package org.beangle.security.realm.cas;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
import java.net.URLEncoder;
import java.util.Arrays;
import org.beangle.commons.lang.Strings$;
import org.beangle.security.authc.AccountStatusException;
import org.beangle.security.authc.AuthenticationException;
import org.beangle.security.authc.UsernameNotFoundException;
import org.beangle.security.session.SessionException;
import org.beangle.security.web.EntryPoint;
import org.beangle.security.web.session.SessionIdReader;
import org.beangle.security.web.session.SessionIdReader$;
import org.beangle.web.servlet.url.UrlBuilder;
import org.beangle.web.servlet.util.CookieUtils$;
import org.beangle.web.servlet.util.RequestUtils$;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Predef$;
import scala.Some;
import scala.collection.ArrayOps$;
import scala.collection.immutable.Set;
import scala.collection.mutable.StringBuilder;
import scala.runtime.ScalaRunTime$;

/* compiled from: CasEntryPoint.scala */
/* loaded from: input_file:org/beangle/security/realm/cas/CasEntryPoint.class */
public class CasEntryPoint implements EntryPoint {
    private final CasConfig config;
    private DefaultLocalLoginStrategy localLoginStrategy = new DefaultLocalLoginStrategy();
    private Option sessionIdReader = None$.MODULE$;
    private boolean allowSessionIdAsParameter = true;

    public CasEntryPoint(CasConfig casConfig) {
        this.config = casConfig;
    }

    public CasConfig config() {
        return this.config;
    }

    public DefaultLocalLoginStrategy localLoginStrategy() {
        return this.localLoginStrategy;
    }

    public void localLoginStrategy_$eq(DefaultLocalLoginStrategy defaultLocalLoginStrategy) {
        this.localLoginStrategy = defaultLocalLoginStrategy;
    }

    public Option<SessionIdReader> sessionIdReader() {
        return this.sessionIdReader;
    }

    public void sessionIdReader_$eq(Option<SessionIdReader> option) {
        this.sessionIdReader = option;
    }

    public boolean allowSessionIdAsParameter() {
        return this.allowSessionIdAsParameter;
    }

    public void allowSessionIdAsParameter_$eq(boolean z) {
        this.allowSessionIdAsParameter = z;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) {
        Cas$.MODULE$.cleanup(config(), httpServletRequest, httpServletResponse);
        if (authenticationException != null && ((authenticationException instanceof UsernameNotFoundException) || (authenticationException instanceof AccountStatusException) || (authenticationException instanceof SessionException))) {
            PrintWriter writer = httpServletResponse.getWriter();
            writer.append((CharSequence) "<!DOCTYPE html>\n<html lang=\"zh_CN\"><head><meta http-equiv=\"content-type\" content=\"text/html;charset=utf-8\" /></head><body><p>");
            writer.append((CharSequence) String.valueOf(authenticationException.principal().toString())).append((CharSequence) authenticationException.getMessage());
            writer.append((CharSequence) "<p></body></html>");
            return;
        }
        if (config().gateway()) {
            if (httpServletRequest.getRequestURI().endsWith((String) config().localLoginUri().get()) && authenticationException != null) {
                throw authenticationException;
            }
            String localLoginUrl = localLoginUrl(httpServletRequest);
            CookieUtils$.MODULE$.addCookie(httpServletRequest, httpServletResponse, CasConfig$.MODULE$.ServiceName(), localLoginUrl, 1800);
            httpServletResponse.sendRedirect(casLoginUrl(localLoginUrl, httpServletRequest.getParameter("remote") != null));
            return;
        }
        Option<String> localLoginUri = config().localLoginUri();
        if (None$.MODULE$.equals(localLoginUri)) {
            httpServletResponse.sendRedirect(casLoginUrl(serviceUrl(httpServletRequest), false));
        } else {
            if (!(localLoginUri instanceof Some)) {
                throw new MatchError(localLoginUri);
            }
            if (isLocalLogin(httpServletRequest, authenticationException)) {
                httpServletResponse.sendRedirect(localLoginUrl(httpServletRequest));
            } else {
                httpServletResponse.sendRedirect(casLoginUrl(localLoginUrl(httpServletRequest), httpServletRequest.getParameter("remote") != null));
            }
        }
    }

