package org.geoserver.security.web.auth;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.lang.invoke.SerializedLambda;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.logging.Level;
import javax.servlet.AsyncContext;
import javax.servlet.DispatcherType;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpUpgradeHandler;
import javax.servlet.http.Part;
import org.apache.wicket.Component;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.ajax.form.OnChangeAjaxBehavior;
import org.apache.wicket.ajax.markup.html.form.AjaxSubmitLink;
import org.apache.wicket.behavior.Behavior;
import org.apache.wicket.markup.html.form.CheckBox;
import org.apache.wicket.markup.html.form.DropDownChoice;
import org.apache.wicket.markup.html.form.Form;
import org.apache.wicket.markup.html.form.FormComponent;
import org.apache.wicket.markup.html.form.FormComponentPanel;
import org.apache.wicket.markup.html.form.SubmitLink;
import org.apache.wicket.markup.html.form.TextField;
import org.apache.wicket.markup.html.form.validation.AbstractFormValidator;
import org.apache.wicket.markup.html.link.Link;
import org.apache.wicket.model.CompoundPropertyModel;
import org.apache.wicket.model.IModel;
import org.apache.wicket.model.Model;
import org.apache.wicket.model.PropertyModel;
import org.apache.wicket.util.convert.IConverter;
import org.apache.wicket.validation.validator.RangeValidator;
import org.geoserver.platform.GeoServerExtensions;
import org.geoserver.security.GeoServerSecurityFilterChain;
import org.geoserver.security.GeoServerSecurityFilterChainProxy;
import org.geoserver.security.HTTPMethod;
import org.geoserver.security.RequestFilterChain;
import org.geoserver.security.config.LogoutFilterConfig;
import org.geoserver.security.config.SSLFilterConfig;
import org.geoserver.security.config.SecurityManagerConfig;
import org.geoserver.security.web.AbstractSecurityPage;
import org.geoserver.web.wicket.HelpLink;
import org.geoserver.web.wicket.ParamResourceModel;
import org.springframework.security.web.util.matcher.IpAddressMatcher;

/* loaded from: input_file:org/geoserver/security/web/auth/AuthenticationPage.class */
public class AuthenticationPage extends AbstractSecurityPage {
    Form<SecurityManagerConfig> form;
    LogoutFilterConfig logoutFilterConfig;
    SSLFilterConfig sslFilterConfig;
    SecurityManagerConfig config;
    AuthFilterChainPanel authFilterChainPanel;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/geoserver/security/web/auth/AuthenticationPage$AuthFilterChainPanel.class */
    public class AuthFilterChainPanel extends FormComponentPanel<GeoServerSecurityFilterChain> {
        DropDownChoice<HTTPMethod> httpMethodChoice;
        TextField<String> urlPathField;
        TextField<String> chainTestResultField;
        String urlPath;
        String chainTestResult;
        HTTPMethod httpMethod;

        /* JADX WARN: Type inference failed for: r4v8, types: [org.geoserver.security.web.auth.AuthenticationPage$AuthFilterChainPanel$3] */
        public AuthFilterChainPanel(String str, IModel<GeoServerSecurityFilterChain> iModel) {
            super(str, new Model());
            this.httpMethod = HTTPMethod.GET;
            setOutputMarkupId(true);
            TextField<String> textField = new TextField<>("urlPath", new PropertyModel(this, "urlPath"));
            this.urlPathField = textField;
            add(new Component[]{textField});
            this.urlPathField.setOutputMarkupId(true);
            this.urlPathField.add(new Behavior[]{new OnChangeAjaxBehavior() { // from class: org.geoserver.security.web.auth.AuthenticationPage.AuthFilterChainPanel.1
                protected void onUpdate(AjaxRequestTarget ajaxRequestTarget) {
                }
            }});
            TextField<String> textField2 = new TextField<>("chainTestResult", new PropertyModel(this, "chainTestResult"));
            this.chainTestResultField = textField2;
            add(new Component[]{textField2});
            this.chainTestResultField.setEnabled(false);
            this.chainTestResultField.setOutputMarkupId(true);
            DropDownChoice<HTTPMethod> dropDownChoice = new DropDownChoice<>("httpMethod", new PropertyModel(this, "httpMethod"), Arrays.asList(HTTPMethod.values()));
            this.httpMethodChoice = dropDownChoice;
            add(new Component[]{dropDownChoice});
            this.httpMethodChoice.setOutputMarkupId(true);
            this.httpMethodChoice.setNullValid(false);
            this.httpMethodChoice.add(new Behavior[]{new OnChangeAjaxBehavior() { // from class: org.geoserver.security.web.auth.AuthenticationPage.AuthFilterChainPanel.2
                protected void onUpdate(AjaxRequestTarget ajaxRequestTarget) {
                }
            }});
            add(new Component[]{new AjaxSubmitLink("chainTest") { // from class: org.geoserver.security.web.auth.AuthenticationPage.AuthFilterChainPanel.3
                protected void onSubmit(AjaxRequestTarget ajaxRequestTarget) {
                    try {
                        String str2 = "NONE";
                        HttpServletRequest httpRequest = getHttpRequest();
                        Iterator it = AuthenticationPage.this.config.getFilterChain().getRequestChains().iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            RequestFilterChain requestFilterChain = (RequestFilterChain) it.next();
                            if (AuthFilterChainPanel.this.httpMethod != null && AuthFilterChainPanel.this.urlPath != null && getProxy().matcherForChain(requestFilterChain).matches(httpRequest)) {
                                str2 = requestFilterChain.getName();
                                break;
                            }
                        }
                        AuthFilterChainPanel.this.chainTestResultField.getModel().setObject(str2);
                        ajaxRequestTarget.add(new Component[]{AuthFilterChainPanel.this.chainTestResultField});
                    } catch (Exception e) {
                        error(e);
                        AuthenticationPage.LOGGER.log(Level.WARNING, "Connection error", (Throwable) e);
                        AuthenticationPage.this.addFeedbackPanels(ajaxRequestTarget);
                    }
                }

