package org.gluu.oxauth.cas.auth.handler;

import java.security.GeneralSecurityException;
import javax.security.auth.login.FailedLoginException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.constraints.NotNull;
import org.gluu.context.J2EContext;
import org.gluu.oxauth.cas.auth.principal.ClientCredential;
import org.gluu.oxauth.client.Client;
import org.gluu.oxauth.client.auth.principal.OpenIdCredentials;
import org.gluu.oxauth.client.auth.user.UserProfile;
import org.gluu.util.StringHelper;
import org.jasig.cas.authentication.Credential;
import org.jasig.cas.authentication.HandlerResult;
import org.jasig.cas.authentication.PreventedException;
import org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler;
import org.jasig.cas.authentication.principal.SimplePrincipal;
import org.springframework.webflow.context.ExternalContextHolder;
import org.springframework.webflow.context.servlet.ServletExternalContext;

/* loaded from: input_file:org/gluu/oxauth/cas/auth/handler/ClientAuthenticationHandler.class */
public final class ClientAuthenticationHandler extends AbstractPreAndPostProcessingAuthenticationHandler {

    @NotNull
    private final Client<UserProfile> client;

    public ClientAuthenticationHandler(Client<UserProfile> client) {
        this.client = client;
    }

    public boolean supports(Credential credential) {
        return credential != null && ClientCredential.class.isAssignableFrom(credential.getClass());
    }

    protected HandlerResult doAuthentication(Credential credential) throws GeneralSecurityException, PreventedException {
        ClientCredential clientCredential = (ClientCredential) credential;
        OpenIdCredentials openIdCredentials = clientCredential.getOpenIdCredentials();
        this.logger.debug("Client credentials : '{}'", clientCredential);
        this.logger.debug("Client name : '{}'", openIdCredentials.getClientName());
        ServletExternalContext externalContext = ExternalContextHolder.getExternalContext();
        UserProfile userProfile = this.client.getUserProfile(openIdCredentials, new J2EContext((HttpServletRequest) externalContext.getNativeRequest(), (HttpServletResponse) externalContext.getNativeResponse()));
        this.logger.debug("userProfile : {}", userProfile);
        if (userProfile != null) {
            String id = userProfile.getId();
            if (StringHelper.isNotEmpty(id)) {
                openIdCredentials.setUserProfile(userProfile);
                return new HandlerResult(this, clientCredential, new SimplePrincipal(id, userProfile.getAttributes()));
            }
        }
        throw new FailedLoginException("Provider did not produce profile for " + clientCredential);
    }
}
