package fr.zebasto.shield.cas.realm.core;

import fr.zebasto.shield.cas.realm.exception.CasFailException;
import fr.zebasto.shield.cas.realm.service.CasLogonService;
import fr.zebasto.shield.cas.realm.service.UserLookupService;
import java.util.HashMap;
import org.elasticsearch.rest.RestRequest;
import org.elasticsearch.shield.User;
import org.elasticsearch.shield.authc.AuthenticationToken;
import org.elasticsearch.shield.authc.Realm;
import org.elasticsearch.shield.authc.RealmConfig;
import org.elasticsearch.shield.authc.support.SecuredString;
import org.elasticsearch.shield.authc.support.UsernamePasswordToken;
import org.elasticsearch.transport.TransportMessage;

/* loaded from: input_file:fr/zebasto/shield/cas/realm/core/CasRealm.class */
public class CasRealm extends Realm<UsernamePasswordToken> {
    public static final String TYPE = "cas";
    private static final String USER_HEADER = "User";
    private static final String PW_HEADER = "Password";
    private CasLogonService casLogonService;
    private UserLookupService userLookupService;

    public CasRealm(RealmConfig realmConfig) {
        this(TYPE, realmConfig);
    }

    public CasRealm(String str, RealmConfig realmConfig) {
        super(str, realmConfig);
        initCasLogonService();
        initUserLookupService();
    }

    private void initCasLogonService() {
        String str = this.config.settings().get("cas.logonClass", CasLogonService.class.getCanonicalName());
        try {
            this.casLogonService = (CasLogonService) Class.forName(str).newInstance();
            this.logger.info("Using {} for CasLogonService", new Object[]{str});
        } catch (ClassNotFoundException | IllegalAccessException | InstantiationException e) {
            this.logger.warn("Failed to get class {}, using fallback", new Object[]{str});
            this.casLogonService = new CasLogonService();
        }
        this.casLogonService.setup(this.config);
    }

    private void initUserLookupService() {
        String str = this.config.settings().get("cas.lookupClass", UserLookupService.class.getCanonicalName());
        try {
            this.userLookupService = (UserLookupService) Class.forName(str).newInstance();
            this.logger.info("Using {} for UserLookupService", new Object[]{str});
        } catch (ClassNotFoundException | IllegalAccessException | InstantiationException e) {
            this.logger.warn("Failed to get class {}, using fallback", new Object[]{str});
            this.userLookupService = new UserLookupService();
        }
        this.userLookupService.setup(this.config);
    }

    public boolean supports(AuthenticationToken authenticationToken) {
        return authenticationToken instanceof UsernamePasswordToken;
    }

    /* renamed from: token, reason: merged with bridge method [inline-methods] */
    public UsernamePasswordToken m1token(RestRequest restRequest) {
        String header;
        String header2 = restRequest.header(USER_HEADER);
        if (header2 == null || (header = restRequest.header(PW_HEADER)) == null) {
            return null;
        }
        return new UsernamePasswordToken(header2, new SecuredString(header.toCharArray()));
    }

    public UsernamePasswordToken token(TransportMessage<?> transportMessage) {
        String str;
        String str2 = (String) transportMessage.getHeader(USER_HEADER);
        if (str2 == null || (str = (String) transportMessage.getHeader(PW_HEADER)) == null) {
            return null;
        }
        return new UsernamePasswordToken(str2, new SecuredString(str.toCharArray()));
    }

    public User authenticate(UsernamePasswordToken usernamePasswordToken) {
        try {
            CasLogonService.Pair<String, String> authenticate = this.casLogonService.authenticate(usernamePasswordToken.principal(), usernamePasswordToken.credentials());
            User lookupUser = lookupUser(usernamePasswordToken.principal());
            HashMap hashMap = new HashMap(lookupUser.metadata());
            hashMap.put(CasLogonService.SERVICE_TICKET_ID, authenticate.left);
            hashMap.put(CasLogonService.TGT_TICKET_ID, authenticate.right);
            return new User(lookupUser.principal(), lookupUser.roles(), lookupUser.fullName(), lookupUser.email(), hashMap);
        } catch (CasFailException e) {
            this.logger.warn("User {} failed to authenticate because {}", new Object[]{usernamePasswordToken.principal(), e.getMessage()});
            return null;
        }
    }

    public User lookupUser(String str) {
        return this.userLookupService.lookupUser(str);
    }

    public boolean userLookupSupported() {
        return true;
    }

    /* renamed from: token, reason: collision with other method in class */
    public /* bridge */ /* synthetic */ AuthenticationToken m0token(TransportMessage transportMessage) {
        return token((TransportMessage<?>) transportMessage);
    }
}