                protected GeoServerSecurityFilterChainProxy getProxy() {
                    return (GeoServerSecurityFilterChainProxy) GeoServerExtensions.bean(GeoServerSecurityFilterChainProxy.class);
                }

                HttpServletRequest getHttpRequest() {
                    return new HttpServletRequest() { // from class: org.geoserver.security.web.auth.AuthenticationPage.AuthFilterChainPanel.3.1
                        public void setCharacterEncoding(String str2) throws UnsupportedEncodingException {
                        }

                        public void setAttribute(String str2, Object obj) {
                        }

                        public void removeAttribute(String str2) {
                        }

                        public boolean isSecure() {
                            return false;
                        }

                        public int getServerPort() {
                            return 0;
                        }

                        public String getServerName() {
                            return null;
                        }

                        public String getScheme() {
                            return null;
                        }

                        public RequestDispatcher getRequestDispatcher(String str2) {
                            return null;
                        }

                        public int getRemotePort() {
                            return 0;
                        }

                        public String getRemoteHost() {
                            return null;
                        }

                        public String getRemoteAddr() {
                            return null;
                        }

                        public String getRealPath(String str2) {
                            return null;
                        }

                        public BufferedReader getReader() throws IOException {
                            return null;
                        }

                        public String getProtocol() {
                            return null;
                        }

                        public String[] getParameterValues(String str2) {
                            return null;
                        }

                        public Enumeration<String> getParameterNames() {
                            return null;
                        }

                        public Map<String, String[]> getParameterMap() {
                            return null;
                        }

                        public String getParameter(String str2) {
                            return null;
                        }

                        public Enumeration<Locale> getLocales() {
                            return null;
                        }

                        public Locale getLocale() {
                            return null;
                        }

                        public int getLocalPort() {
                            return 0;
                        }

                        public ServletContext getServletContext() {
                            return null;
                        }

                        public AsyncContext startAsync() throws IllegalStateException {
                            return null;
                        }

                        public AsyncContext startAsync(ServletRequest servletRequest, ServletResponse servletResponse) throws IllegalStateException {
                            return null;
                        }

                        public boolean isAsyncStarted() {
                            return false;
                        }

                        public boolean isAsyncSupported() {
                            return false;
                        }

                        public AsyncContext getAsyncContext() {
                            return null;
                        }

                        public DispatcherType getDispatcherType() {
                            return null;
                        }

                        public String getLocalName() {
                            return null;
                        }

                        public String getLocalAddr() {
                            return null;
                        }

                        public ServletInputStream getInputStream() throws IOException {
                            return null;
                        }

                        public String getContentType() {
                            return null;
                        }

                        public int getContentLength() {
                            return 0;
                        }

                        public long getContentLengthLong() {
                            return 0L;
                        }

                        public String getCharacterEncoding() {
                            return null;
                        }

                        public Enumeration<String> getAttributeNames() {
                            return null;
                        }

                        public Object getAttribute(String str2) {
                            return null;
                        }

                        public boolean isUserInRole(String str2) {
                            return false;
                        }

                        public boolean isRequestedSessionIdValid() {
                            return false;
                        }

                        public boolean isRequestedSessionIdFromUrl() {
                            return false;
                        }

                        public boolean authenticate(HttpServletResponse httpServletResponse) throws IOException, ServletException {
                            return false;
                        }

                        public void login(String str2, String str3) throws ServletException {
                        }

                        public void logout() throws ServletException {
                        }

                        public Collection<Part> getParts() throws IOException, ServletException {
                            return null;
                        }

                        public Part getPart(String str2) throws IOException, ServletException {
                            return null;
                        }

