package com.supwisdom.institute.cas.site.web.flow.actions;

import com.supwisdom.institute.cas.site.account.PasswordDetectVO;
import com.supwisdom.institute.cas.site.account.service.AccountService;
import com.supwisdom.institute.cas.site.authentication.CasServerAccountCredential;
import com.supwisdom.institute.cas.site.common.util.RSAUtils;
import com.supwisdom.institute.cas.site.config.Config;
import com.supwisdom.institute.cas.site.config.ConfigManager;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.principal.ServiceFactory;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.ticket.registry.TicketRegistrySupport;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:com/supwisdom/institute/cas/site/web/flow/actions/CasServerUserPasswordDetectAction.class */
public class CasServerUserPasswordDetectAction extends AbstractAction {
    private static final Logger log = LoggerFactory.getLogger(CasServerUserPasswordDetectAction.class);

    @Autowired
    private AccountService accountService;
    private final ConfigManager configManager;
    private final ServiceFactory serviceFactory;
    private final TicketRegistrySupport ticketRegistrySupport;

    protected Event doExecute(RequestContext requestContext) throws Exception {
        if (requestContext.getFlowScope().getBoolean("ALREADY_REDIRECT_SECURITY_CENTER", false).booleanValue()) {
            return null;
        }
        CasServerAccountCredential credential = WebUtils.getCredential(requestContext);
        log.debug("Credential: {}", credential);
        boolean z = false;
        String[] strArr = new String[0];
        String str = null;
        Map<String, Config> configs = this.configManager.getConfigs();
        if (configs.containsKey("casServer.userPasswordDetect.enabled")) {
            z = Boolean.valueOf(configs.get("casServer.userPasswordDetect.enabled").getConfigValue()).booleanValue();
        }
        if (configs.containsKey("casServer.userPasswordDetect.warning.code")) {
            strArr = configs.get("casServer.userPasswordDetect.warning.code").getConfigValue().split(",");
        }
        if (configs.containsKey("casServer.userPasswordDetect.warning.url")) {
            str = configs.get("casServer.userPasswordDetect.warning.url").getConfigValue();
        }
        if (!z) {
            return null;
        }
        Authentication authenticationFrom = this.ticketRegistrySupport.getAuthenticationFrom(WebUtils.getTicketGrantingTicketId(requestContext));
        if (authenticationFrom == null) {
            return null;
        }
        if (StringUtils.isBlank(str) || strArr.length == 0) {
            return null;
        }
        Integer num = null;
        if (credential == null) {
            num = this.accountService.loadAccountByUsername(authenticationFrom.getPrincipal().getId()).getPasswordStatus();
        } else if (credential instanceof CasServerAccountCredential) {
            CasServerAccountCredential casServerAccountCredential = credential;
            log.debug("CasServerAccountCredential: {}", casServerAccountCredential);
            num = casServerAccountCredential.getAccount().getPasswordStatus();
            if (num == null) {
                PasswordDetectVO detectPassword = this.accountService.detectPassword(casServerAccountCredential.getUsername(), casServerAccountCredential.getPassword());
                num = Integer.valueOf(detectPassword.getPasswordStatus());
                log.warn(detectPassword.getWarning());
            }
        }
        Boolean bool = false;
        if (num == null) {
            bool = true;
        } else if (num.intValue() > 0) {
            String[] strArr2 = strArr;
            int length = strArr2.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                if (String.valueOf(num.intValue()).equals(strArr2[i])) {
                    bool = true;
                    break;
                }
                i++;
            }
        }
        if (bool.booleanValue()) {
            WebApplicationService service = WebUtils.getService(requestContext);
            String str2 = null;
            if (service != null) {
                try {
                    str2 = URLEncoder.encode(service.getId(), RSAUtils.CHARSET);
                } catch (UnsupportedEncodingException e) {
                    log.warn("urlEncoder error, string is {}, e is {}", service.getId(), e.getMessage());
                }
            }
            String str3 = str;
            if (str2 != null) {
                str3 = str3 + "?redirect_uri=" + str2;
            }
            WebUtils.putService(requestContext, this.serviceFactory.createService(str3));
            requestContext.getFlowScope().put("ALREADY_REDIRECT_SECURITY_CENTER", true);
        }
        return null;
    }

    public CasServerUserPasswordDetectAction(ConfigManager configManager, ServiceFactory serviceFactory, TicketRegistrySupport ticketRegistrySupport) {
        this.configManager = configManager;
        this.serviceFactory = serviceFactory;
        this.ticketRegistrySupport = ticketRegistrySupport;
    }
}
