package org.apereo.cas.support.pac4j.web.flow;

import com.google.common.collect.ImmutableSet;
import java.io.Serializable;
import java.util.LinkedHashSet;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.CentralAuthenticationService;
import org.apereo.cas.authentication.AuthenticationSystemSupport;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.DefaultAuthenticationSystemSupport;
import org.apereo.cas.authentication.principal.ClientCredential;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.web.support.WebUtils;
import org.apereo.inspektr.aspect.TraceLogAspect;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.reflect.Factory;
import org.pac4j.core.client.BaseClient;
import org.pac4j.core.client.ClientType;
import org.pac4j.core.client.Clients;
import org.pac4j.core.client.IndirectClient;
import org.pac4j.core.context.J2EContext;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.exception.RequiresHttpAction;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.profile.ProfileHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.stereotype.Component;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.context.ExternalContextHolder;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

@RefreshScope
@Component("clientAction")
/* loaded from: input_file:org/apereo/cas/support/pac4j/web/flow/ClientAction.class */
public class ClientAction extends AbstractAction {
    public static final String PAC4J_URLS = "pac4jUrls";
    private static final Set<ClientType> SUPPORTED_PROTOCOLS;

    @Autowired
    @Qualifier("builtClients")
    private Clients clients;

    @Autowired
    private CentralAuthenticationService centralAuthenticationService;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;
    private static final JoinPoint.StaticPart ajc$tjp_2 = null;
    private transient Logger logger = LoggerFactory.getLogger(ClientAction.class);

    @Autowired(required = false)
    @Qualifier("defaultAuthenticationSystemSupport")
    private AuthenticationSystemSupport authenticationSystemSupport = new DefaultAuthenticationSystemSupport();

    /* loaded from: input_file:org/apereo/cas/support/pac4j/web/flow/ClientAction$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return ClientAction.getClients_aroundBody0((ClientAction) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/apereo/cas/support/pac4j/web/flow/ClientAction$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return ClientAction.getCentralAuthenticationService_aroundBody2((ClientAction) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/apereo/cas/support/pac4j/web/flow/ClientAction$AjcClosure5.class */
    public class AjcClosure5 extends AroundClosure {
        public AjcClosure5(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return ClientAction.getAuthenticationSystemSupport_aroundBody4((ClientAction) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/apereo/cas/support/pac4j/web/flow/ClientAction$ProviderLoginPageConfiguration.class */
    public static class ProviderLoginPageConfiguration implements Serializable {
        private static final long serialVersionUID = 6216882278086699364L;
        private String name;
        private String redirectUrl;
        private String type;
        private static final JoinPoint.StaticPart ajc$tjp_0 = null;
        private static final JoinPoint.StaticPart ajc$tjp_1 = null;
        private static final JoinPoint.StaticPart ajc$tjp_2 = null;

        /* loaded from: input_file:org/apereo/cas/support/pac4j/web/flow/ClientAction$ProviderLoginPageConfiguration$AjcClosure1.class */
        public class AjcClosure1 extends AroundClosure {
            public AjcClosure1(Object[] objArr) {
                super(objArr);
            }

            public Object run(Object[] objArr) {
                Object[] objArr2 = ((AroundClosure) this).state;
                return ProviderLoginPageConfiguration.getName_aroundBody0((ProviderLoginPageConfiguration) objArr2[0], (JoinPoint) objArr2[1]);
            }
        }

        /* loaded from: input_file:org/apereo/cas/support/pac4j/web/flow/ClientAction$ProviderLoginPageConfiguration$AjcClosure3.class */
        public class AjcClosure3 extends AroundClosure {
            public AjcClosure3(Object[] objArr) {
                super(objArr);
            }

            public Object run(Object[] objArr) {
                Object[] objArr2 = ((AroundClosure) this).state;
                return ProviderLoginPageConfiguration.getRedirectUrl_aroundBody2((ProviderLoginPageConfiguration) objArr2[0], (JoinPoint) objArr2[1]);
            }
        }

        /* loaded from: input_file:org/apereo/cas/support/pac4j/web/flow/ClientAction$ProviderLoginPageConfiguration$AjcClosure5.class */
        public class AjcClosure5 extends AroundClosure {
            public AjcClosure5(Object[] objArr) {
                super(objArr);
            }

            public Object run(Object[] objArr) {
                Object[] objArr2 = ((AroundClosure) this).state;
                return ProviderLoginPageConfiguration.getType_aroundBody4((ProviderLoginPageConfiguration) objArr2[0], (JoinPoint) objArr2[1]);
            }
        }