                        public <T extends HttpUpgradeHandler> T upgrade(Class<T> cls) throws IOException, ServletException {
                            return null;
                        }

                        public boolean isRequestedSessionIdFromURL() {
                            return false;
                        }

                        public boolean isRequestedSessionIdFromCookie() {
                            return false;
                        }

                        public Principal getUserPrincipal() {
                            return null;
                        }

                        public HttpSession getSession(boolean z) {
                            return null;
                        }

                        public HttpSession getSession() {
                            return null;
                        }

                        public String changeSessionId() {
                            return null;
                        }

                        public String getServletPath() {
                            return "";
                        }

                        public String getRequestedSessionId() {
                            return null;
                        }

                        public StringBuffer getRequestURL() {
                            return null;
                        }

                        public String getRequestURI() {
                            return null;
                        }

                        public String getRemoteUser() {
                            return null;
                        }

                        public String getQueryString() {
                            if (AuthFilterChainPanel.this.urlPath == null || AuthFilterChainPanel.this.urlPath.indexOf("?") == -1) {
                                return null;
                            }
                            return AuthFilterChainPanel.this.urlPath.substring(AuthFilterChainPanel.this.urlPath.indexOf("?") + 1);
                        }

                        public String getPathTranslated() {
                            return null;
                        }

                        public String getPathInfo() {
                            return (AuthFilterChainPanel.this.urlPath == null || AuthFilterChainPanel.this.urlPath.indexOf("?") == -1) ? AuthFilterChainPanel.this.urlPath : AuthFilterChainPanel.this.urlPath.substring(0, AuthFilterChainPanel.this.urlPath.indexOf("?"));
                        }

                        public String getMethod() {
                            return AuthFilterChainPanel.this.httpMethod.toString();
                        }

                        public int getIntHeader(String str2) {
                            return 0;
                        }

                        public Enumeration<String> getHeaders(String str2) {
                            return null;
                        }

                        public Enumeration<String> getHeaderNames() {
                            return null;
                        }

                        public String getHeader(String str2) {
                            return null;
                        }

                        public long getDateHeader(String str2) {
                            return 0L;
                        }

                        public Cookie[] getCookies() {
                            return null;
                        }

                        public String getContextPath() {
                            return null;
                        }

                        public String getAuthType() {
                            return null;
                        }
                    };
                }
            }.setDefaultFormProcessing(false)});
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/geoserver/security/web/auth/AuthenticationPage$AuthenticationChainPanel.class */
    public class AuthenticationChainPanel extends FormComponentPanel<SecurityManagerConfig> {
        public AuthenticationChainPanel(String str) {
            super(str, new Model());
            add(new Component[]{new AuthenticationChainPalette("authProviderNames")});
        }
    }

    public AuthenticationPage() {
        initComponents();
    }

    void initComponents() {
        this.config = getSecurityManager().getSecurityConfig();
        ArrayList arrayList = new ArrayList();
        Iterator it = this.config.getFilterChain().getRequestChains().iterator();
        while (it.hasNext()) {
            try {
                arrayList.add((RequestFilterChain) ((RequestFilterChain) it.next()).clone());
            } catch (CloneNotSupportedException e) {
                throw new RuntimeException(e);
            }
        }
        this.config.setFilterChain(new GeoServerSecurityFilterChain(arrayList));
        this.form = new Form<>("form", new CompoundPropertyModel(this.config));
        add(new Component[]{this.form});
        try {
            this.logoutFilterConfig = getSecurityManager().loadFilterConfig("formLogout", true);
            this.form.add(new Component[]{new TextField("redirectURL", new PropertyModel(this, "logoutFilterConfig.redirectURL"))});
            try {
                this.sslFilterConfig = getSecurityManager().loadFilterConfig("sslFilter", true);
                this.form.add(new Component[]{new TextField("sslPort", new PropertyModel(this, "sslFilterConfig.sslPort"))});
                this.form.add(new Component[]{new CheckBox("bfEnabled", new PropertyModel(this, "config.bruteForcePrevention.enabled"))});
                final Component textField = new TextField("bfMinDelaySeconds", new PropertyModel(this, "config.bruteForcePrevention.minDelaySeconds"));
                textField.add(RangeValidator.minimum(0));
                this.form.add(new Component[]{textField});
                final Component textField2 = new TextField("bfMaxDelaySeconds", new PropertyModel(this, "config.bruteForcePrevention.maxDelaySeconds"));
                textField2.add(RangeValidator.minimum(0));
                this.form.add(new Component[]{textField2});
                Component component = new TextField<List<String>>("bfWhitelistedNetmasks", new PropertyModel(this, "config.bruteForcePrevention.whitelistedMasks")) { // from class: org.geoserver.security.web.auth.AuthenticationPage.1
                    public <C> IConverter<C> getConverter(Class<C> cls) {
                        return new CommaSeparatedListConverter();
                    }
                };
                component.add(iValidatable -> {
                    for (String str : (List) iValidatable.getValue()) {
                        try {
                            new IpAddressMatcher(str);
                        } catch (Exception e2) {
                            this.form.error(new ParamResourceModel("invalidMask", getPage(), new Object[]{str}).getString());
                        }
                    }
                });
                this.form.add(new Component[]{component});
                this.form.add(new AbstractFormValidator() { // from class: org.geoserver.security.web.auth.AuthenticationPage.2
                    public void validate(Form<?> form) {
                        if (((Integer) textField2.getConvertedInput()).intValue() < ((Integer) textField.getConvertedInput()).intValue()) {
                            form.error(new ParamResourceModel("bfInvalidMinMax", AuthenticationPage.this.getPage(), new Object[0]).getString());
                        }
                    }

