package org.jasig.cas.support.pac4j.web.flow;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.validation.constraints.NotNull;
import org.apache.commons.lang.StringUtils;
import org.jasig.cas.CentralAuthenticationService;
import org.jasig.cas.authentication.Credential;
import org.jasig.cas.authentication.principal.Service;
import org.jasig.cas.support.pac4j.authentication.principal.ClientCredential;
import org.jasig.cas.web.support.WebUtils;
import org.pac4j.core.client.BaseClient;
import org.pac4j.core.client.Client;
import org.pac4j.core.client.Clients;
import org.pac4j.core.client.Protocol;
import org.pac4j.core.context.J2EContext;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.exception.RequiresHttpAction;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.profile.ProfileHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.context.ExternalContextHolder;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:org/jasig/cas/support/pac4j/web/flow/ClientAction.class */
public final class ClientAction extends AbstractAction {
    private final Logger logger = LoggerFactory.getLogger(ClientAction.class);
    public static final String SERVICE = "service";
    public static final String THEME = "theme";
    public static final String LOCALE = "locale";
    public static final String METHOD = "method";

    @NotNull
    private final Clients clients;

    @NotNull
    private final CentralAuthenticationService centralAuthenticationService;

    public ClientAction(CentralAuthenticationService centralAuthenticationService, Clients clients) {
        this.centralAuthenticationService = centralAuthenticationService;
        this.clients = clients;
        ProfileHelper.setKeepRawData(true);
    }

    protected Event doExecute(RequestContext requestContext) throws Exception {
        HttpServletRequest httpServletRequest = WebUtils.getHttpServletRequest(requestContext);
        HttpServletResponse httpServletResponse = WebUtils.getHttpServletResponse(requestContext);
        HttpSession session = httpServletRequest.getSession();
        J2EContext j2EContext = new J2EContext(httpServletRequest, httpServletResponse);
        String parameter = httpServletRequest.getParameter(this.clients.getClientNameParameter());
        this.logger.debug("clientName : {}", parameter);
        if (StringUtils.isNotBlank(parameter)) {
            BaseClient findClient = this.clients.findClient(parameter);
            this.logger.debug("client : {}", findClient);
            if (findClient.getProtocol() == Protocol.HTTP) {
                throw new TechnicalException("HTTP protocol client not supported : " + findClient);
            }
            try {
                Credentials credentials = findClient.getCredentials(j2EContext);
                this.logger.debug("credentials : {}", credentials);
                requestContext.getFlowScope().put(SERVICE, (Service) session.getAttribute(SERVICE));
                restoreRequestAttribute(httpServletRequest, session, THEME);
                restoreRequestAttribute(httpServletRequest, session, LOCALE);
                restoreRequestAttribute(httpServletRequest, session, METHOD);
                if (credentials != null) {
                    WebUtils.putTicketGrantingTicketInRequestScope(requestContext, this.centralAuthenticationService.createTicketGrantingTicket(new Credential[]{new ClientCredential(credentials)}));
                    return success();
                }
            } catch (RequiresHttpAction e) {
                this.logger.info("requires http action : {}", e);
                httpServletResponse.flushBuffer();
                ExternalContextHolder.getExternalContext().recordResponseComplete();
                return new Event(this, "stop");
            }
        }
        prepareForLoginPage(requestContext);
        return error();
    }

    protected void prepareForLoginPage(RequestContext requestContext) {
        HttpServletRequest httpServletRequest = WebUtils.getHttpServletRequest(requestContext);
        HttpServletResponse httpServletResponse = WebUtils.getHttpServletResponse(requestContext);
        HttpSession session = httpServletRequest.getSession();
        J2EContext j2EContext = new J2EContext(httpServletRequest, httpServletResponse);
        Service service = (Service) requestContext.getFlowScope().get(SERVICE);
        if (service != null) {
            session.setAttribute(SERVICE, service);
        }
        saveRequestParameter(httpServletRequest, session, THEME);
        saveRequestParameter(httpServletRequest, session, LOCALE);
        saveRequestParameter(httpServletRequest, session, METHOD);
        for (Client client : this.clients.findAllClients()) {
            String str = client.getName() + "Url";
            String redirectionUrl = client.getRedirectionUrl(j2EContext);
            this.logger.debug("{} -> {}", str, redirectionUrl);
            requestContext.getFlowScope().put(str, redirectionUrl);
        }
    }

    private void restoreRequestAttribute(HttpServletRequest httpServletRequest, HttpSession httpSession, String str) {
        httpServletRequest.setAttribute(str, (String) httpSession.getAttribute(str));
    }

    private void saveRequestParameter(HttpServletRequest httpServletRequest, HttpSession httpSession, String str) {
        String parameter = httpServletRequest.getParameter(str);
        if (parameter != null) {
            httpSession.setAttribute(str, parameter);
        }
    }
}
