package org.apereo.cas.web.flow;

import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.RegisteredServiceAccessStrategy;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.services.UnauthorizedServiceException;
import org.apereo.cas.web.support.ArgumentExtractor;
import org.apereo.cas.web.support.CookieRetrievingCookieGenerator;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;
import org.springframework.webflow.execution.repository.NoSuchFlowExecutionException;

/* loaded from: input_file:org/apereo/cas/web/flow/InitialFlowSetupAction.class */
public class InitialFlowSetupAction extends AbstractAction {
    private transient Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    private CasConfigurationProperties casProperties;
    private ServicesManager servicesManager;
    private CookieRetrievingCookieGenerator warnCookieGenerator;
    private CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator;
    private List<ArgumentExtractor> argumentExtractors;

    protected Event doExecute(RequestContext requestContext) throws Exception {
        configureCookieGenerators(requestContext);
        configureWebflowContext(requestContext);
        configureWebflowContextForService(requestContext);
        return success();
    }

    private void configureWebflowContextForService(RequestContext requestContext) {
        WebApplicationService service = WebUtils.getService(this.argumentExtractors, requestContext);
        if (service != null) {
            this.logger.debug("Placing service in context scope: [{}]", service.getId());
            RegisteredService findServiceBy = this.servicesManager.findServiceBy(service);
            if (findServiceBy != null && findServiceBy.getAccessStrategy().isServiceAccessAllowed()) {
                this.logger.debug("Placing registered service [{}] with id [{}] in context scope", findServiceBy.getServiceId(), Long.valueOf(findServiceBy.getId()));
                WebUtils.putRegisteredService(requestContext, findServiceBy);
                RegisteredServiceAccessStrategy accessStrategy = findServiceBy.getAccessStrategy();
                if (accessStrategy.getUnauthorizedRedirectUrl() != null) {
                    this.logger.debug("Placing registered service's unauthorized redirect url [{}] with id [{}] in context scope", accessStrategy.getUnauthorizedRedirectUrl(), findServiceBy.getServiceId());
                    WebUtils.putUnauthorizedRedirectUrl(requestContext, accessStrategy.getUnauthorizedRedirectUrl());
                }
            }
        } else if (!this.casProperties.getSso().isMissingService()) {
            this.logger.warn("No service authentication request is available at [{}]. CAS is configured to disable the flow.", WebUtils.getHttpServletRequest(requestContext).getRequestURL());
            throw new NoSuchFlowExecutionException(requestContext.getFlowExecutionContext().getKey(), new UnauthorizedServiceException("screen.service.required.message", "Service is required"));
        }
        WebUtils.putService(requestContext, service);
    }

    private void configureWebflowContext(RequestContext requestContext) {
        HttpServletRequest httpServletRequest = WebUtils.getHttpServletRequest(requestContext);
        WebUtils.putTicketGrantingTicketInScopes(requestContext, this.ticketGrantingTicketCookieGenerator.retrieveCookieValue(httpServletRequest));
        WebUtils.putGoogleAnalyticsTrackingIdIntoFlowScope(requestContext, this.casProperties.getGoogleAnalytics().getGoogleAnalyticsTrackingId());
        WebUtils.putWarningCookie(requestContext, Boolean.valueOf(this.warnCookieGenerator.retrieveCookieValue(httpServletRequest)));
        WebUtils.putGeoLocationTrackingIntoFlowScope(requestContext, Boolean.valueOf(this.casProperties.getEvents().isTrackGeolocation()));
        WebUtils.putRecaptchaSiteKeyIntoFlowScope(requestContext, this.casProperties.getGoogleRecaptcha().getSiteKey());
        WebUtils.putStaticAuthenticationIntoFlowScope(requestContext, Boolean.valueOf(StringUtils.isNotBlank(this.casProperties.getAuthn().getAccept().getUsers()) || StringUtils.isNotBlank(this.casProperties.getAuthn().getReject().getUsers())));
        WebUtils.putPasswordManagementEnabled(requestContext, Boolean.valueOf(this.casProperties.getAuthn().getPm().isEnabled()));
        WebUtils.putRememberMeAuthenticationEnabled(requestContext, Boolean.valueOf(this.casProperties.getTicket().getTgt().getRememberMe().isEnabled()));
    }

    private void configureCookieGenerators(RequestContext requestContext) {
        String contextPath = requestContext.getExternalContext().getContextPath();
        String str = StringUtils.isNotBlank(contextPath) ? contextPath + '/' : "/";
        if (StringUtils.isBlank(this.warnCookieGenerator.getCookiePath())) {
            this.logger.info("Setting path for cookies for warn cookie generator to: {} ", str);
            this.warnCookieGenerator.setCookiePath(str);
        } else {
            this.logger.debug("Warning cookie path is set to {} and path {}", this.warnCookieGenerator.getCookieDomain(), this.warnCookieGenerator.getCookiePath());
        }
        if (!StringUtils.isBlank(this.ticketGrantingTicketCookieGenerator.getCookiePath())) {
            this.logger.debug("TGC cookie path is set to {} and path {}", this.ticketGrantingTicketCookieGenerator.getCookieDomain(), this.ticketGrantingTicketCookieGenerator.getCookiePath());
        } else {
            this.logger.debug("Setting path for cookies for TGC cookie generator to: {} ", str);
            this.ticketGrantingTicketCookieGenerator.setCookiePath(str);
        }
    }

    public void setTicketGrantingTicketCookieGenerator(CookieRetrievingCookieGenerator cookieRetrievingCookieGenerator) {
        this.ticketGrantingTicketCookieGenerator = cookieRetrievingCookieGenerator;
    }

    public void setWarnCookieGenerator(CookieRetrievingCookieGenerator cookieRetrievingCookieGenerator) {
        this.warnCookieGenerator = cookieRetrievingCookieGenerator;
    }

    public void setArgumentExtractors(List<ArgumentExtractor> list) {
        this.argumentExtractors = list;
    }

    public void setServicesManager(ServicesManager servicesManager) {
        this.servicesManager = servicesManager;
    }

    public ServicesManager getServicesManager() {
        return this.servicesManager;
    }

    public CookieRetrievingCookieGenerator getWarnCookieGenerator() {
        return this.warnCookieGenerator;
    }

    public CookieRetrievingCookieGenerator getTicketGrantingTicketCookieGenerator() {
        return this.ticketGrantingTicketCookieGenerator;
    }

    public List<ArgumentExtractor> getArgumentExtractors() {
        return this.argumentExtractors;
    }

    public void setCasProperties(CasConfigurationProperties casConfigurationProperties) {
        this.casProperties = casConfigurationProperties;
    }
}
