package org.apereo.cas.trusted.web.flow;

import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.AuthenticationCredentialsLocalBinder;
import org.apereo.cas.configuration.model.support.mfa.TrustedDevicesMultifactorProperties;
import org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustRecord;
import org.apereo.cas.trusted.authentication.api.MultifactorAuthenticationTrustStorage;
import org.apereo.cas.trusted.util.MultifactorAuthenticationTrustUtils;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:org/apereo/cas/trusted/web/flow/MultifactorAuthenticationSetTrustAction.class */
public class MultifactorAuthenticationSetTrustAction extends AbstractAction {
    private static final Logger LOGGER = LoggerFactory.getLogger(MultifactorAuthenticationSetTrustAction.class);
    private static final String PARAM_NAME_DEVICE_NAME = "deviceName";
    private final MultifactorAuthenticationTrustStorage storage;
    private final TrustedDevicesMultifactorProperties trustedProperties;

    public MultifactorAuthenticationSetTrustAction(MultifactorAuthenticationTrustStorage multifactorAuthenticationTrustStorage, TrustedDevicesMultifactorProperties trustedDevicesMultifactorProperties) {
        this.storage = multifactorAuthenticationTrustStorage;
        this.trustedProperties = trustedDevicesMultifactorProperties;
    }

    public Event doExecute(RequestContext requestContext) {
        Authentication authentication = WebUtils.getAuthentication(requestContext);
        if (authentication == null) {
            LOGGER.error("Could not determine authentication from the request context");
            return error();
        }
        AuthenticationCredentialsLocalBinder.bindCurrent(authentication);
        String id = authentication.getPrincipal().getId();
        if (!MultifactorAuthenticationTrustUtils.isMultifactorAuthenticationTrustedInScope(requestContext)) {
            LOGGER.debug("Attempt to store trusted authentication record for [{}]", id);
            MultifactorAuthenticationTrustRecord newInstance = MultifactorAuthenticationTrustRecord.newInstance(id, MultifactorAuthenticationTrustUtils.generateGeography());
            if (requestContext.getRequestParameters().contains(PARAM_NAME_DEVICE_NAME)) {
                String str = requestContext.getRequestParameters().get(PARAM_NAME_DEVICE_NAME);
                if (StringUtils.isNotBlank(str)) {
                    newInstance.setName(str);
                }
            }
            this.storage.set(newInstance);
            LOGGER.debug("Saved trusted authentication record for [{}] under [{}]", id, newInstance.getName());
        }
        LOGGER.debug("Trusted authentication session exists for [{}]", id);
        MultifactorAuthenticationTrustUtils.trackTrustedMultifactorAuthenticationAttribute(authentication, this.trustedProperties.getAuthenticationContextAttribute());
        return success();
    }
}
