package com.day.cq.auth.impl;

import java.io.IOException;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.servlets.SlingSafeMethodsServlet;
import org.apache.sling.auth.core.spi.AbstractAuthenticationHandler;
import org.apache.sling.commons.auth.Authenticator;
import org.apache.sling.commons.auth.NoAuthenticationHandlerException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/day/cq/auth/impl/LoginServlet.class */
public class LoginServlet extends SlingSafeMethodsServlet {
    private final Logger log = LoggerFactory.getLogger(getClass());
    private static final String[] LOGIN_SERVLET_PATH = {"/bin/login", "/login"};
    private Authenticator authenticator;

    protected void doGet(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse) throws IOException {
        if (slingHttpServletRequest.getAuthType() != null) {
            String parameter = slingHttpServletRequest.getParameter("resource");
            if (isSelf(parameter)) {
                String str = slingHttpServletRequest.getContextPath() + "/";
                this.log.warn("doGet: Redirecting to {} to prevent login loop for resource {}", str, parameter);
                slingHttpServletResponse.sendRedirect(str);
                return;
            }
        }
        Authenticator authenticator = this.authenticator;
        if (authenticator != null) {
            try {
                slingHttpServletRequest.setAttribute("cq.authhandler.dologin", true);
                AbstractAuthenticationHandler.setLoginResourceAttribute(slingHttpServletRequest, slingHttpServletRequest.getContextPath());
                authenticator.login(slingHttpServletRequest, slingHttpServletResponse);
                return;
            } catch (IllegalStateException e) {
                this.log.error("doGet: Response already committed, cannot login");
                return;
            } catch (NoAuthenticationHandlerException e2) {
                this.log.error("doGet: No AuthenticationHandler to login registered");
            }
        } else {
            this.log.error("doGet: Authenticator service missing, cannot request authentication");
        }
        slingHttpServletResponse.sendError(403, "Cannot login");
    }

    private boolean isSelf(String str) {
        if (str == null) {
            return true;
        }
        for (String str2 : LOGIN_SERVLET_PATH) {
            if (str.startsWith(str2)) {
                return true;
            }
        }
        return false;
    }
}
