package org.jasig.cas.web.flow;

import java.util.Arrays;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.constraints.NotNull;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.runtime.reflect.Factory;
import org.jasig.cas.CentralAuthenticationService;
import org.jasig.cas.Message;
import org.jasig.cas.aspect.LogAspect;
import org.jasig.cas.authentication.AuthenticationException;
import org.jasig.cas.authentication.Credential;
import org.jasig.cas.authentication.HandlerResult;
import org.jasig.cas.authentication.principal.WebApplicationService;
import org.jasig.cas.ticket.TicketCreationException;
import org.jasig.cas.ticket.TicketException;
import org.jasig.cas.ticket.TicketGrantingTicket;
import org.jasig.cas.ticket.registry.TicketRegistry;
import org.jasig.cas.web.bind.CredentialsBinder;
import org.jasig.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.binding.message.MessageBuilder;
import org.springframework.binding.message.MessageContext;
import org.springframework.util.StringUtils;
import org.springframework.web.util.CookieGenerator;
import org.springframework.webflow.core.collection.LocalAttributeMap;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:org/jasig/cas/web/flow/AuthenticationViaFormAction.class */
public class AuthenticationViaFormAction {
    public static final String SUCCESS = "success";
    public static final String SUCCESS_WITH_WARNINGS = "successWithWarnings";
    public static final String WARN = "warn";
    public static final String AUTHENTICATION_FAILURE = "authenticationFailure";
    public static final String ERROR = "error";
    private CredentialsBinder credentialsBinder;

    @NotNull
    private CentralAuthenticationService centralAuthenticationService;

    @NotNull
    private TicketRegistry ticketRegistry;

    @NotNull
    private CookieGenerator warnCookieGenerator;
    protected final Logger logger = LoggerFactory.getLogger(getClass());
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_1 = null;

    public final void doBind(RequestContext requestContext, Credential credential) throws Exception {
        ProceedingJoinPoint makeJP = Factory.makeJP(ajc$tjp_0, this, this, requestContext, credential);
        doBind_aroundBody1$advice(this, requestContext, credential, makeJP, LogAspect.aspectOf(), makeJP);
    }

    public final Event submit(RequestContext requestContext, Credential credential, MessageContext messageContext) throws Exception {
        ProceedingJoinPoint makeJP = Factory.makeJP(ajc$tjp_1, this, this, new Object[]{requestContext, credential, messageContext});
        return (Event) submit_aroundBody3$advice(this, requestContext, credential, messageContext, makeJP, LogAspect.aspectOf(), makeJP);
    }

    private boolean addWarningMessagesToMessageContextIfNeeded(TicketGrantingTicket ticketGrantingTicket, MessageContext messageContext) {
        boolean z = false;
        Iterator<Map.Entry<String, HandlerResult>> it = ticketGrantingTicket.getAuthentication().getSuccesses().entrySet().iterator();
        while (it.hasNext()) {
            Iterator<Message> it2 = it.next().getValue().getWarnings().iterator();
            while (it2.hasNext()) {
                addWarningToContext(messageContext, it2.next());
                z = true;
            }
        }
        return z;
    }

    private void putWarnCookieIfRequestParameterPresent(RequestContext requestContext) {
        HttpServletResponse httpServletResponse = WebUtils.getHttpServletResponse(requestContext);
        if (StringUtils.hasText(requestContext.getExternalContext().getRequestParameterMap().get(WARN))) {
            this.warnCookieGenerator.addCookie(httpServletResponse, "true");
        } else {
            this.warnCookieGenerator.removeCookie(httpServletResponse);
        }
    }

    private AuthenticationException getAuthenticationExceptionAsCause(TicketException ticketException) {
        return (AuthenticationException) ticketException.getCause();
    }

    private Event newEvent(String str) {
        return new Event(this, str);
    }

    private Event newEvent(String str, Exception exc) {
        return new Event(this, str, new LocalAttributeMap(ERROR, exc));
    }

    public final void setCentralAuthenticationService(CentralAuthenticationService centralAuthenticationService) {
        this.centralAuthenticationService = centralAuthenticationService;
    }

    public void setTicketRegistry(TicketRegistry ticketRegistry) {
        this.ticketRegistry = ticketRegistry;
    }

    public final void setCredentialsBinder(CredentialsBinder credentialsBinder) {
        this.credentialsBinder = credentialsBinder;
    }

    public final void setWarnCookieGenerator(CookieGenerator cookieGenerator) {
        this.warnCookieGenerator = cookieGenerator;
    }

    private void addWarningToContext(MessageContext messageContext, Message message) {
        messageContext.addMessage(new MessageBuilder().warning().code(message.getCode()).defaultText(message.getDefaultMessage()).args(message.getParams()).build());
    }

    static {
        ajc$preClinit();
    }

    private static final /* synthetic */ void doBind_aroundBody0(AuthenticationViaFormAction authenticationViaFormAction, RequestContext requestContext, Credential credential, JoinPoint joinPoint) {
        HttpServletRequest httpServletRequest = WebUtils.getHttpServletRequest(requestContext);
        if (authenticationViaFormAction.credentialsBinder == null || !authenticationViaFormAction.credentialsBinder.supports(credential.getClass())) {
            return;
        }
        authenticationViaFormAction.credentialsBinder.bind(httpServletRequest, credential);
    }

