package io.yawp.plugin.appengine;

import java.io.IOException;
import java.security.Principal;
import javax.servlet.http.Cookie;
import org.mortbay.jetty.Request;
import org.mortbay.jetty.Response;
import org.mortbay.jetty.security.Authenticator;
import org.mortbay.jetty.security.UserRealm;

/* loaded from: input_file:io/yawp/plugin/appengine/AppengineAuthenticator.class */
public class AppengineAuthenticator implements Authenticator {
    private static final long serialVersionUID = 8961206693928060634L;
    private static final String LOGIN_URI = "/_ah/login";
    private static final String DEV_APPSERVER_LOGIN_COOKIE = "dev_appserver_login";
    private static final String CONTINUE_KEY = "continue";
    private static final Principal NOBODY = new Principal() { // from class: io.yawp.plugin.appengine.AppengineAuthenticator.1
        @Override // java.security.Principal
        public String getName() {
            return "Nobody";
        }
    };

    public Principal authenticate(UserRealm userRealm, String str, Request request, Response response) throws IOException {
        String appengineCookie = getAppengineCookie(request);
        return isUserLoggedIn(appengineCookie) ? authenticateInRealm(userRealm, appengineCookie, request) : isLoginUri(str) ? NOBODY : redirectToLogin(response, str);
    }

    public String getAuthMethod() {
        return "FORM";
    }

    private boolean isUserLoggedIn(String str) {
        return str != null;
    }

    private Principal authenticateInRealm(UserRealm userRealm, String str, Request request) {
        AppengineUser appengineUser = new AppengineUser(str);
        return userRealm.authenticate(appengineUser.getUsername(), appengineUser, request);
    }

    private Principal redirectToLogin(Response response, String str) throws IOException {
        response.sendRedirect(response.encodeRedirectURL(String.format("%s?%s=%s", LOGIN_URI, CONTINUE_KEY, str)));
        return null;
    }

    private String getAppengineCookie(Request request) {
        Cookie[] cookies = request.getCookies();
        if (cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            if (cookie.getName().equals(DEV_APPSERVER_LOGIN_COOKIE)) {
                return cookie.getValue();
            }
        }
        return null;
    }

    private boolean isLoginUri(String str) {
        return str.startsWith(LOGIN_URI);
    }
}
