package org.gluu.oxauth.cas.auth.login.flow;

import javax.validation.constraints.NotNull;
import org.gluu.context.J2EContext;
import org.gluu.context.WebContext;
import org.gluu.oxauth.cas.auth.client.AuthClient;
import org.gluu.oxauth.cas.auth.principal.ClientCredential;
import org.jasig.cas.CentralAuthenticationService;
import org.jasig.cas.authentication.Credential;
import org.jasig.cas.authentication.principal.Service;
import org.jasig.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:org/gluu/oxauth/cas/auth/login/flow/ClientAction.class */
public final class ClientAction extends AbstractAction {
    private final Logger logger = LoggerFactory.getLogger(ClientAction.class);
    public String DEFAULT_CLIENT_NAME_PARAMETER = "client_name";
    public static final String SERVICE = "service";
    public static final String THEME = "theme";
    public static final String LOCALE = "locale";
    public static final String METHOD = "method";

    @NotNull
    private final AuthClient client;

    @NotNull
    private final CentralAuthenticationService centralAuthenticationService;

    public ClientAction(AuthClient authClient, CentralAuthenticationService centralAuthenticationService) {
        this.client = authClient;
        this.centralAuthenticationService = centralAuthenticationService;
    }

    protected Event doExecute(RequestContext requestContext) throws Exception {
        WebContext j2EContext = new J2EContext(WebUtils.getHttpServletRequest(requestContext), WebUtils.getHttpServletResponse(requestContext));
        if (this.client.isAuthorizationResponse(j2EContext)) {
            this.logger.info("Procession authentication request");
            if (!this.client.isValidRequestState(j2EContext)) {
                this.logger.warn("The state in session and in request are not equals");
                prepareForLoginPage(requestContext, j2EContext);
                return new Event(this, "stop");
            }
            Credential clientCrendentials = getClientCrendentials(requestContext, j2EContext);
            if (clientCrendentials != null) {
                WebUtils.putTicketGrantingTicketInRequestScope(requestContext, this.centralAuthenticationService.createTicketGrantingTicket(new Credential[]{clientCrendentials}));
                return success();
            }
        }
        prepareForLoginPage(requestContext, j2EContext);
        return error();
    }

    private ClientCredential getClientCrendentials(RequestContext requestContext, WebContext webContext) {
        ClientCredential clientCredential = new ClientCredential(this.client.getCredentials(webContext));
        Service service = (Service) webContext.getSessionAttribute(SERVICE);
        if (service != null) {
            webContext.setRequestAttribute(SERVICE, service.getId());
        }
        requestContext.getFlowScope().put(SERVICE, service);
        restoreRequestAttribute(webContext, THEME);
        restoreRequestAttribute(webContext, LOCALE);
        restoreRequestAttribute(webContext, METHOD);
        return clientCredential;
    }

    protected void prepareForLoginPage(RequestContext requestContext, WebContext webContext) {
        Service service = (Service) requestContext.getFlowScope().get(SERVICE);
        if (service != null) {
            webContext.setSessionAttribute(SERVICE, service);
        }
        saveRequestParameter(webContext, THEME);
        saveRequestParameter(webContext, LOCALE);
        saveRequestParameter(webContext, METHOD);
        String str = this.client.getName() + "Url";
        String redirectionUrl = this.client.getRedirectionUrl(webContext);
        this.logger.debug("Generated redirection Url", redirectionUrl);
        requestContext.getFlowScope().put(str, redirectionUrl);
        String str2 = this.client.getName() + "OpenIdDefaultAuthenticator";
        Boolean valueOf = Boolean.valueOf(this.client.isOpenIdDefaultAuthenticator());
        this.logger.debug("OpenIdDefaultAuthenticator", valueOf);
        requestContext.getFlowScope().put(str2, valueOf);
    }

    private void restoreRequestAttribute(WebContext webContext, String str) {
        webContext.setRequestAttribute(str, (String) webContext.getSessionAttribute(str));
    }

    private void saveRequestParameter(WebContext webContext, String str) {
        String requestParameter = webContext.getRequestParameter(str);
        if (requestParameter != null) {
            webContext.setSessionAttribute(str, requestParameter);
        }
    }
}