                    public FormComponent<?>[] getDependentFormComponents() {
                        return new FormComponent[]{textField, textField2};
                    }
                });
                Component textField3 = new TextField("bfMaxBlockedThreads", new PropertyModel(this, "config.bruteForcePrevention.maxBlockedThreads"));
                textField3.add(RangeValidator.minimum(0));
                this.form.add(new Component[]{textField3});
                this.form.add(new Component[]{new AuthenticationFiltersPanel("authFilters")});
                this.form.add(new Component[]{new HelpLink("authFiltersHelp").setDialog(this.dialog)});
                this.form.add(new Component[]{new AuthenticationProvidersPanel("authProviders")});
                this.form.add(new Component[]{new HelpLink("authProvidersHelp").setDialog(this.dialog)});
                this.form.add(new Component[]{new SecurityFilterChainsPanel("authChains", this.config)});
                this.form.add(new Component[]{new HelpLink("authChainsHelp").setDialog(this.dialog)});
                Form<SecurityManagerConfig> form = this.form;
                AuthFilterChainPanel authFilterChainPanel = new AuthFilterChainPanel("filterChain", new PropertyModel(this.form.getModel(), "filterChain"));
                this.authFilterChainPanel = authFilterChainPanel;
                form.add(new Component[]{authFilterChainPanel});
                this.form.add(new Component[]{new HelpLink("filterChainHelp").setDialog(this.dialog)});
                this.form.add(new Component[]{new AuthenticationChainPanel("providerChain")});
                this.form.add(new Component[]{new HelpLink("providerChainHelp").setDialog(this.dialog)});
                this.form.add(new Component[]{new SubmitLink("save", this.form) { // from class: org.geoserver.security.web.auth.AuthenticationPage.3
                    public void onSubmit() {
                        try {
                            AuthenticationPage.this.getSecurityManager().saveSecurityConfig((SecurityManagerConfig) getForm().getModelObject());
                            AuthenticationPage.this.getSecurityManager().saveFilter(AuthenticationPage.this.logoutFilterConfig);
                            AuthenticationPage.this.getSecurityManager().saveFilter(AuthenticationPage.this.sslFilterConfig);
                            AuthenticationPage.this.doReturn();
                        } catch (Exception e2) {
                            AuthenticationPage.LOGGER.log(Level.WARNING, "Error saving authentication config", (Throwable) e2);
                            error(e2);
                        }
                    }
                }});
                this.form.add(new Component[]{new Link<Object>("cancel") { // from class: org.geoserver.security.web.auth.AuthenticationPage.4
                    public void onClick() {
                        AuthenticationPage.this.doReturn();
                    }
                }});
            } catch (IOException e2) {
                throw new RuntimeException(e2);
            }
        } catch (IOException e3) {
            throw new RuntimeException(e3);
        }
    }

    public void updateChainComponents() {
        this.form.replace(new SecurityFilterChainsPanel("authChains", this.config));
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case 274786426:
                if (implMethodName.equals("lambda$initComponents$a0facf76$1")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 7 && serializedLambda.getFunctionalInterfaceClass().equals("org/apache/wicket/validation/IValidator") && serializedLambda.getFunctionalInterfaceMethodName().equals("validate") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/apache/wicket/validation/IValidatable;)V") && serializedLambda.getImplClass().equals("org/geoserver/security/web/auth/AuthenticationPage") && serializedLambda.getImplMethodSignature().equals("(Lorg/apache/wicket/validation/IValidatable;)V")) {
                    AuthenticationPage authenticationPage = (AuthenticationPage) serializedLambda.getCapturedArg(0);
                    return iValidatable -> {
                        for (String str : (List) iValidatable.getValue()) {
                            try {
                                new IpAddressMatcher(str);
                            } catch (Exception e2) {
                                this.form.error(new ParamResourceModel("invalidMask", getPage(), new Object[]{str}).getString());
                            }
                        }
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
