package org.jasig.cas;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jasig.cas.authentication.Authentication;
import org.jasig.cas.authentication.AuthenticationManager;
import org.jasig.cas.authentication.handler.AuthenticationException;
import org.jasig.cas.authentication.principal.Credentials;
import org.jasig.cas.authentication.principal.Service;
import org.jasig.cas.ticket.ExpirationPolicy;
import org.jasig.cas.ticket.InvalidTicketException;
import org.jasig.cas.ticket.ServiceTicket;
import org.jasig.cas.ticket.TicketCreationException;
import org.jasig.cas.ticket.TicketException;
import org.jasig.cas.ticket.TicketGrantingTicket;
import org.jasig.cas.ticket.TicketGrantingTicketImpl;
import org.jasig.cas.ticket.TicketValidationException;
import org.jasig.cas.ticket.registry.TicketRegistry;
import org.jasig.cas.util.UniqueTicketIdGenerator;
import org.jasig.cas.validation.Assertion;
import org.jasig.cas.validation.ImmutableAssertionImpl;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/cas-server-3.0.4.jar:org/jasig/cas/CentralAuthenticationServiceImpl.class */
public final class CentralAuthenticationServiceImpl implements CentralAuthenticationService, InitializingBean {
    private final Log log = LogFactory.getLog(getClass());
    private TicketRegistry ticketRegistry;
    private AuthenticationManager authenticationManager;
    private UniqueTicketIdGenerator ticketGrantingTicketUniqueTicketIdGenerator;
    private UniqueTicketIdGenerator serviceTicketUniqueTicketIdGenerator;
    private ExpirationPolicy ticketGrantingTicketExpirationPolicy;
    private ExpirationPolicy serviceTicketExpirationPolicy;
    static Class class$org$jasig$cas$ticket$TicketGrantingTicket;
    static Class class$org$jasig$cas$ticket$ServiceTicket;

    @Override // org.jasig.cas.CentralAuthenticationService
    public void destroyTicketGrantingTicket(String str) {
        Class cls;
        Assert.notNull(str);
        if (this.log.isDebugEnabled()) {
            this.log.debug(new StringBuffer().append("Removing ticket [").append(str).append("] from registry.").toString());
        }
        TicketRegistry ticketRegistry = this.ticketRegistry;
        if (class$org$jasig$cas$ticket$TicketGrantingTicket == null) {
            cls = class$("org.jasig.cas.ticket.TicketGrantingTicket");
            class$org$jasig$cas$ticket$TicketGrantingTicket = cls;
        } else {
            cls = class$org$jasig$cas$ticket$TicketGrantingTicket;
        }
        TicketGrantingTicket ticketGrantingTicket = (TicketGrantingTicket) ticketRegistry.getTicket(str, cls);
        if (ticketGrantingTicket != null) {
            if (this.log.isDebugEnabled()) {
                this.log.debug("Ticket found.  Expiring and then deleting.");
            }
            ticketGrantingTicket.expire();
            this.ticketRegistry.deleteTicket(str);
        }
    }