        ProviderLoginPageConfiguration(String str, String str2, String str3) {
            this.name = str;
            this.redirectUrl = str2;
            this.type = str3;
        }

        public String getName() {
            return (String) TraceLogAspect.aspectOf().traceMethod(new AjcClosure1(new Object[]{this, Factory.makeJP(ajc$tjp_0, this, this)}).linkClosureAndJoinPoint(69648));
        }

        public String getRedirectUrl() {
            return (String) TraceLogAspect.aspectOf().traceMethod(new AjcClosure3(new Object[]{this, Factory.makeJP(ajc$tjp_1, this, this)}).linkClosureAndJoinPoint(69648));
        }

        public String getType() {
            return (String) TraceLogAspect.aspectOf().traceMethod(new AjcClosure5(new Object[]{this, Factory.makeJP(ajc$tjp_2, this, this)}).linkClosureAndJoinPoint(69648));
        }

        static {
            ajc$preClinit();
        }

        static final String getName_aroundBody0(ProviderLoginPageConfiguration providerLoginPageConfiguration, JoinPoint joinPoint) {
            return providerLoginPageConfiguration.name;
        }

        static final String getRedirectUrl_aroundBody2(ProviderLoginPageConfiguration providerLoginPageConfiguration, JoinPoint joinPoint) {
            return providerLoginPageConfiguration.redirectUrl;
        }

        static final String getType_aroundBody4(ProviderLoginPageConfiguration providerLoginPageConfiguration, JoinPoint joinPoint) {
            return providerLoginPageConfiguration.type;
        }

        private static void ajc$preClinit() {
            Factory factory = new Factory("ClientAction.java", ProviderLoginPageConfiguration.class);
            ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getName", "org.apereo.cas.support.pac4j.web.flow.ClientAction$ProviderLoginPageConfiguration", "", "", "", "java.lang.String"), 280);
            ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getRedirectUrl", "org.apereo.cas.support.pac4j.web.flow.ClientAction$ProviderLoginPageConfiguration", "", "", "", "java.lang.String"), 284);
            ajc$tjp_2 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getType", "org.apereo.cas.support.pac4j.web.flow.ClientAction$ProviderLoginPageConfiguration", "", "", "", "java.lang.String"), 288);
        }
    }

    static {
        ajc$preClinit();
        SUPPORTED_PROTOCOLS = ImmutableSet.of(ClientType.CAS_PROTOCOL, ClientType.OAUTH_PROTOCOL, ClientType.OPENID_PROTOCOL, ClientType.SAML_PROTOCOL, ClientType.OPENID_CONNECT_PROTOCOL);
        ProfileHelper.setKeepRawData(true);
    }

    protected Event doExecute(RequestContext requestContext) throws Exception {
        HttpServletRequest httpServletRequest = WebUtils.getHttpServletRequest(requestContext);
        HttpServletResponse httpServletResponse = WebUtils.getHttpServletResponse(requestContext);
        HttpSession session = httpServletRequest.getSession();
        J2EContext j2EContext = new J2EContext(httpServletRequest, httpServletResponse);
        String parameter = httpServletRequest.getParameter(this.clients.getClientNameParameter());
        this.logger.debug("clientName: {}", parameter);
        if (StringUtils.isNotBlank(parameter)) {
            BaseClient findClient = this.clients.findClient(parameter);
            this.logger.debug("client: {}", findClient);
            if (!SUPPORTED_PROTOCOLS.contains(findClient.getClientType())) {
                throw new TechnicalException("Only CAS, OAuth, OpenID and SAML protocols are supported: " + findClient);
            }
            try {
                Credentials credentials = findClient.getCredentials(j2EContext);
                this.logger.debug("credentials: {}", credentials);
                Service service = (Service) session.getAttribute("service");
                requestContext.getFlowScope().put("service", service);
                this.logger.debug("retrieve service: {}", service);
                if (service != null) {
                    httpServletRequest.setAttribute("service", service.getId());
                }
                restoreRequestAttribute(httpServletRequest, session, "theme");
                restoreRequestAttribute(httpServletRequest, session, "locale");
                restoreRequestAttribute(httpServletRequest, session, "method");
                if (credentials != null) {
                    WebUtils.putTicketGrantingTicketInScopes(requestContext, this.centralAuthenticationService.createTicketGrantingTicket(this.authenticationSystemSupport.handleAndFinalizeSingleAuthenticationTransaction(service, new Credential[]{new ClientCredential(credentials)})));
                    return success();
                }
            } catch (RequiresHttpAction e) {
                this.logger.debug("requires http action", e);
                httpServletResponse.flushBuffer();
                ExternalContextHolder.getExternalContext().recordResponseComplete();
                return new Event(this, "stop");
            }
        }
        prepareForLoginPage(requestContext);
        return error();
    }

