package org.apereo.cas.web;

import java.util.Optional;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apereo.cas.OidcConstants;
import org.apereo.cas.util.OidcAuthorizationRequestSupport;
import org.pac4j.core.config.Config;
import org.pac4j.core.context.J2EContext;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.profile.ProfileManager;
import org.pac4j.core.profile.UserProfile;
import org.pac4j.springframework.web.SecurityInterceptor;

/* loaded from: input_file:org/apereo/cas/web/OidcSecurityInterceptor.class */
public class OidcSecurityInterceptor extends SecurityInterceptor {
    private final OidcAuthorizationRequestSupport authorizationRequestSupport;

    public OidcSecurityInterceptor(Config config, String str, OidcAuthorizationRequestSupport oidcAuthorizationRequestSupport) {
        super(config, str);
        this.authorizationRequestSupport = oidcAuthorizationRequestSupport;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        WebContext j2EContext = new J2EContext(httpServletRequest, httpServletResponse);
        ProfileManager profileManager = new ProfileManager(j2EContext);
        boolean z = false;
        OidcAuthorizationRequestSupport oidcAuthorizationRequestSupport = this.authorizationRequestSupport;
        Optional<UserProfile> isAuthenticationProfileAvailable = OidcAuthorizationRequestSupport.isAuthenticationProfileAvailable(j2EContext);
        if (isAuthenticationProfileAvailable.isPresent()) {
            OidcAuthorizationRequestSupport oidcAuthorizationRequestSupport2 = this.authorizationRequestSupport;
            if (OidcAuthorizationRequestSupport.getOidcMaxAgeFromAuthorizationRequest(j2EContext).isPresent()) {
                z = this.authorizationRequestSupport.isCasAuthenticationOldForMaxAgeAuthorizationRequest(j2EContext, isAuthenticationProfileAvailable.get());
            }
        }
        OidcAuthorizationRequestSupport oidcAuthorizationRequestSupport3 = this.authorizationRequestSupport;
        Set<String> oidcPromptFromAuthorizationRequest = OidcAuthorizationRequestSupport.getOidcPromptFromAuthorizationRequest(j2EContext);
        if (!z) {
            z = oidcPromptFromAuthorizationRequest.contains(OidcConstants.PROMPT_LOGIN);
        }
        if (z) {
            z = !oidcPromptFromAuthorizationRequest.contains(OidcConstants.PROMPT_NONE);
        }
        if (z) {
            profileManager.remove(true);
        }
        return super.preHandle(httpServletRequest, httpServletResponse, obj);
    }
}