    @Override // org.jasig.cas.CentralAuthenticationService
    public String grantServiceTicket(String str, Service service, Credentials credentials) throws TicketException {
        Class cls;
        Assert.notNull(str);
        Assert.notNull(service);
        TicketRegistry ticketRegistry = this.ticketRegistry;
        if (class$org$jasig$cas$ticket$TicketGrantingTicket == null) {
            cls = class$("org.jasig.cas.ticket.TicketGrantingTicket");
            class$org$jasig$cas$ticket$TicketGrantingTicket = cls;
        } else {
            cls = class$org$jasig$cas$ticket$TicketGrantingTicket;
        }
        TicketGrantingTicket ticketGrantingTicket = (TicketGrantingTicket) ticketRegistry.getTicket(str, cls);
        if (ticketGrantingTicket == null || ticketGrantingTicket.isExpired()) {
            throw new InvalidTicketException();
        }
        if (credentials != null) {
            try {
                Authentication authenticate = this.authenticationManager.authenticate(credentials);
                if (!authenticate.getPrincipal().equals(ticketGrantingTicket.getAuthentication().getPrincipal())) {
                    throw new TicketCreationException();
                }
            } catch (AuthenticationException e) {
                throw new TicketCreationException(e);
            }
        }
        ServiceTicket grantServiceTicket = ticketGrantingTicket.grantServiceTicket(this.serviceTicketUniqueTicketIdGenerator.getNewTicketId(ServiceTicket.PREFIX), service, this.serviceTicketExpirationPolicy);
        if (credentials != null) {
            if (this.log.isDebugEnabled()) {
                this.log.debug("We received a renew=true request, so setting fromNewLogin to true");
            }
            grantServiceTicket.setFromNewLogin(true);
        }
        this.ticketRegistry.addTicket(grantServiceTicket);
        if (this.log.isInfoEnabled()) {
            this.log.info(new StringBuffer().append("Granted service ticket [").append(grantServiceTicket.getId()).append("] for service [").append(service.getId()).append("] for user [").append(grantServiceTicket.getGrantingTicket().getAuthentication().getPrincipal().getId()).append("]").toString());
        }
        return grantServiceTicket.getId();
    }

    @Override // org.jasig.cas.CentralAuthenticationService
    public String grantServiceTicket(String str, Service service) throws TicketException {
        return grantServiceTicket(str, service, null);
    }

    @Override // org.jasig.cas.CentralAuthenticationService
    public String delegateTicketGrantingTicket(String str, Credentials credentials) throws TicketException {
        Class cls;
        Assert.notNull(str);
        Assert.notNull(credentials);
        try {
            Authentication authenticate = this.authenticationManager.authenticate(credentials);
            TicketRegistry ticketRegistry = this.ticketRegistry;
            if (class$org$jasig$cas$ticket$ServiceTicket == null) {
                cls = class$("org.jasig.cas.ticket.ServiceTicket");
                class$org$jasig$cas$ticket$ServiceTicket = cls;
            } else {
                cls = class$org$jasig$cas$ticket$ServiceTicket;
            }
            ServiceTicket serviceTicket = (ServiceTicket) ticketRegistry.getTicket(str, cls);
            if (serviceTicket == null || serviceTicket.isExpired()) {
                throw new InvalidTicketException();
            }
            TicketGrantingTicket grantTicketGrantingTicket = serviceTicket.grantTicketGrantingTicket(this.ticketGrantingTicketUniqueTicketIdGenerator.getNewTicketId(TicketGrantingTicket.PREFIX), authenticate, this.ticketGrantingTicketExpirationPolicy);
            this.ticketRegistry.addTicket(grantTicketGrantingTicket);
            return grantTicketGrantingTicket.getId();
        } catch (AuthenticationException e) {
            throw new TicketCreationException(e);
        }
    }

    @Override // org.jasig.cas.CentralAuthenticationService
    public Assertion validateServiceTicket(String str, Service service) throws TicketException {
        Class cls;
        Assert.notNull(str);
        Assert.notNull(service);
        TicketRegistry ticketRegistry = this.ticketRegistry;
        if (class$org$jasig$cas$ticket$ServiceTicket == null) {
            cls = class$("org.jasig.cas.ticket.ServiceTicket");
            class$org$jasig$cas$ticket$ServiceTicket = cls;
        } else {
            cls = class$org$jasig$cas$ticket$ServiceTicket;
        }
        ServiceTicket serviceTicket = (ServiceTicket) ticketRegistry.getTicket(str, cls);
        if (serviceTicket == null) {
            if (this.log.isDebugEnabled()) {
                this.log.debug(new StringBuffer().append("ServiceTicket [").append(str).append("] does not exist.").toString());
            }
            throw new InvalidTicketException();
        }
        if (serviceTicket.isExpired()) {
            if (this.log.isDebugEnabled()) {
                this.log.debug(new StringBuffer().append("ServiceTicket [").append(str).append("] has expired.").toString());
            }
            this.ticketRegistry.deleteTicket(str);
            throw new InvalidTicketException();
        }
        serviceTicket.incrementCountOfUses();
        serviceTicket.updateLastTimeUsed();
        if (serviceTicket.isExpired()) {
            this.ticketRegistry.deleteTicket(str);
        }
        if (service.equals(serviceTicket.getService())) {
            return new ImmutableAssertionImpl(serviceTicket.getGrantingTicket().getChainedAuthentications(), serviceTicket.getService(), serviceTicket.isFromNewLogin());
        }
        if (this.log.isDebugEnabled()) {
            this.log.debug(new StringBuffer().append("ServiceTicket [").append(str).append("] does not match supplied service.").toString());
        }
        throw new TicketValidationException();
    }

