package org.apache.shiro.web.util;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.Map;
import javax.servlet.ServletContext;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.support.DefaultSubjectContext;
import org.apache.shiro.util.StringUtils;
import org.apache.shiro.web.env.EnvironmentLoader;
import org.apache.shiro.web.env.WebEnvironment;
import org.owasp.encoder.Encode;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/shiro-web-1.5.3.jar:org/apache/shiro/web/util/WebUtils.class */
public class WebUtils {
    private static final Logger log = LoggerFactory.getLogger(WebUtils.class);
    public static final String SERVLET_REQUEST_KEY = ServletRequest.class.getName() + "_SHIRO_THREAD_CONTEXT_KEY";
    public static final String SERVLET_RESPONSE_KEY = ServletResponse.class.getName() + "_SHIRO_THREAD_CONTEXT_KEY";
    public static final String SAVED_REQUEST_KEY = "shiroSavedRequest";
    public static final String INCLUDE_REQUEST_URI_ATTRIBUTE = "javax.servlet.include.request_uri";
    public static final String INCLUDE_CONTEXT_PATH_ATTRIBUTE = "javax.servlet.include.context_path";
    public static final String INCLUDE_SERVLET_PATH_ATTRIBUTE = "javax.servlet.include.servlet_path";
    public static final String INCLUDE_PATH_INFO_ATTRIBUTE = "javax.servlet.include.path_info";
    public static final String INCLUDE_QUERY_STRING_ATTRIBUTE = "javax.servlet.include.query_string";
    public static final String FORWARD_REQUEST_URI_ATTRIBUTE = "javax.servlet.forward.request_uri";
    public static final String FORWARD_CONTEXT_PATH_ATTRIBUTE = "javax.servlet.forward.context_path";
    public static final String FORWARD_SERVLET_PATH_ATTRIBUTE = "javax.servlet.forward.servlet_path";
    public static final String FORWARD_PATH_INFO_ATTRIBUTE = "javax.servlet.forward.path_info";
    public static final String FORWARD_QUERY_STRING_ATTRIBUTE = "javax.servlet.forward.query_string";
    public static final String DEFAULT_CHARACTER_ENCODING = "ISO-8859-1";

    public static String getPathWithinApplication(HttpServletRequest httpServletRequest) {
        return normalize(removeSemicolon(getServletPath(httpServletRequest) + getPathInfo(httpServletRequest)));
    }

    @Deprecated
    public static String getRequestUri(HttpServletRequest httpServletRequest) {
        String str = (String) httpServletRequest.getAttribute("javax.servlet.include.request_uri");
        if (str == null) {
            str = httpServletRequest.getRequestURI();
        }
        return normalize(decodeAndCleanUriString(httpServletRequest, str));
    }

    private static String getServletPath(HttpServletRequest httpServletRequest) {
        String str = (String) httpServletRequest.getAttribute("javax.servlet.include.servlet_path");
        return str != null ? str : valueOrEmpty(httpServletRequest.getServletPath());
    }

    private static String getPathInfo(HttpServletRequest httpServletRequest) {
        String str = (String) httpServletRequest.getAttribute("javax.servlet.include.path_info");
        return str != null ? str : valueOrEmpty(httpServletRequest.getPathInfo());
    }

    private static String valueOrEmpty(String str) {
        return str == null ? "" : str;
    }

    public static String normalize(String str) {
        return normalize(str, true);
    }

    private static String normalize(String str, boolean z) {
        if (str == null) {
            return null;
        }
        String str2 = str;
        if (z && str2.indexOf(92) >= 0) {
            str2 = str2.replace('\\', '/');
        }
        if (str2.equals("/.")) {
            return "/";
        }
        if (!str2.startsWith("/")) {
            str2 = "/" + str2;
        }
        while (true) {
            int indexOf = str2.indexOf("//");
            if (indexOf < 0) {
                break;
            }
            str2 = str2.substring(0, indexOf) + str2.substring(indexOf + 1);
        }
        while (true) {
            int indexOf2 = str2.indexOf("/./");
            if (indexOf2 < 0) {
                break;
            }
            str2 = str2.substring(0, indexOf2) + str2.substring(indexOf2 + 2);
        }
        while (true) {
            int indexOf3 = str2.indexOf("/../");
            if (indexOf3 < 0) {
                return str2;
            }
            if (indexOf3 == 0) {
                return null;
            }
            str2 = str2.substring(0, str2.lastIndexOf(47, indexOf3 - 1)) + str2.substring(indexOf3 + 3);
        }
    }

