package org.pac4j.cas.credentials.authenticator;

import java.io.BufferedWriter;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Optional;
import org.pac4j.cas.config.CasConfiguration;
import org.pac4j.cas.profile.CasRestProfile;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.context.session.SessionStore;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.credentials.UsernamePasswordCredentials;
import org.pac4j.core.credentials.authenticator.Authenticator;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.core.util.HttpUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/pac4j/cas/credentials/authenticator/CasRestAuthenticator.class */
public class CasRestAuthenticator implements Authenticator {
    private static final Logger logger = LoggerFactory.getLogger(CasRestAuthenticator.class);
    protected CasConfiguration configuration;

    public CasRestAuthenticator(CasConfiguration casConfiguration) {
        CommonHelper.assertNotNull("configuration", casConfiguration);
        this.configuration = casConfiguration;
    }

    public Optional<Credentials> validate(Credentials credentials, WebContext webContext, SessionStore sessionStore) {
        UsernamePasswordCredentials usernamePasswordCredentials = (UsernamePasswordCredentials) credentials;
        if (usernamePasswordCredentials == null || usernamePasswordCredentials.getPassword() == null || usernamePasswordCredentials.getUsername() == null) {
            throw new TechnicalException("Credentials are required");
        }
        String requestTicketGrantingTicket = requestTicketGrantingTicket(usernamePasswordCredentials.getUsername(), usernamePasswordCredentials.getPassword(), webContext);
        if (CommonHelper.isNotBlank(requestTicketGrantingTicket)) {
            usernamePasswordCredentials.setUserProfile(new CasRestProfile(requestTicketGrantingTicket, usernamePasswordCredentials.getUsername()));
        }
        return Optional.of(usernamePasswordCredentials);
    }

    private String requestTicketGrantingTicket(String str, String str2, WebContext webContext) {
        try {
            try {
                HttpURLConnection openPostConnection = HttpUtils.openPostConnection(new URL(this.configuration.computeFinalRestUrl(webContext)));
                String str3 = HttpUtils.encodeQueryParam("username", str) + "&" + HttpUtils.encodeQueryParam("password", str2);
                BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(openPostConnection.getOutputStream(), StandardCharsets.UTF_8));
                bufferedWriter.write(str3);
                bufferedWriter.close();
                String headerField = openPostConnection.getHeaderField("location");
                int responseCode = openPostConnection.getResponseCode();
                if (headerField == null || responseCode != 201) {
                    logger.debug("Ticket granting ticket request failed: " + headerField + " " + responseCode + HttpUtils.buildHttpErrorMessage(openPostConnection));
                    HttpUtils.closeConnection(openPostConnection);
                    return null;
                }
                String substring = headerField.substring(headerField.lastIndexOf("/") + 1);
                HttpUtils.closeConnection(openPostConnection);
                return substring;
            } catch (IOException e) {
                throw new TechnicalException(e);
            }
        } catch (Throwable th) {
            HttpUtils.closeConnection((HttpURLConnection) null);
            throw th;
        }
    }
}