    @Override // org.jasig.cas.CentralAuthenticationService
    public String createTicketGrantingTicket(Credentials credentials) throws TicketCreationException {
        Assert.notNull(credentials);
        if (this.log.isDebugEnabled()) {
            this.log.debug(new StringBuffer().append("Attempting to create TicketGrantingTicket for ").append(credentials).toString());
        }
        try {
            TicketGrantingTicketImpl ticketGrantingTicketImpl = new TicketGrantingTicketImpl(this.ticketGrantingTicketUniqueTicketIdGenerator.getNewTicketId(TicketGrantingTicket.PREFIX), this.authenticationManager.authenticate(credentials), this.ticketGrantingTicketExpirationPolicy);
            this.ticketRegistry.addTicket(ticketGrantingTicketImpl);
            return ticketGrantingTicketImpl.getId();
        } catch (AuthenticationException e) {
            throw new TicketCreationException(e);
        }
    }

    public void setTicketRegistry(TicketRegistry ticketRegistry) {
        this.ticketRegistry = ticketRegistry;
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    public void setTicketGrantingTicketExpirationPolicy(ExpirationPolicy expirationPolicy) {
        this.ticketGrantingTicketExpirationPolicy = expirationPolicy;
    }

    public void setTicketGrantingTicketUniqueTicketIdGenerator(UniqueTicketIdGenerator uniqueTicketIdGenerator) {
        this.ticketGrantingTicketUniqueTicketIdGenerator = uniqueTicketIdGenerator;
    }

    public void setServiceTicketExpirationPolicy(ExpirationPolicy expirationPolicy) {
        this.serviceTicketExpirationPolicy = expirationPolicy;
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        String name = getClass().getName();
        Assert.notNull(this.ticketRegistry, new StringBuffer().append("ticketRegistry cannot be null on ").append(name).toString());
        Assert.notNull(this.authenticationManager, new StringBuffer().append("authenticationManager cannot be null on ").append(name).toString());
        Assert.notNull(this.ticketGrantingTicketUniqueTicketIdGenerator, new StringBuffer().append("ticketGrantingTicketUniqueTicketIdGenerator cannot be null on ").append(name).toString());
        Assert.notNull(this.serviceTicketUniqueTicketIdGenerator, new StringBuffer().append("serviceTicketUniqueTicketIdGenerator cannot be null on ").append(name).toString());
        Assert.notNull(this.ticketGrantingTicketExpirationPolicy, new StringBuffer().append("ticketGrantingTicketExpirationPolicy cannot be null on ").append(name).toString());
        Assert.notNull(this.serviceTicketExpirationPolicy, new StringBuffer().append("serviceTicketExpirationPolicy cannot be null on ").append(name).toString());
    }

    public void setServiceTicketUniqueTicketIdGenerator(UniqueTicketIdGenerator uniqueTicketIdGenerator) {
        this.serviceTicketUniqueTicketIdGenerator = uniqueTicketIdGenerator;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