    private static String decodeAndCleanUriString(HttpServletRequest httpServletRequest, String str) {
        return removeSemicolon(decodeRequestString(httpServletRequest, str));
    }

    private static String removeSemicolon(String str) {
        int indexOf = str.indexOf(59);
        return indexOf != -1 ? str.substring(0, indexOf) : str;
    }

    public static String getContextPath(HttpServletRequest httpServletRequest) {
        String str = (String) httpServletRequest.getAttribute("javax.servlet.include.context_path");
        if (str == null) {
            str = httpServletRequest.getContextPath();
        }
        String normalize = normalize(decodeRequestString(httpServletRequest, str));
        if ("/".equals(normalize)) {
            normalize = "";
        }
        return normalize;
    }

    public static WebEnvironment getRequiredWebEnvironment(ServletContext servletContext) throws IllegalStateException {
        WebEnvironment webEnvironment = getWebEnvironment(servletContext);
        if (webEnvironment == null) {
            throw new IllegalStateException("No WebEnvironment found: no EnvironmentLoaderListener registered?");
        }
        return webEnvironment;
    }

    public static WebEnvironment getWebEnvironment(ServletContext servletContext) {
        return getWebEnvironment(servletContext, EnvironmentLoader.ENVIRONMENT_ATTRIBUTE_KEY);
    }

    public static WebEnvironment getWebEnvironment(ServletContext servletContext, String str) {
        if (servletContext == null) {
            throw new IllegalArgumentException("ServletContext argument must not be null.");
        }
        Object attribute = servletContext.getAttribute(str);
        if (attribute == null) {
            return null;
        }
        if (attribute instanceof RuntimeException) {
            throw ((RuntimeException) attribute);
        }
        if (attribute instanceof Error) {
            throw ((Error) attribute);
        }
        if (attribute instanceof Exception) {
            throw new IllegalStateException((Exception) attribute);
        }
        if (attribute instanceof WebEnvironment) {
            return (WebEnvironment) attribute;
        }
        throw new IllegalStateException("Context attribute is not of type WebEnvironment: " + attribute);
    }

    public static String decodeRequestString(HttpServletRequest httpServletRequest, String str) {
        String determineEncoding = determineEncoding(httpServletRequest);
        try {
            return URLDecoder.decode(str, determineEncoding);
        } catch (UnsupportedEncodingException e) {
            if (log.isWarnEnabled()) {
                log.warn("Could not decode request string [" + Encode.forHtml(str) + "] with encoding '" + Encode.forHtml(determineEncoding) + "': falling back to platform default encoding; exception message: " + e.getMessage());
            }
            return URLDecoder.decode(str);
        }
    }

    protected static String determineEncoding(HttpServletRequest httpServletRequest) {
        String characterEncoding = httpServletRequest.getCharacterEncoding();
        if (characterEncoding == null) {
            characterEncoding = "ISO-8859-1";
        }
        return characterEncoding;
    }

    public static boolean isWeb(Object obj) {
        return (obj instanceof RequestPairSource) && isWeb((RequestPairSource) obj);
    }

    public static boolean isHttp(Object obj) {
        return (obj instanceof RequestPairSource) && isHttp((RequestPairSource) obj);
    }

    public static ServletRequest getRequest(Object obj) {
        if (obj instanceof RequestPairSource) {
            return ((RequestPairSource) obj).getServletRequest();
        }
        return null;
    }

    public static ServletResponse getResponse(Object obj) {
        if (obj instanceof RequestPairSource) {
            return ((RequestPairSource) obj).getServletResponse();
        }
        return null;
    }

    public static HttpServletRequest getHttpRequest(Object obj) {
        ServletRequest request = getRequest(obj);
        if (request instanceof HttpServletRequest) {
            return (HttpServletRequest) request;
        }
        return null;
    }

    public static HttpServletResponse getHttpResponse(Object obj) {
        ServletResponse response = getResponse(obj);
        if (response instanceof HttpServletResponse) {
            return (HttpServletResponse) response;
        }
        return null;
    }

    private static boolean isWeb(RequestPairSource requestPairSource) {
        return (requestPairSource.getServletRequest() == null || requestPairSource.getServletResponse() == null) ? false : true;
    }

