: org.geoserver.security.web.auth.AuthenticationPage.5
                    @Override // org.apache.wicket.markup.html.link.Link
                    public void onClick() {
                        AuthenticationPage.this.doReturn();
                    }
                });
            } catch (IOException e2) {
                throw new RuntimeException(e2);
            }
        } catch (IOException e3) {
            throw new RuntimeException(e3);
        }
    }

    public void updateChainComponents() {
        this.form.replace(new SecurityFilterChainsPanel("authChains", this.config));
    }
}
