package net.unicon.cas.mfa.web.flow;

import javax.validation.constraints.NotNull;
import net.unicon.cas.mfa.authentication.AuthenticationSupport;
import net.unicon.cas.mfa.authentication.principal.MultiFactorCredentials;
import net.unicon.cas.mfa.web.flow.util.MultiFactorRequestContextUtils;
import org.apache.commons.lang3.StringUtils;
import org.jasig.cas.authentication.Authentication;
import org.jasig.cas.authentication.Credential;
import org.jasig.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.core.collection.LocalAttributeMap;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:WEB-INF/lib/cas-mfa-java-2.0.0-RC3.jar:net/unicon/cas/mfa/web/flow/GenerateMultiFactorCredentialsAction.class */
public final class GenerateMultiFactorCredentialsAction extends AbstractAction {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) GenerateMultiFactorCredentialsAction.class);
    private static final String EVENT_ID_SUCCESS = "success";
    public static final String ATTRIBUTE_ID_MFA_CREDENTIALS = "mfaCredentials";
    private AuthenticationSupport authenticationSupport;

    public void setAuthenticationSupport(AuthenticationSupport authenticationSupport) {
        this.authenticationSupport = authenticationSupport;
    }

    private Credential createCredentials(RequestContext requestContext, @NotNull Credential credential, @NotNull String str) throws NoAuthenticationContextAvailable {
        Authentication casAuthentication = getCasAuthentication(requestContext);
        if (casAuthentication == null) {
            LOGGER.debug("No authentication context is available.");
            throw new NoAuthenticationContextAvailable();
        }
        LOGGER.debug("Retrieved authentication context. Building multifactor credentials...");
        MultiFactorCredentials mfaCredentialsInstanceFromContext = getMfaCredentialsInstanceFromContext(requestContext);
        LOGGER.debug("Added authentication to the chain");
        mfaCredentialsInstanceFromContext.addAuthenticationToChain(casAuthentication);
        if (str != null && credential != null) {
            LOGGER.debug("Added credentials to the chain by id [{}]", str);
            mfaCredentialsInstanceFromContext.getChainedCredentials().put(str, credential);
        }
        MultiFactorRequestContextUtils.setMfaCredentials(requestContext, mfaCredentialsInstanceFromContext);
        LOGGER.debug("Added multifactor credentials to the request context.");
        return mfaCredentialsInstanceFromContext;
    }

    private Authentication getCasAuthentication(RequestContext requestContext) {
        Authentication authentication = MultiFactorRequestContextUtils.getAuthentication(requestContext);
        if (authentication == null) {
            LOGGER.debug("Request is missing authentication context. Examining TGT...");
            String ticketGrantingTicketId = MultiFactorRequestContextUtils.getTicketGrantingTicketId(requestContext);
            if (!StringUtils.isBlank(ticketGrantingTicketId)) {
                LOGGER.debug("Retrieving authentication context from TGT [{}]", ticketGrantingTicketId);
                return this.authenticationSupport.getAuthenticationFrom(ticketGrantingTicketId);
            }
        }
        return authentication;
    }

    private static MultiFactorCredentials getMfaCredentialsInstanceFromContext(RequestContext requestContext) {
        LOGGER.debug("Attempting to collect multifactor credentials from the context...");
        MultiFactorCredentials mfaCredentials = MultiFactorRequestContextUtils.getMfaCredentials(requestContext);
        if (mfaCredentials != null) {
            return mfaCredentials;
        }
        LOGGER.debug("Context is missing multifactor credentials. Initializing a new instance...");
        return new MultiFactorCredentials();
    }

    @Override // org.springframework.webflow.action.AbstractAction
    protected Event doExecute(RequestContext requestContext) {
        LOGGER.debug("Authentication has entered the flow [{}] executing state [{}", requestContext.getActiveFlow().getId(), requestContext.getFlowExecutionContext().getActiveSession().getState().getId());
        Credential credential = WebUtils.getCredential(requestContext);
        return new Event(this, "success", new LocalAttributeMap("mfaCredentials", createCredentials(requestContext, credential, credential != null ? credential.getId() : null)));
    }
}