    private static boolean isHttp(RequestPairSource requestPairSource) {
        return (requestPairSource.getServletRequest() instanceof HttpServletRequest) && (requestPairSource.getServletResponse() instanceof HttpServletResponse);
    }

    public static boolean _isSessionCreationEnabled(Object obj) {
        if (obj instanceof RequestPairSource) {
            return _isSessionCreationEnabled(((RequestPairSource) obj).getServletRequest());
        }
        return true;
    }

    public static boolean _isSessionCreationEnabled(ServletRequest servletRequest) {
        Object attribute;
        if (servletRequest == null || (attribute = servletRequest.getAttribute(DefaultSubjectContext.SESSION_CREATION_ENABLED)) == null || !(attribute instanceof Boolean)) {
            return true;
        }
        return ((Boolean) attribute).booleanValue();
    }

    public static HttpServletRequest toHttp(ServletRequest servletRequest) {
        return (HttpServletRequest) servletRequest;
    }

    public static HttpServletResponse toHttp(ServletResponse servletResponse) {
        return (HttpServletResponse) servletResponse;
    }

    public static void issueRedirect(ServletRequest servletRequest, ServletResponse servletResponse, String str, Map map, boolean z, boolean z2) throws IOException {
        new RedirectView(str, z, z2).renderMergedOutputModel(map, toHttp(servletRequest), toHttp(servletResponse));
    }

    public static void issueRedirect(ServletRequest servletRequest, ServletResponse servletResponse, String str) throws IOException {
        issueRedirect(servletRequest, servletResponse, str, null, true, true);
    }

    public static void issueRedirect(ServletRequest servletRequest, ServletResponse servletResponse, String str, Map map) throws IOException {
        issueRedirect(servletRequest, servletResponse, str, map, true, true);
    }

    public static void issueRedirect(ServletRequest servletRequest, ServletResponse servletResponse, String str, Map map, boolean z) throws IOException {
        issueRedirect(servletRequest, servletResponse, str, map, z, true);
    }

    public static boolean isTrue(ServletRequest servletRequest, String str) {
        String cleanParam = getCleanParam(servletRequest, str);
        return cleanParam != null && (cleanParam.equalsIgnoreCase("true") || cleanParam.equalsIgnoreCase("t") || cleanParam.equalsIgnoreCase("1") || cleanParam.equalsIgnoreCase("enabled") || cleanParam.equalsIgnoreCase("y") || cleanParam.equalsIgnoreCase("yes") || cleanParam.equalsIgnoreCase("on"));
    }

    public static String getCleanParam(ServletRequest servletRequest, String str) {
        return StringUtils.clean(servletRequest.getParameter(str));
    }

    public static void saveRequest(ServletRequest servletRequest) {
        SecurityUtils.getSubject().getSession().setAttribute(SAVED_REQUEST_KEY, new SavedRequest(toHttp(servletRequest)));
    }

    public static SavedRequest getAndClearSavedRequest(ServletRequest servletRequest) {
        SavedRequest savedRequest = getSavedRequest(servletRequest);
        if (savedRequest != null) {
            SecurityUtils.getSubject().getSession().removeAttribute(SAVED_REQUEST_KEY);
        }
        return savedRequest;
    }

    public static SavedRequest getSavedRequest(ServletRequest servletRequest) {
        SavedRequest savedRequest = null;
        Session session = SecurityUtils.getSubject().getSession(false);
        if (session != null) {
            savedRequest = (SavedRequest) session.getAttribute(SAVED_REQUEST_KEY);
        }
        return savedRequest;
    }

    public static void redirectToSavedRequest(ServletRequest servletRequest, ServletResponse servletResponse, String str) throws IOException {
        String str2 = null;
        boolean z = true;
        SavedRequest andClearSavedRequest = getAndClearSavedRequest(servletRequest);
        if (andClearSavedRequest != null && andClearSavedRequest.getMethod().equalsIgnoreCase("GET")) {
            str2 = andClearSavedRequest.getRequestUrl();
            z = false;
        }
        if (str2 == null) {
            str2 = str;
        }
        if (str2 == null) {
            throw new IllegalStateException("Success URL not available via saved request or via the successUrlFallback method parameter. One of these must be non-null for issueSuccessRedirect() to work.");
        }
        issueRedirect(servletRequest, servletResponse, str2, null, z);
    }
}
