package org.esigate.cas;

import java.security.Principal;
import java.util.Properties;
import org.apache.http.Header;
import org.apache.http.HttpRequest;
import org.apache.http.HttpResponse;
import org.esigate.Driver;
import org.esigate.authentication.GenericAuthentificationHandler;
import org.esigate.http.IncomingRequest;
import org.esigate.http.OutgoingRequest;
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/esigate/cas/CasAuthenticationHandler.class */
public class CasAuthenticationHandler extends GenericAuthentificationHandler {
    private static final String DEFAULT_LOGIN_URL = "/login";
    private static final Logger LOG = LoggerFactory.getLogger(GenericAuthentificationHandler.class);
    protected static final String LOGIN_URL_PROPERTY = "casLoginUrl";
    protected static final String SECOND_REQUEST = "SECOND_REQUEST";
    private static final String SPRING_SECURITY_PROPERTY = "isSpringSecurity";
    private static final String SPRING_SECURITY_URL_PATTERN_PROPERTY = "springSecurityUrl";
    private String loginUrl;
    private boolean springSecurity;
    private String springSecurityUrl;

    private void addCasAuthentication(OutgoingRequest outgoingRequest, IncomingRequest incomingRequest) {
        String uri = outgoingRequest.getRequestLine().getUri();
        String str = uri;
        AttributePrincipal userPrincipal = incomingRequest.getUserPrincipal();
        if (userPrincipal != null && (userPrincipal instanceof AttributePrincipal)) {
            AttributePrincipal attributePrincipal = userPrincipal;
            LOG.debug("User logged in CAS as: " + attributePrincipal.getName());
            String str2 = "";
            if (this.springSecurity) {
                String str3 = null;
                if (str.indexOf("?") != -1) {
                    str3 = str.substring(str.indexOf("?"));
                    LOG.debug("params: " + str3.substring(1));
                }
                if (this.springSecurityUrl != null && !"".equals(this.springSecurityUrl)) {
                    str = outgoingRequest.getBaseUrl() + this.springSecurityUrl;
                    if (str3 != null) {
                        str = str + str3;
                    }
                    str2 = "&spring-security-redirect=" + uri;
                    LOG.debug("getIsSpringSecurity=true => updated location: " + str);
                }
            }
            String proxyTicketFor = attributePrincipal.getProxyTicketFor(str);
            LOG.debug("Proxy ticket retrieved: " + attributePrincipal.getName() + " for service: " + uri + " : " + proxyTicketFor);
            if (proxyTicketFor != null) {
                str = str.indexOf("?") > 0 ? str + "&ticket=" + proxyTicketFor + str2 : str + "?ticket=" + proxyTicketFor + str2;
            }
        }
        outgoingRequest.setUri(str);
    }

    public boolean beforeProxy(HttpRequest httpRequest) {
        return true;
    }

    protected String driverSpecificName(Driver driver, String str) {
        return driver.getConfiguration().getInstanceName() + "-" + str;
    }

    public void init(Properties properties) {
        this.loginUrl = properties.getProperty(LOGIN_URL_PROPERTY);
        if (this.loginUrl == null) {
            this.loginUrl = DEFAULT_LOGIN_URL;
        }
        CASRedirectStrategy cASRedirectStrategy = new CASRedirectStrategy();
        cASRedirectStrategy.setLoginURL(this.loginUrl);
        getDriver().setRedirectStrategy(cASRedirectStrategy);
        String property = properties.getProperty(SPRING_SECURITY_PROPERTY);
        if (property != null) {
            this.springSecurity = Boolean.parseBoolean(property);
        } else {
            this.springSecurity = false;
        }
        this.springSecurityUrl = properties.getProperty(SPRING_SECURITY_URL_PATTERN_PROPERTY);
    }

    public boolean needsNewRequest(HttpResponse httpResponse, OutgoingRequest outgoingRequest, IncomingRequest incomingRequest) {
        Principal userPrincipal;
        Boolean bool = (Boolean) incomingRequest.getAttribute(driverSpecificName(outgoingRequest.getOriginalRequest().getDriver(), SECOND_REQUEST));
        if (bool == null) {
            bool = Boolean.FALSE;
        }
        if (!bool.booleanValue()) {
            return false;
        }
        Header firstHeader = httpResponse.getFirstHeader("Location");
        String str = null;
        if (firstHeader != null) {
            str = firstHeader.getValue();
        }
        return str != null && str.contains(this.loginUrl) && (userPrincipal = incomingRequest.getUserPrincipal()) != null && (userPrincipal instanceof AttributePrincipal);
    }

    public void preRequest(OutgoingRequest outgoingRequest, IncomingRequest incomingRequest) {
        String driverSpecificName = driverSpecificName(outgoingRequest.getOriginalRequest().getDriver(), SECOND_REQUEST);
        Boolean bool = (Boolean) incomingRequest.getAttribute(driverSpecificName);
        if (bool == null) {
            bool = Boolean.FALSE;
        }
        if (bool.booleanValue()) {
            addCasAuthentication(outgoingRequest, incomingRequest);
        }
        incomingRequest.setAttribute(driverSpecificName, true);
    }
}
