package org.apereo.cas.web.flow.client;

import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.support.spnego.util.ReverseDNSRunnable;
import org.apereo.cas.util.RegexUtils;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:org/apereo/cas/web/flow/client/BaseSpnegoKnownClientSystemsFilterAction.class */
public class BaseSpnegoKnownClientSystemsFilterAction extends AbstractAction {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(BaseSpnegoKnownClientSystemsFilterAction.class);
    private Pattern ipsToCheckPattern;
    private String alternativeRemoteHostAttribute;
    private long timeout;

    public BaseSpnegoKnownClientSystemsFilterAction(String str) {
        setIpsToCheckPattern(RegexUtils.createPattern(str));
    }

    protected Event doExecute(RequestContext requestContext) {
        String remoteIp = getRemoteIp(requestContext);
        LOGGER.debug("Current user IP [{}]", remoteIp);
        if (shouldDoSpnego(remoteIp)) {
            LOGGER.info("Spnego should be activated for [{}]", remoteIp);
            return yes();
        }
        LOGGER.info("Spnego should is skipped for [{}]", remoteIp);
        return no();
    }

    protected boolean shouldDoSpnego(String str) {
        return ipPatternCanBeChecked(str) && ipPatternMatches(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean ipPatternCanBeChecked(String str) {
        return this.ipsToCheckPattern != null && StringUtils.isNotBlank(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean ipPatternMatches(String str) {
        if (this.ipsToCheckPattern.matcher(str).find()) {
            LOGGER.debug("Remote IP address [{}] should be checked based on the defined pattern [{}]", str, this.ipsToCheckPattern.pattern());
            return true;
        }
        LOGGER.debug("No pattern or remote IP defined, or pattern does not match remote IP [{}]", str);
        return false;
    }

    private String getRemoteIp(RequestContext requestContext) {
        HttpServletRequest httpServletRequestFromExternalWebflowContext = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
        String remoteAddr = httpServletRequestFromExternalWebflowContext.getRemoteAddr();
        LOGGER.debug("Remote Address = [{}]", remoteAddr);
        if (StringUtils.isNotBlank(this.alternativeRemoteHostAttribute)) {
            remoteAddr = httpServletRequestFromExternalWebflowContext.getHeader(this.alternativeRemoteHostAttribute);
            LOGGER.debug("Header Attribute [{}] = [{}]", this.alternativeRemoteHostAttribute, remoteAddr);
            if (StringUtils.isBlank(remoteAddr)) {
                remoteAddr = httpServletRequestFromExternalWebflowContext.getRemoteAddr();
                LOGGER.warn("No value could be retrieved from the header [{}]. Falling back to [{}].", this.alternativeRemoteHostAttribute, remoteAddr);
            }
        }
        return remoteAddr;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getRemoteHostName(String str) {
        ReverseDNSRunnable reverseDNSRunnable = new ReverseDNSRunnable(str);
        Thread thread = new Thread((Runnable) reverseDNSRunnable);
        thread.start();
        try {
            thread.join(this.timeout);
        } catch (InterruptedException e) {
            LOGGER.debug("Threaded lookup failed.  Defaulting to IP [{}].", str, e);
        }
        String hostName = reverseDNSRunnable.getHostName();
        LOGGER.debug("Found remote host name [{}].", hostName);
        return StringUtils.isNotBlank(hostName) ? hostName : str;
    }

    @Generated
    public String toString() {
        return "BaseSpnegoKnownClientSystemsFilterAction(ipsToCheckPattern=" + this.ipsToCheckPattern + ", alternativeRemoteHostAttribute=" + this.alternativeRemoteHostAttribute + ", timeout=" + this.timeout + ")";
    }

    @Generated
    public void setIpsToCheckPattern(Pattern pattern) {
        this.ipsToCheckPattern = pattern;
    }

    @Generated
    public void setAlternativeRemoteHostAttribute(String str) {
        this.alternativeRemoteHostAttribute = str;
    }

    @Generated
    public void setTimeout(long j) {
        this.timeout = j;
    }

    @Generated
    public Pattern getIpsToCheckPattern() {
        return this.ipsToCheckPattern;
    }

    @Generated
    public String getAlternativeRemoteHostAttribute() {
        return this.alternativeRemoteHostAttribute;
    }

    @Generated
    public long getTimeout() {
        return this.timeout;
    }

    @Generated
    public BaseSpnegoKnownClientSystemsFilterAction(Pattern pattern, String str, long j) {
        this.ipsToCheckPattern = pattern;
        this.alternativeRemoteHostAttribute = str;
        this.timeout = j;
    }
}
