package org.jasig.cas.client.integration.atlassian;

import com.atlassian.jira.security.login.JiraSeraphAuthenticator;
import com.atlassian.seraph.auth.AuthenticationContextAwareAuthenticator;
import com.atlassian.seraph.auth.AuthenticatorException;
import com.atlassian.seraph.auth.LoginReason;
import java.security.Principal;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.jasig.cas.client.validation.Assertion;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@AuthenticationContextAwareAuthenticator
/* loaded from: input_file:org/jasig/cas/client/integration/atlassian/Jira44CasAuthenticator.class */
public final class Jira44CasAuthenticator extends JiraSeraphAuthenticator {
    private static final long serialVersionUID = 3852011252741183166L;
    private static final Logger LOGGER = LoggerFactory.getLogger(Jira44CasAuthenticator.class);

    public Principal getUser(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Principal userFromSession = getUserFromSession(httpServletRequest);
        if (userFromSession != null) {
            LOGGER.debug("Session found; user already logged in.");
            return userFromSession;
        }
        Assertion assertion = (Assertion) httpServletRequest.getSession().getAttribute("_const_cas_assertion_");
        if (assertion == null) {
            return super.getUser(httpServletRequest, httpServletResponse);
        }
        String name = assertion.getPrincipal().getName();
        Principal user = getUser(name);
        if (user != null) {
            putPrincipalInSessionContext(httpServletRequest, user);
            getElevatedSecurityGuard().onSuccessfulLoginAttempt(httpServletRequest, name);
            LoginReason.OK.stampRequestResponse(httpServletRequest, httpServletResponse);
            LOGGER.debug("Logging in [{}] from CAS.", name);
        } else {
            LOGGER.debug("Failed logging [{}] from CAS.", name);
            getElevatedSecurityGuard().onFailedLoginAttempt(httpServletRequest, name);
        }
        return user;
    }

    public boolean logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticatorException {
        HttpSession session = httpServletRequest.getSession();
        Principal principal = (Principal) session.getAttribute("seraph_defaultauthenticator_user");
        if (principal != null) {
            LOGGER.debug("Logging out [{}] from CAS.", principal.getName());
        }
        removePrincipalFromSessionContext(httpServletRequest);
        session.setAttribute("_const_cas_assertion_", (Object) null);
        return true;
    }
}
