package com.supwisdom.institute.cas.site.web;

import com.supwisdom.institute.cas.site.federated.authentication.FederatedClientFactory;
import java.io.Serializable;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.AuthenticationServiceSelectionPlan;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.services.UnauthorizedServiceException;
import org.apereo.cas.ticket.Ticket;
import org.apereo.cas.ticket.TicketFactory;
import org.apereo.cas.ticket.TransientSessionTicket;
import org.apereo.cas.ticket.registry.TicketRegistry;
import org.apereo.cas.web.support.ArgumentExtractor;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.webflow.execution.RequestContext;

@Transactional(transactionManager = "ticketTransactionManager")
/* loaded from: input_file:com/supwisdom/institute/cas/site/web/FederatedClientWebflowManager.class */
public class FederatedClientWebflowManager {
    private static final Logger log = LoggerFactory.getLogger(FederatedClientWebflowManager.class);
    public static final String PARAMETER_CLIENT_ID = "federatedclientid";
    private final TicketRegistry ticketRegistry;
    private final TicketFactory ticketFactory;
    private final String themeParamName;
    private final String localParamName;
    private final AuthenticationServiceSelectionPlan authenticationRequestServiceSelectionStrategies;
    private final ArgumentExtractor argumentExtractor;

    public Ticket store(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FederatedClientFactory.FederatedClient federatedClient) {
        Map<String, Serializable> buildTicketProperties = buildTicketProperties(httpServletRequest, httpServletResponse);
        WebApplicationService extractService = this.argumentExtractor.extractService(httpServletRequest);
        Service resolveService = this.authenticationRequestServiceSelectionStrategies.resolveService(extractService);
        buildTicketProperties.put("service", extractService);
        buildTicketProperties.put("targetService", resolveService);
        TransientSessionTicket create = this.ticketFactory.get(TransientSessionTicket.class).create(extractService, buildTicketProperties);
        String id = create.getId();
        log.debug("Storing federated authentication request ticket [{}] for service [{}] with properties [{}]", new Object[]{id, create.getService(), create.getProperties()});
        this.ticketRegistry.addTicket(create);
        httpServletRequest.setAttribute(PARAMETER_CLIENT_ID, id);
        return create;
    }

    protected Map<String, Serializable> buildTicketProperties(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put(this.themeParamName, StringUtils.defaultString(httpServletRequest.getParameter(this.themeParamName)));
        linkedHashMap.put(this.localParamName, StringUtils.defaultString(httpServletRequest.getParameter(this.localParamName)));
        linkedHashMap.put("method", StringUtils.defaultString(httpServletRequest.getParameter("method")));
        return linkedHashMap;
    }

    public Service retrieve(RequestContext requestContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FederatedClientFactory.FederatedClient federatedClient) {
        TransientSessionTicket retrieveSessionTicketViaClientId = retrieveSessionTicketViaClientId(httpServletRequest, httpServletResponse, getDelegatedClientId(httpServletRequest, httpServletResponse, federatedClient));
        restoreDelegatedAuthenticationRequest(requestContext, httpServletRequest, httpServletResponse, retrieveSessionTicketViaClientId);
        log.debug("Removing federated client identifier [{}} from registry", retrieveSessionTicketViaClientId.getId());
        this.ticketRegistry.deleteTicket(retrieveSessionTicketViaClientId.getId());
        return retrieveSessionTicketViaClientId.getService();
    }

    protected TransientSessionTicket retrieveSessionTicketViaClientId(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        TransientSessionTicket ticket = this.ticketRegistry.getTicket(str, TransientSessionTicket.class);
        if (ticket != null) {
            if (!ticket.isExpired()) {
                log.debug("Located federated client identifier as [{}]", ticket.getId());
                return ticket;
            }
            log.error("federated client identifier [{}] has expired in the authentication request", ticket.getId());
            this.ticketRegistry.deleteTicket(ticket.getId());
            throw new UnauthorizedServiceException("screen.service.error.message", "");
        }
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        String queryString = httpServletRequest.getQueryString();
        String stringBuffer = requestURL.toString();
        if (queryString != null) {
            stringBuffer = requestURL.append('?').append(queryString).toString();
        }
        log.error("Federated client identifier cannot be located in the authentication request [{}]", stringBuffer);
        throw new UnauthorizedServiceException("screen.service.error.message", "");
    }

    protected Service restoreDelegatedAuthenticationRequest(RequestContext requestContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, TransientSessionTicket transientSessionTicket) {
        Service service = transientSessionTicket.getService();
        log.debug("Restoring requested service [{}] back in the authentication flow", service);
        WebUtils.putService(requestContext, service);
        httpServletRequest.setAttribute("service", service);
        httpServletRequest.setAttribute(this.themeParamName, transientSessionTicket.getProperties().get(this.themeParamName));
        httpServletRequest.setAttribute(this.localParamName, transientSessionTicket.getProperties().get(this.localParamName));
        httpServletRequest.setAttribute("method", transientSessionTicket.getProperties().get("method"));
        return service;
    }

    protected String getDelegatedClientId(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FederatedClientFactory.FederatedClient federatedClient) {
        String parameter = httpServletRequest.getParameter(PARAMETER_CLIENT_ID);
        if (StringUtils.isBlank(parameter)) {
            parameter = httpServletRequest.getParameter("state");
        }
        log.debug("Located delegated client identifier for this request as [{}]", parameter);
        return parameter;
    }

    public FederatedClientWebflowManager(TicketRegistry ticketRegistry, TicketFactory ticketFactory, String str, String str2, AuthenticationServiceSelectionPlan authenticationServiceSelectionPlan, ArgumentExtractor argumentExtractor) {
        this.ticketRegistry = ticketRegistry;
        this.ticketFactory = ticketFactory;
        this.themeParamName = str;
        this.localParamName = str2;
        this.authenticationRequestServiceSelectionStrategies = authenticationServiceSelectionPlan;
        this.argumentExtractor = argumentExtractor;
    }
}
