package org.apereo.cas.support.rest.resources;

import java.util.List;
import javax.servlet.http.HttpServletRequest;
import lombok.Generated;
import org.apache.commons.lang3.BooleanUtils;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.AuthenticationCredentialsThreadLocalBinder;
import org.apereo.cas.authentication.AuthenticationException;
import org.apereo.cas.authentication.AuthenticationSystemSupport;
import org.apereo.cas.authentication.DefaultAuthenticationResultBuilder;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.rest.BadRestRequestException;
import org.apereo.cas.rest.factory.RestHttpRequestCredentialFactory;
import org.apereo.cas.rest.factory.ServiceTicketResourceEntityResponseFactory;
import org.apereo.cas.ticket.InvalidTicketException;
import org.apereo.cas.ticket.registry.TicketRegistrySupport;
import org.apereo.cas.web.support.ArgumentExtractor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.util.MultiValueMap;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;

@RestController("serviceTicketResourceRestController")
/* loaded from: input_file:org/apereo/cas/support/rest/resources/ServiceTicketResource.class */
public class ServiceTicketResource {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(ServiceTicketResource.class);
    private final AuthenticationSystemSupport authenticationSystemSupport;
    private final TicketRegistrySupport ticketRegistrySupport;
    private final ArgumentExtractor argumentExtractor;
    private final ServiceTicketResourceEntityResponseFactory serviceTicketResourceEntityResponseFactory;
    private final RestHttpRequestCredentialFactory credentialFactory;
    private final ApplicationContext applicationContext;

    @PostMapping(value = {"/v1/tickets/{tgtId:.+}"}, consumes = {"application/x-www-form-urlencoded"})
    public ResponseEntity<String> createServiceTicket(HttpServletRequest httpServletRequest, @RequestBody(required = false) MultiValueMap<String, String> multiValueMap, @PathVariable("tgtId") String str) {
        try {
            try {
                try {
                    try {
                        Authentication authenticationFrom = this.ticketRegistrySupport.getAuthenticationFrom(str);
                        AuthenticationCredentialsThreadLocalBinder.bindCurrent(authenticationFrom);
                        if (authenticationFrom == null) {
                            throw new InvalidTicketException(str);
                        }
                        WebApplicationService extractService = this.argumentExtractor.extractService(httpServletRequest);
                        if (extractService == null) {
                            throw new IllegalArgumentException("Target service/application is unspecified or unrecognized in the request");
                        }
                        if (!BooleanUtils.toBoolean(httpServletRequest.getParameter("renew"))) {
                            ResponseEntity<String> build = this.serviceTicketResourceEntityResponseFactory.build(str, extractService, new DefaultAuthenticationResultBuilder().collect(authenticationFrom).build(this.authenticationSystemSupport.getPrincipalElectionStrategy(), extractService));
                            AuthenticationCredentialsThreadLocalBinder.clear();
                            return build;
                        }
                        List fromRequest = this.credentialFactory.fromRequest(httpServletRequest, multiValueMap);
                        if (fromRequest == null || fromRequest.isEmpty()) {
                            throw new BadRestRequestException("No credentials are provided or extracted to authenticate the REST request");
                        }
                        ResponseEntity<String> build2 = this.serviceTicketResourceEntityResponseFactory.build(str, extractService, this.authenticationSystemSupport.handleAndFinalizeSingleAuthenticationTransaction(extractService, fromRequest));
                        AuthenticationCredentialsThreadLocalBinder.clear();
                        return build2;
                    } catch (BadRestRequestException e) {
                        LOGGER.error(e.getMessage(), e);
                        ResponseEntity<String> responseEntity = new ResponseEntity<>(e.getMessage(), HttpStatus.BAD_REQUEST);
                        AuthenticationCredentialsThreadLocalBinder.clear();
                        return responseEntity;
                    }
                } catch (Exception e2) {
                    LOGGER.error(e2.getMessage(), e2);
                    ResponseEntity<String> responseEntity2 = new ResponseEntity<>(e2.getMessage(), HttpStatus.INTERNAL_SERVER_ERROR);
                    AuthenticationCredentialsThreadLocalBinder.clear();
                    return responseEntity2;
                }
            } catch (InvalidTicketException e3) {
                ResponseEntity<String> responseEntity3 = new ResponseEntity<>(str + " could not be found or is considered invalid", HttpStatus.NOT_FOUND);
                AuthenticationCredentialsThreadLocalBinder.clear();
                return responseEntity3;
            } catch (AuthenticationException e4) {
                ResponseEntity<String> createResponseEntityForAuthnFailure = RestResourceUtils.createResponseEntityForAuthnFailure(e4, httpServletRequest, this.applicationContext);
                AuthenticationCredentialsThreadLocalBinder.clear();
                return createResponseEntityForAuthnFailure;
            }
        } catch (Throwable th) {
            AuthenticationCredentialsThreadLocalBinder.clear();
            throw th;
        }
    }

    @Generated
    public ServiceTicketResource(AuthenticationSystemSupport authenticationSystemSupport, TicketRegistrySupport ticketRegistrySupport, ArgumentExtractor argumentExtractor, ServiceTicketResourceEntityResponseFactory serviceTicketResourceEntityResponseFactory, RestHttpRequestCredentialFactory restHttpRequestCredentialFactory, ApplicationContext applicationContext) {
        this.authenticationSystemSupport = authenticationSystemSupport;
        this.ticketRegistrySupport = ticketRegistrySupport;
        this.argumentExtractor = argumentExtractor;
        this.serviceTicketResourceEntityResponseFactory = serviceTicketResourceEntityResponseFactory;
        this.credentialFactory = restHttpRequestCredentialFactory;
        this.applicationContext = applicationContext;
    }
}