    public String localLoginUrl(HttpServletRequest httpServletRequest) {
        String str = (String) config().localLoginUri().get();
        UrlBuilder urlBuilder = new UrlBuilder(httpServletRequest.getContextPath());
        urlBuilder.serverName_$eq(httpServletRequest.getServerName());
        urlBuilder.port_$eq(RequestUtils$.MODULE$.getServerPort(httpServletRequest));
        urlBuilder.scheme_$eq(RequestUtils$.MODULE$.isHttps(httpServletRequest) ? "https" : "http");
        urlBuilder.servletPath_$eq(str);
        if (httpServletRequest.getRequestURI().endsWith(str)) {
            urlBuilder.queryString_$eq(httpServletRequest.getQueryString());
        } else {
            StringBuilder stringBuilder = new StringBuilder();
            if (Strings$.MODULE$.isNotBlank(stringBuilder)) {
                stringBuilder.$plus$plus$eq(httpServletRequest.getQueryString());
                stringBuilder.$plus$plus$eq("&");
            }
            stringBuilder.$plus$plus$eq("service=");
            stringBuilder.$plus$plus$eq(URLEncoder.encode(serviceUrl(httpServletRequest), "UTF-8"));
            urlBuilder.queryString_$eq(stringBuilder.mkString());
        }
        return urlBuilder.buildUrl();
    }

    public String casLoginUrl(String str, boolean z) {
        String loginUrl = config().loginUrl();
        StringBuilder stringBuilder = new StringBuilder(loginUrl);
        stringBuilder.append(loginUrl.indexOf("?") != -1 ? "&" : "?");
        stringBuilder.append(CasConfig$.MODULE$.ServiceName() + "=" + URLEncoder.encode(str, "UTF-8"));
        if (!z) {
            stringBuilder.append(config().gateway() ? "&gateway=true" : "");
        }
        if (allowSessionIdAsParameter()) {
            sessionIdReader().foreach(sessionIdReader -> {
                return stringBuilder.append("&" + SessionIdReader$.MODULE$.SessionIdName() + "=" + sessionIdReader.idName());
            });
        }
        return stringBuilder.toString();
    }

    public String serviceUrl(HttpServletRequest httpServletRequest) {
        Set set;
        StringBuilder stringBuilder = new StringBuilder();
        String localServer = CasConfig$.MODULE$.getLocalServer(httpServletRequest);
        Some sessionIdReader = sessionIdReader();
        if (None$.MODULE$.equals(sessionIdReader)) {
            set = (Set) Predef$.MODULE$.Set().apply(ScalaRunTime$.MODULE$.wrapRefArray(new String[]{CasConfig$.MODULE$.TicketName()}));
        } else {
            if (!(sessionIdReader instanceof Some)) {
                throw new MatchError(sessionIdReader);
            }
            set = (Set) Predef$.MODULE$.Set().apply(ScalaRunTime$.MODULE$.wrapRefArray(new String[]{((SessionIdReader) sessionIdReader.value()).idName(), CasConfig$.MODULE$.TicketName()}));
        }
        Set set2 = set;
        stringBuilder.append(localServer).append(httpServletRequest.getRequestURI());
        String queryString = httpServletRequest.getQueryString();
        if (Strings$.MODULE$.isNotBlank(queryString)) {
            String[] split = Strings$.MODULE$.split(queryString, '&');
            Arrays.sort(split);
            StringBuilder stringBuilder2 = new StringBuilder();
            ArrayOps$.MODULE$.foreach$extension(Predef$.MODULE$.refArrayOps(split), str -> {
                int indexOf = str.indexOf(61);
                if (indexOf > 0) {
                    String substring = str.substring(0, indexOf);
                    if (set2.contains(substring)) {
                        return;
                    }
                    stringBuilder2.append("&").append(substring).append(str.substring(indexOf));
                }
            });
            if (stringBuilder2.nonEmpty()) {
                stringBuilder2.setCharAt(0, '?');
                stringBuilder.append(stringBuilder2);
            }
        }
        return stringBuilder.toString();
    }

    public boolean isLocalLogin(HttpServletRequest httpServletRequest, AuthenticationException authenticationException) {
        return localLoginStrategy().isLocalLogin(httpServletRequest, authenticationException);
    }

    public void remoteLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String localLoginUrl = localLoginUrl(httpServletRequest);
        CookieUtils$.MODULE$.addCookie(httpServletRequest, httpServletResponse, "CAS_" + CasConfig$.MODULE$.ServiceName(), localLoginUrl, 1);
        httpServletResponse.sendRedirect(casLoginUrl(localLoginUrl, httpServletRequest.getParameter("remote") != null));
    }
}
