package org.apereo.cas.support.openid.authentication.handler.support;

import java.security.GeneralSecurityException;
import javax.security.auth.login.FailedLoginException;
import org.apereo.cas.authentication.AbstractAuthenticationHandler;
import org.apereo.cas.authentication.BasicCredentialMetaData;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.DefaultHandlerResult;
import org.apereo.cas.authentication.HandlerResult;
import org.apereo.cas.authentication.principal.Principal;
import org.apereo.cas.support.openid.authentication.principal.OpenIdCredential;
import org.apereo.cas.ticket.TicketGrantingTicket;
import org.apereo.cas.ticket.registry.TicketRegistry;
import org.apereo.inspektr.aspect.TraceLogAspect;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.Conversions;
import org.aspectj.runtime.reflect.Factory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.stereotype.Component;

@RefreshScope
@Component("openIdCredentialsAuthenticationHandler")
/* loaded from: input_file:org/apereo/cas/support/openid/authentication/handler/support/OpenIdCredentialsAuthenticationHandler.class */
public class OpenIdCredentialsAuthenticationHandler extends AbstractAuthenticationHandler {

    @Autowired
    @Qualifier("ticketRegistry")
    private TicketRegistry ticketRegistry;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;

    /* loaded from: input_file:org/apereo/cas/support/openid/authentication/handler/support/OpenIdCredentialsAuthenticationHandler$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return OpenIdCredentialsAuthenticationHandler.authenticate_aroundBody0((OpenIdCredentialsAuthenticationHandler) objArr2[0], (Credential) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/apereo/cas/support/openid/authentication/handler/support/OpenIdCredentialsAuthenticationHandler$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(OpenIdCredentialsAuthenticationHandler.supports_aroundBody2((OpenIdCredentialsAuthenticationHandler) objArr2[0], (Credential) objArr2[1], (JoinPoint) objArr2[2]));
        }
    }

    public HandlerResult authenticate(Credential credential) throws GeneralSecurityException {
        return (HandlerResult) TraceLogAspect.aspectOf().traceMethod(new AjcClosure1(new Object[]{this, credential, Factory.makeJP(ajc$tjp_0, this, this, credential)}).linkClosureAndJoinPoint(69648));
    }

    public boolean supports(Credential credential) {
        return Conversions.booleanValue(TraceLogAspect.aspectOf().traceMethod(new AjcClosure3(new Object[]{this, credential, Factory.makeJP(ajc$tjp_1, this, this, credential)}).linkClosureAndJoinPoint(69648)));
    }

    public void setTicketRegistry(TicketRegistry ticketRegistry) {
        this.ticketRegistry = ticketRegistry;
    }

    static {
        ajc$preClinit();
    }

    static final HandlerResult authenticate_aroundBody0(OpenIdCredentialsAuthenticationHandler openIdCredentialsAuthenticationHandler, Credential credential, JoinPoint joinPoint) {
        OpenIdCredential openIdCredential = (OpenIdCredential) credential;
        TicketGrantingTicket ticket = openIdCredentialsAuthenticationHandler.ticketRegistry.getTicket(openIdCredential.getTicketGrantingTicketId(), TicketGrantingTicket.class);
        if (ticket == null || ticket.isExpired()) {
            throw new FailedLoginException("TGT is null or expired.");
        }
        Principal principal = ticket.getAuthentication().getPrincipal();
        if (principal.getId().equals(openIdCredential.getUsername())) {
            return new DefaultHandlerResult(openIdCredentialsAuthenticationHandler, new BasicCredentialMetaData(openIdCredential), principal);
        }
        throw new FailedLoginException("Principal ID mismatch");
    }

    static final boolean supports_aroundBody2(OpenIdCredentialsAuthenticationHandler openIdCredentialsAuthenticationHandler, Credential credential, JoinPoint joinPoint) {
        return credential instanceof OpenIdCredential;
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("OpenIdCredentialsAuthenticationHandler.java", OpenIdCredentialsAuthenticationHandler.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "authenticate", "org.apereo.cas.support.openid.authentication.handler.support.OpenIdCredentialsAuthenticationHandler", "org.apereo.cas.authentication.Credential", "credential", "java.security.GeneralSecurityException", "org.apereo.cas.authentication.HandlerResult"), 38);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "supports", "org.apereo.cas.support.openid.authentication.handler.support.OpenIdCredentialsAuthenticationHandler", "org.apereo.cas.authentication.Credential", "credential", "", "boolean"), 55);
    }
}
