package org.pac4j.core.util;

import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.text.StringEscapeUtils;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.context.WebContextHelper;
import org.pac4j.core.exception.http.AutomaticFormPostAction;
import org.pac4j.core.exception.http.ForbiddenAction;
import org.pac4j.core.exception.http.FoundAction;
import org.pac4j.core.exception.http.HttpAction;
import org.pac4j.core.exception.http.OkAction;
import org.pac4j.core.exception.http.RedirectionAction;
import org.pac4j.core.exception.http.SeeOtherAction;
import org.pac4j.core.exception.http.UnauthorizedAction;

/* loaded from: input_file:WEB-INF/lib/pac4j-core-6.1.3.jar:org/pac4j/core/util/HttpActionHelper.class */
public final class HttpActionHelper {
    private static boolean useModernHttpCodes = true;
    private static boolean alwaysUse401ForUnauthenticated = true;

    public static HttpAction buildUnauthenticatedAction(WebContext webContext) {
        boolean isPresent = webContext.getResponseHeader("WWW-Authenticate").isPresent();
        if (!alwaysUse401ForUnauthenticated) {
            return isPresent ? new UnauthorizedAction() : new ForbiddenAction();
        }
        if (!isPresent) {
            webContext.setResponseHeader("WWW-Authenticate", "Bearer realm=\"pac4j\"");
        }
        return new UnauthorizedAction();
    }

    public static RedirectionAction buildRedirectUrlAction(WebContext webContext, String str) {
        return (WebContextHelper.isPost(webContext) && useModernHttpCodes) ? new SeeOtherAction(str) : new FoundAction(str);
    }

    public static RedirectionAction buildFormPostContentAction(WebContext webContext, String str) {
        if (str != null && str.contains("onload=\"document.forms[0].submit()\"")) {
            String unescapeHtml4 = StringEscapeUtils.unescapeHtml4(StringUtils.substringBetween(str, "<form action=\"", "\" method=\"post\">"));
            if (StringUtils.isNotBlank(unescapeHtml4)) {
                HashMap hashMap = new HashMap();
                String unescapeHtml42 = StringEscapeUtils.unescapeHtml4(StringUtils.substringBetween(str, "name=\"SAMLRequest\" value=\"", "\"/>"));
                if (StringUtils.isNotBlank(unescapeHtml42)) {
                    hashMap.put("SAMLRequest", unescapeHtml42);
                }
                String unescapeHtml43 = StringEscapeUtils.unescapeHtml4(StringUtils.substringBetween(str, "name=\"RelayState\" value=\"", "\"/>"));
                if (StringUtils.isNotBlank(unescapeHtml43)) {
                    hashMap.put("RelayState", unescapeHtml43);
                }
                String unescapeHtml44 = StringEscapeUtils.unescapeHtml4(StringUtils.substringBetween(str, "name=\"SAMLResponse\" value=\"", "\"/>"));
                if (StringUtils.isNotBlank(unescapeHtml44)) {
                    hashMap.put("SAMLResponse", unescapeHtml44);
                }
                return new AutomaticFormPostAction(unescapeHtml4, hashMap, str);
            }
        }
        return new OkAction(str);
    }

    public static String buildFormPostContent(WebContext webContext) {
        String fullRequestURL = webContext.getFullRequestURL();
        Map<String, String[]> requestParameters = webContext.getRequestParameters();
        StringBuilder sb = new StringBuilder();
        sb.append("<html>\n");
        sb.append("<body>\n");
        sb.append("<form action=\"" + StringEscapeUtils.escapeHtml4(fullRequestURL) + "\" name=\"f\" method=\"post\">\n");
        if (requestParameters != null) {
            for (Map.Entry<String, String[]> entry : requestParameters.entrySet()) {
                String[] value = entry.getValue();
                if (value != null && value.length > 0) {
                    sb.append("<input type='hidden' name=\"" + StringEscapeUtils.escapeHtml4(entry.getKey()) + "\" value=\"" + StringEscapeUtils.escapeHtml4(value[0]) + "\" />\n");
                }
            }
        }
        sb.append("<input value='POST' type='submit' />\n");
        sb.append("</form>\n");
        sb.append("<script type='text/javascript'>document.forms['f'].submit();</script>\n");
        sb.append("</body>\n");
        sb.append("</html>\n");
        return sb.toString();
    }

    public static boolean isUseModernHttpCodes() {
        return useModernHttpCodes;
    }

    public static void setUseModernHttpCodes(boolean z) {
        useModernHttpCodes = z;
    }

    public static boolean isAlwaysUse401ForUnauthenticated() {
        return alwaysUse401ForUnauthenticated;
    }

    public static void setAlwaysUse401ForUnauthenticated(boolean z) {
        alwaysUse401ForUnauthenticated = z;
    }
}
