package org.beangle.security.ids;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.beangle.commons.bean.Initializing;
import org.beangle.commons.lang.Assert;
import org.beangle.commons.lang.Strings;
import org.beangle.security.authc.AccountStatusException;
import org.beangle.security.core.AuthenticationException;
import org.beangle.security.core.userdetail.UsernameNotFoundException;
import org.beangle.security.ids.session.SessionIdReader;

/* loaded from: input_file:org/beangle/security/ids/CasEntryPoint.class */
public class CasEntryPoint implements EntryPoint, Initializing {
    private CasConfig config;
    private String localLogin;
    private SessionIdReader sessionIdReader;

    public CasEntryPoint() {
    }

    public CasEntryPoint(CasConfig casConfig) {
        this.config = casConfig;
    }

    public void init() throws Exception {
        Assert.notNull(this.config, "cas config must be specified", new Object[0]);
    }

    @Override // org.beangle.security.ids.EntryPoint
    public void commence(ServletRequest servletRequest, ServletResponse servletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        Cas.cleanup(this.config, httpServletRequest, httpServletResponse);
        if (null != authenticationException && ((authenticationException instanceof UsernameNotFoundException) || (authenticationException instanceof AccountStatusException))) {
            httpServletResponse.getWriter().append((CharSequence) String.valueOf(authenticationException.getAuthentication().getPrincipal())).append((CharSequence) authenticationException.getMessage());
            return;
        }
        if (null == this.localLogin) {
            httpServletResponse.sendRedirect(constructRedirectUrl(this.config.getLoginUrl(), "service", constructServiceUrl(httpServletRequest, httpServletResponse, null, CasConfig.getLocalServer(httpServletRequest), this.config.getArtifactName(), this.config.isEncode()), this.config.isRenew(), false));
        } else {
            if (httpServletRequest.getServletPath().endsWith(this.localLogin)) {
                throw authenticationException;
            }
            httpServletResponse.sendRedirect(constructRedirectUrl(this.config.getLoginUrl(), "service", constructLocalLoginServiceUrl(httpServletRequest, httpServletResponse, null, CasConfig.getLocalServer(httpServletRequest), this.config.getArtifactName(), this.config.isEncode()), this.config.isRenew(), false) + "&isLoginService=11");
        }
    }

    public String constructLocalLoginServiceUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, String str3, boolean z) {
        if (Strings.isNotBlank(str)) {
            return z ? httpServletResponse.encodeURL(str) : str;
        }
        StringBuilder sb = new StringBuilder();
        if (!str2.startsWith("https://") && !str2.startsWith("http://")) {
            sb.append(httpServletRequest.isSecure() ? "https://" : "http://");
        }
        sb.append(str2);
        sb.append(httpServletRequest.getContextPath());
        sb.append(this.localLogin);
        return z ? httpServletResponse.encodeURL(sb.toString()) : sb.toString();
    }

    public static String constructServiceUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, String str3, boolean z) {
        if (Strings.isNotBlank(str)) {
            return z ? httpServletResponse.encodeURL(str) : str;
        }
        StringBuilder sb = new StringBuilder();
        if (!str2.startsWith("https://") && !str2.startsWith("http://")) {
            sb.append(httpServletRequest.isSecure() ? "https://" : "http://");
        }
        sb.append(str2);
        sb.append(httpServletRequest.getRequestURI());
        if (Strings.isNotBlank(httpServletRequest.getQueryString())) {
            int indexOf = httpServletRequest.getQueryString().indexOf(str3 + "=");
            if (indexOf == 0) {
                return z ? httpServletResponse.encodeURL(sb.toString()) : sb.toString();
            }
            sb.append("?");
            if (indexOf == -1) {
                sb.append(httpServletRequest.getQueryString());
            } else if (indexOf > 0) {
                int indexOf2 = httpServletRequest.getQueryString().indexOf("&" + str3 + "=");
                if (indexOf2 == -1) {
                    sb.append(httpServletRequest.getQueryString());
                } else if (indexOf2 > 0) {
                    sb.append(httpServletRequest.getQueryString().substring(0, indexOf2));
                }
            }
        }
        return z ? httpServletResponse.encodeURL(sb.toString()) : sb.toString();
    }

    public String constructRedirectUrl(String str, String str2, String str3, boolean z, boolean z2) {
        try {
            return str + (str.indexOf("?") != -1 ? "&" : "?") + str2 + "=" + URLEncoder.encode(str3, "UTF-8") + (z ? "&renew=true" : "") + (z2 ? "&gateway=true" : "") + "&" + SessionIdReader.SessionIdName + "=" + this.sessionIdReader.idName();
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    public CasConfig getConfig() {
        return this.config;
    }

    public void setConfig(CasConfig casConfig) {
        this.config = casConfig;
    }

    public String getLocalLogin() {
        return this.localLogin;
    }

    public void setLocalLogin(String str) {
        this.localLogin = str;
    }

    public void setSessionIdReader(SessionIdReader sessionIdReader) {
        this.sessionIdReader = sessionIdReader;
    }
}