    protected void prepareForLoginPage(RequestContext requestContext) {
        HttpServletRequest httpServletRequest = WebUtils.getHttpServletRequest(requestContext);
        HttpServletResponse httpServletResponse = WebUtils.getHttpServletResponse(requestContext);
        HttpSession session = httpServletRequest.getSession();
        J2EContext j2EContext = new J2EContext(httpServletRequest, httpServletResponse);
        WebApplicationService service = WebUtils.getService(requestContext);
        this.logger.debug("save service: {}", service);
        session.setAttribute("service", service);
        saveRequestParameter(httpServletRequest, session, "theme");
        saveRequestParameter(httpServletRequest, session, "locale");
        saveRequestParameter(httpServletRequest, session, "method");
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        for (IndirectClient indirectClient : this.clients.findAllClients()) {
            IndirectClient indirectClient2 = indirectClient;
            String replace = indirectClient.getName().replace("Client", "");
            String redirectionUrl = indirectClient2.getRedirectionUrl(j2EContext);
            this.logger.debug("{} -> {}", replace, redirectionUrl);
            linkedHashSet.add(new ProviderLoginPageConfiguration(replace, redirectionUrl, replace.toLowerCase()));
        }
        requestContext.getFlowScope().put(PAC4J_URLS, linkedHashSet);
    }

    private void restoreRequestAttribute(HttpServletRequest httpServletRequest, HttpSession httpSession, String str) {
        httpServletRequest.setAttribute(str, (String) httpSession.getAttribute(str));
    }

    private void saveRequestParameter(HttpServletRequest httpServletRequest, HttpSession httpSession, String str) {
        String parameter = httpServletRequest.getParameter(str);
        if (parameter != null) {
            httpSession.setAttribute(str, parameter);
        }
    }

    public Clients getClients() {
        return (Clients) TraceLogAspect.aspectOf().traceMethod(new AjcClosure1(new Object[]{this, Factory.makeJP(ajc$tjp_0, this, this)}).linkClosureAndJoinPoint(69648));
    }

    public void setClients(Clients clients) {
        this.clients = clients;
    }

    public CentralAuthenticationService getCentralAuthenticationService() {
        return (CentralAuthenticationService) TraceLogAspect.aspectOf().traceMethod(new AjcClosure3(new Object[]{this, Factory.makeJP(ajc$tjp_1, this, this)}).linkClosureAndJoinPoint(69648));
    }

    public void setCentralAuthenticationService(CentralAuthenticationService centralAuthenticationService) {
        this.centralAuthenticationService = centralAuthenticationService;
    }

    public AuthenticationSystemSupport getAuthenticationSystemSupport() {
        return (AuthenticationSystemSupport) TraceLogAspect.aspectOf().traceMethod(new AjcClosure5(new Object[]{this, Factory.makeJP(ajc$tjp_2, this, this)}).linkClosureAndJoinPoint(69648));
    }

    static final Clients getClients_aroundBody0(ClientAction clientAction, JoinPoint joinPoint) {
        return clientAction.clients;
    }

    static final CentralAuthenticationService getCentralAuthenticationService_aroundBody2(ClientAction clientAction, JoinPoint joinPoint) {
        return clientAction.centralAuthenticationService;
    }

    static final AuthenticationSystemSupport getAuthenticationSystemSupport_aroundBody4(ClientAction clientAction, JoinPoint joinPoint) {
        return clientAction.authenticationSystemSupport;
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("ClientAction.java", ClientAction.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getClients", "org.apereo.cas.support.pac4j.web.flow.ClientAction", "", "", "", "org.pac4j.core.client.Clients"), 238);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getCentralAuthenticationService", "org.apereo.cas.support.pac4j.web.flow.ClientAction", "", "", "", "org.apereo.cas.CentralAuthenticationService"), 246);
        ajc$tjp_2 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getAuthenticationSystemSupport", "org.apereo.cas.support.pac4j.web.flow.ClientAction", "", "", "", "org.apereo.cas.authentication.AuthenticationSystemSupport"), 254);
    }
}
