package org.apereo.cas.oidc.web;

import java.util.Optional;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apereo.cas.oidc.util.OidcAuthorizationRequestSupport;
import org.apereo.cas.util.Pac4jUtils;
import org.pac4j.core.config.Config;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.profile.ProfileManager;
import org.pac4j.core.profile.UserProfile;
import org.pac4j.springframework.web.SecurityInterceptor;

/* loaded from: input_file:org/apereo/cas/oidc/web/OidcSecurityInterceptor.class */
public class OidcSecurityInterceptor extends SecurityInterceptor {
    private final OidcAuthorizationRequestSupport authorizationRequestSupport;

    public OidcSecurityInterceptor(Config config, String str, OidcAuthorizationRequestSupport oidcAuthorizationRequestSupport) {
        super(config, str);
        this.authorizationRequestSupport = oidcAuthorizationRequestSupport;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        WebContext pac4jJ2EContext = Pac4jUtils.getPac4jJ2EContext(httpServletRequest, httpServletResponse);
        ProfileManager pac4jProfileManager = Pac4jUtils.getPac4jProfileManager(httpServletRequest, httpServletResponse);
        boolean z = false;
        if (this.authorizationRequestSupport.isCasAuthenticationAvailable(pac4jJ2EContext).isEmpty()) {
            z = true;
        }
        Optional<UserProfile> isAuthenticationProfileAvailable = OidcAuthorizationRequestSupport.isAuthenticationProfileAvailable(pac4jJ2EContext);
        if (isAuthenticationProfileAvailable.isPresent() && OidcAuthorizationRequestSupport.getOidcMaxAgeFromAuthorizationRequest(pac4jJ2EContext).isPresent()) {
            z = OidcAuthorizationRequestSupport.isCasAuthenticationOldForMaxAgeAuthorizationRequest(pac4jJ2EContext, isAuthenticationProfileAvailable.get());
        }
        Set<String> oidcPromptFromAuthorizationRequest = OidcAuthorizationRequestSupport.getOidcPromptFromAuthorizationRequest(pac4jJ2EContext);
        if (!z) {
            z = oidcPromptFromAuthorizationRequest.contains("login");
        }
        if (z) {
            z = !oidcPromptFromAuthorizationRequest.contains("none");
        }
        if (z) {
            pac4jProfileManager.remove(true);
        }
        return super.preHandle(httpServletRequest, httpServletResponse, obj);
    }
}