    private static final /* synthetic */ Object doBind_aroundBody1$advice(AuthenticationViaFormAction authenticationViaFormAction, RequestContext requestContext, Credential credential, JoinPoint joinPoint, LogAspect logAspect, ProceedingJoinPoint proceedingJoinPoint) {
        Object obj = null;
        Logger log = logAspect.getLog(proceedingJoinPoint);
        String name = proceedingJoinPoint.getSignature().getName();
        try {
            if (log.isTraceEnabled()) {
                Object[] args = proceedingJoinPoint.getArgs();
                log.trace("Entering method [{}] with arguments [{}]", name, (args == null || args.length == 0) ? "" : Arrays.deepToString(args));
            }
            doBind_aroundBody0(authenticationViaFormAction, requestContext, credential, proceedingJoinPoint);
            obj = null;
            log.trace("Leaving method [{}] with return value [{}].", name, 0 != 0 ? obj.toString() : "null");
            return null;
        } catch (Throwable th) {
            log.trace("Leaving method [{}] with return value [{}].", name, obj != null ? obj.toString() : "null");
            throw th;
        }
    }

    private static final /* synthetic */ Event submit_aroundBody2(AuthenticationViaFormAction authenticationViaFormAction, RequestContext requestContext, Credential credential, MessageContext messageContext, JoinPoint joinPoint) {
        String loginTicketFromFlowScope = WebUtils.getLoginTicketFromFlowScope(requestContext);
        String loginTicketFromRequest = WebUtils.getLoginTicketFromRequest(requestContext);
        if (!loginTicketFromFlowScope.equals(loginTicketFromRequest)) {
            authenticationViaFormAction.logger.warn("Invalid login ticket {}", loginTicketFromRequest);
            messageContext.addMessage(new MessageBuilder().error().code("error.invalid.loginticket").build());
            return authenticationViaFormAction.newEvent(ERROR);
        }
        String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(requestContext);
        WebApplicationService service = WebUtils.getService(requestContext);
        if (StringUtils.hasText(requestContext.getRequestParameters().get("renew")) && ticketGrantingTicketId != null && service != null) {
            try {
                WebUtils.putServiceTicketInRequestScope(requestContext, authenticationViaFormAction.centralAuthenticationService.grantServiceTicket(ticketGrantingTicketId, service, credential));
                authenticationViaFormAction.putWarnCookieIfRequestParameterPresent(requestContext);
                return authenticationViaFormAction.newEvent(WARN);
            } catch (AuthenticationException e) {
                return authenticationViaFormAction.newEvent(AUTHENTICATION_FAILURE, e);
            } catch (TicketCreationException unused) {
                authenticationViaFormAction.logger.warn("Invalid attempt to access service using renew=true with different credential. Ending SSO session.");
                authenticationViaFormAction.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicketId);
            } catch (TicketException e2) {
                return authenticationViaFormAction.newEvent(ERROR, e2);
            }
        }
        try {
            String createTicketGrantingTicket = authenticationViaFormAction.centralAuthenticationService.createTicketGrantingTicket(credential);
            WebUtils.putTicketGrantingTicketInFlowScope(requestContext, createTicketGrantingTicket);
            authenticationViaFormAction.putWarnCookieIfRequestParameterPresent(requestContext);
            return authenticationViaFormAction.addWarningMessagesToMessageContextIfNeeded((TicketGrantingTicket) authenticationViaFormAction.ticketRegistry.getTicket(createTicketGrantingTicket), messageContext) ? authenticationViaFormAction.newEvent(SUCCESS_WITH_WARNINGS) : authenticationViaFormAction.newEvent(SUCCESS);
        } catch (AuthenticationException e3) {
            return authenticationViaFormAction.newEvent(AUTHENTICATION_FAILURE, e3);
        } catch (Exception e4) {
            return authenticationViaFormAction.newEvent(ERROR, e4);
        }
    }

    private static final /* synthetic */ Object submit_aroundBody3$advice(AuthenticationViaFormAction authenticationViaFormAction, RequestContext requestContext, Credential credential, MessageContext messageContext, JoinPoint joinPoint, LogAspect logAspect, ProceedingJoinPoint proceedingJoinPoint) {
        Event event = null;
        Logger log = logAspect.getLog(proceedingJoinPoint);
        String name = proceedingJoinPoint.getSignature().getName();
        try {
            if (log.isTraceEnabled()) {
                Object[] args = proceedingJoinPoint.getArgs();
                log.trace("Entering method [{}] with arguments [{}]", name, (args == null || args.length == 0) ? "" : Arrays.deepToString(args));
            }
            event = submit_aroundBody2(authenticationViaFormAction, requestContext, credential, messageContext, proceedingJoinPoint);
            log.trace("Leaving method [{}] with return value [{}].", name, event != null ? event.toString() : "null");
            return event;
        } catch (Throwable th) {
            log.trace("Leaving method [{}] with return value [{}].", name, event != null ? event.toString() : "null");
            throw th;
        }
    }

    private static /* synthetic */ void ajc$preClinit() {
        Factory factory = new Factory("AuthenticationViaFormAction.java", AuthenticationViaFormAction.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("11", "doBind", "org.jasig.cas.web.flow.AuthenticationViaFormAction", "org.springframework.webflow.execution.RequestContext:org.jasig.cas.authentication.Credential", "context:credential", "java.lang.Exception", "void"), 94);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("11", "submit", "org.jasig.cas.web.flow.AuthenticationViaFormAction", "org.springframework.webflow.execution.RequestContext:org.jasig.cas.authentication.Credential:org.springframework.binding.message.MessageContext", "context:credential:messageContext", "java.lang.Exception", "org.springframework.webflow.execution.Event"), 102);
    }
}
