package org.apache.sling.auth.core.impl;

import java.io.IOException;
import javax.servlet.Servlet;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.auth.Authenticator;
import org.apache.sling.api.auth.NoAuthenticationHandlerException;
import org.apache.sling.api.servlets.SlingAllMethodsServlet;
import org.apache.sling.auth.core.AuthUtil;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.osgi.service.component.propertytypes.ServiceDescription;
import org.osgi.service.component.propertytypes.ServiceVendor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ServiceDescription("Authenticator Login Servlet")
@ServiceVendor("The Apache Software Foundation")
@Component(service = {Servlet.class}, property = {"sling.servlet.methods=GET", "sling.servlet.methods=POST", "sling.servlet.paths=/system/sling/login"})
/* loaded from: input_file:org/apache/sling/auth/core/impl/LoginServlet.class */
public class LoginServlet extends SlingAllMethodsServlet {
    private static final long serialVersionUID = -8797082194403667968L;
    private final transient Logger log = LoggerFactory.getLogger(getClass());

    @Reference(policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.OPTIONAL)
    private volatile Authenticator authenticator;
    public static final String SERVLET_PATH = "/system/sling/login";

    protected void service(SlingHttpServletRequest slingHttpServletRequest, SlingHttpServletResponse slingHttpServletResponse) throws IOException {
        if (slingHttpServletRequest.getAuthType() != null && isSelf(AuthUtil.getLoginResource(slingHttpServletRequest, null))) {
            String str = slingHttpServletRequest.getContextPath() + "/";
            this.log.warn("doGet: Redirecting to {} to prevent login loop for resource", str);
            slingHttpServletResponse.sendRedirect(str);
            return;
        }
        Authenticator authenticator = this.authenticator;
        if (authenticator != null) {
            try {
                AuthUtil.setLoginResourceAttribute(slingHttpServletRequest, null);
                authenticator.login(slingHttpServletRequest, slingHttpServletResponse);
                return;
            } catch (IllegalStateException e) {
                this.log.error("doGet: Response already committed, cannot login");
                return;
            } catch (NoAuthenticationHandlerException e2) {
                this.log.error("doGet: No AuthenticationHandler to login registered");
            }
        } else {
            this.log.error("doGet: Authenticator service missing, cannot login");
        }
        slingHttpServletResponse.sendError(403, "Cannot login");
    }

    private boolean isSelf(String str) {
        if (str == null) {
            return true;
        }
        return str.startsWith(SERVLET_PATH);
    }
}
