package org.jasig.cas.authentication.handler.support;

import java.net.URL;
import java.security.GeneralSecurityException;
import javax.security.auth.login.FailedLoginException;
import javax.validation.constraints.NotNull;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.Conversions;
import org.aspectj.runtime.reflect.Factory;
import org.jasig.cas.authentication.AbstractAuthenticationHandler;
import org.jasig.cas.authentication.Credential;
import org.jasig.cas.authentication.DefaultHandlerResult;
import org.jasig.cas.authentication.HandlerResult;
import org.jasig.cas.authentication.HttpBasedServiceCredential;
import org.jasig.cas.authentication.UsernamePasswordCredential;
import org.jasig.cas.util.http.HttpClient;
import org.jasig.inspektr.aspect.TraceLogAspect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;

@Component("proxyAuthenticationHandler")
/* loaded from: input_file:org/jasig/cas/authentication/handler/support/HttpBasedServiceCredentialsAuthenticationHandler.class */
public final class HttpBasedServiceCredentialsAuthenticationHandler extends AbstractAuthenticationHandler {
    private final Logger logger = LoggerFactory.getLogger(getClass());

    @NotNull
    @Autowired
    @Qualifier("supportsTrustStoreSslSocketFactoryHttpClient")
    private HttpClient httpClient;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;

    /* loaded from: input_file:org/jasig/cas/authentication/handler/support/HttpBasedServiceCredentialsAuthenticationHandler$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return HttpBasedServiceCredentialsAuthenticationHandler.authenticate_aroundBody0((HttpBasedServiceCredentialsAuthenticationHandler) objArr2[0], (Credential) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/jasig/cas/authentication/handler/support/HttpBasedServiceCredentialsAuthenticationHandler$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(HttpBasedServiceCredentialsAuthenticationHandler.supports_aroundBody2((HttpBasedServiceCredentialsAuthenticationHandler) objArr2[0], (Credential) objArr2[1], (JoinPoint) objArr2[2]));
        }
    }

    public HandlerResult authenticate(Credential credential) throws GeneralSecurityException {
        return (HandlerResult) TraceLogAspect.aspectOf().traceMethod(new AjcClosure1(new Object[]{this, credential, Factory.makeJP(ajc$tjp_0, this, this, credential)}).linkClosureAndJoinPoint(69648));
    }

    public boolean supports(Credential credential) {
        return Conversions.booleanValue(TraceLogAspect.aspectOf().traceMethod(new AjcClosure3(new Object[]{this, credential, Factory.makeJP(ajc$tjp_1, this, this, credential)}).linkClosureAndJoinPoint(69648)));
    }

    public void setHttpClient(HttpClient httpClient) {
        this.httpClient = httpClient;
    }

    static {
        ajc$preClinit();
    }

    static final HandlerResult authenticate_aroundBody0(HttpBasedServiceCredentialsAuthenticationHandler httpBasedServiceCredentialsAuthenticationHandler, Credential credential, JoinPoint joinPoint) {
        HttpBasedServiceCredential httpBasedServiceCredential = (HttpBasedServiceCredential) credential;
        if (!httpBasedServiceCredential.getService().getProxyPolicy().isAllowedProxyCallbackUrl(httpBasedServiceCredential.getCallbackUrl())) {
            httpBasedServiceCredentialsAuthenticationHandler.logger.warn("Proxy policy for service [{}] cannot authorize the requested callback url [{}].", httpBasedServiceCredential.getService().getServiceId(), httpBasedServiceCredential.getCallbackUrl());
            throw new FailedLoginException(httpBasedServiceCredential.getCallbackUrl() + " cannot be authorized");
        }
        httpBasedServiceCredentialsAuthenticationHandler.logger.debug("Attempting to authenticate {}", httpBasedServiceCredential);
        URL callbackUrl = httpBasedServiceCredential.getCallbackUrl();
        if (httpBasedServiceCredentialsAuthenticationHandler.httpClient.isValidEndPoint(callbackUrl)) {
            return new DefaultHandlerResult(httpBasedServiceCredentialsAuthenticationHandler, httpBasedServiceCredential, httpBasedServiceCredentialsAuthenticationHandler.principalFactory.createPrincipal(httpBasedServiceCredential.getId()));
        }
        throw new FailedLoginException(String.valueOf(callbackUrl.toExternalForm()) + " sent an unacceptable response status code");
    }

    static final boolean supports_aroundBody2(HttpBasedServiceCredentialsAuthenticationHandler httpBasedServiceCredentialsAuthenticationHandler, Credential credential, JoinPoint joinPoint) {
        return credential instanceof HttpBasedServiceCredential;
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("HttpBasedServiceCredentialsAuthenticationHandler.java", HttpBasedServiceCredentialsAuthenticationHandler.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "authenticate", "org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler", "org.jasig.cas.authentication.Credential", UsernamePasswordCredential.AUTHENTICATION_ATTRIBUTE_PASSWORD, "java.security.GeneralSecurityException", "org.jasig.cas.authentication.HandlerResult"), 48);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "supports", "org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler", "org.jasig.cas.authentication.Credential", UsernamePasswordCredential.AUTHENTICATION_ATTRIBUTE_PASSWORD, "", "boolean"), 70);
    }
}
