package com.supwisdom.institute.cas.site.apptoken.web.flow;

import com.supwisdom.institute.cas.site.apptoken.authentication.AppTokenCredential;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.adaptive.AdaptiveAuthenticationPolicy;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.services.RegisteredServiceAccessStrategyUtils;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.web.flow.actions.AbstractNonInteractiveCredentialsAction;
import org.apereo.cas.web.flow.resolver.CasDelegatingWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.CasWebflowEventResolver;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:com/supwisdom/institute/cas/site/apptoken/web/flow/AppTokenAuthenticationAction.class */
public class AppTokenAuthenticationAction extends AbstractNonInteractiveCredentialsAction {
    private static final Logger log = LoggerFactory.getLogger(AppTokenAuthenticationAction.class);
    private final ServicesManager servicesManager;

    public AppTokenAuthenticationAction(CasDelegatingWebflowEventResolver casDelegatingWebflowEventResolver, CasWebflowEventResolver casWebflowEventResolver, AdaptiveAuthenticationPolicy adaptiveAuthenticationPolicy, ServicesManager servicesManager) {
        super(casDelegatingWebflowEventResolver, casWebflowEventResolver, adaptiveAuthenticationPolicy);
        this.servicesManager = servicesManager;
    }

    protected Credential constructCredentialsFromRequest(RequestContext requestContext) {
        Cookie cookie;
        HttpServletRequest httpServletRequestFromExternalWebflowContext = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
        WebApplicationService service = WebUtils.getService(requestContext);
        String parameter = httpServletRequestFromExternalWebflowContext.getParameter("JWTToken");
        log.debug("Received token from paramter: [{}]", parameter);
        if (StringUtils.isBlank(parameter)) {
            String header = httpServletRequestFromExternalWebflowContext.getHeader("Authorization");
            log.debug("Received token from header: [{}]", header);
            if (!StringUtils.isBlank(header) && header.startsWith("JWTToken ")) {
                parameter = header.substring("JWTToken ".length());
            }
        }
        if (StringUtils.isBlank(parameter)) {
            String str = null;
            String parameter2 = httpServletRequestFromExternalWebflowContext.getParameter("idToken");
            log.debug("idTokenParamterValue is [{}]", parameter2);
            if (parameter2 != null && !parameter2.isEmpty()) {
                str = parameter2;
            }
            if (str == null) {
                String header2 = httpServletRequestFromExternalWebflowContext.getHeader("X-Id-Token");
                log.debug("idTokenHeaderValue is [{}]", header2);
                if (header2 != null && !header2.isEmpty()) {
                    str = header2;
                }
            }
            if (str == null && (cookie = org.springframework.web.util.WebUtils.getCookie(httpServletRequestFromExternalWebflowContext, "X-Id-Token")) != null) {
                String value = cookie.getValue();
                log.debug("idTokenCookieValue is [{}]", value);
                if (value != null && !value.isEmpty()) {
                    str = value;
                }
            }
            log.debug("idToken is [{}]", str);
            if (str != null && !str.isEmpty()) {
                parameter = str;
            }
        }
        if (service == null || !StringUtils.isNotBlank(parameter)) {
            return null;
        }
        try {
            RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(service, this.servicesManager.findServiceBy(service));
            AppTokenCredential appTokenCredential = new AppTokenCredential(parameter, service);
            log.debug("Received token authentication request [{}] ", appTokenCredential);
            return appTokenCredential;
        } catch (Exception e) {
            log.warn(e.getMessage(), e);
            return null;
        }
    }
}
