package org.apereo.cas.web.support;

import java.io.Serializable;
import java.net.URI;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.CasViewConstants;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.AuthenticationResult;
import org.apereo.cas.authentication.AuthenticationResultBuilder;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.adaptive.geo.GeoLocationRequest;
import org.apereo.cas.authentication.principal.Principal;
import org.apereo.cas.authentication.principal.Response;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.logout.LogoutRequest;
import org.apereo.cas.services.MultifactorAuthenticationProvider;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.UnauthorizedServiceException;
import org.apereo.cas.ticket.ServiceTicket;
import org.apereo.cas.ticket.TicketGrantingTicket;
import org.apereo.cas.ticket.registry.TicketRegistrySupport;
import org.apereo.cas.web.flow.CasWebflowConstants;
import org.apereo.inspektr.common.spi.PrincipalResolver;
import org.hibernate.id.SequenceGenerator;
import org.pac4j.core.context.J2EContext;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.profile.ProfileManager;
import org.pac4j.core.profile.UserProfile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.util.Assert;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.util.CookieGenerator;
import org.springframework.webflow.context.ExternalContextHolder;
import org.springframework.webflow.context.servlet.ServletExternalContext;
import org.springframework.webflow.core.collection.MutableAttributeMap;
import org.springframework.webflow.engine.support.TransitionExecutingFlowExecutionExceptionHandler;
import org.springframework.webflow.execution.FlowSession;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:WEB-INF/lib/cas-server-core-web-5.1.3.jar:org/apereo/cas/web/support/WebUtils.class */
public final class WebUtils {
    public static final String CAS_ACCESS_DENIED_REASON = "CAS_ACCESS_DENIED_REASON";
    public static final String USER_AGENT_HEADER = "user-agent";
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) WebUtils.class);
    private static final String PUBLIC_WORKSTATION_ATTRIBUTE = "publicWorkstation";
    private static final String PARAMETER_AUTHENTICATION = "authentication";
    private static final String PARAMETER_AUTHENTICATION_RESULT_BUILDER = "authenticationResultBuilder";
    private static final String PARAMETER_AUTHENTICATION_RESULT = "authenticationResult";
    private static final String PARAMETER_CREDENTIAL = "credential";
    private static final String PARAMETER_UNAUTHORIZED_REDIRECT_URL = "unauthorizedRedirectUrl";
    private static final String PARAMETER_TICKET_GRANTING_TICKET_ID = "ticketGrantingTicketId";
    private static final String PARAMETER_REGISTERED_SERVICE = "registeredService";
    private static final String PARAMETER_SERVICE = "service";
    private static final String PARAMETER_SERVICE_TICKET_ID = "serviceTicketId";
    private static final String PARAMETER_LOGOUT_REQUESTS = "logoutRequests";
    private static final String PARAMETER_SERVICE_UI_METADATA = "serviceUIMetadata";

    private WebUtils() {
    }

    public static HttpServletRequest getHttpServletRequest(RequestContext requestContext) {
        Assert.isInstanceOf(ServletExternalContext.class, requestContext.getExternalContext(), "Cannot obtain HttpServletRequest from event of type: " + requestContext.getExternalContext().getClass().getName());
        return (HttpServletRequest) requestContext.getExternalContext().getNativeRequest();
    }

    public static HttpServletRequest getHttpServletRequest() {
        ServletExternalContext servletExternalContext = (ServletExternalContext) ExternalContextHolder.getExternalContext();
        if (servletExternalContext != null) {
            return (HttpServletRequest) servletExternalContext.getNativeRequest();
        }
        return null;
    }

    public static HttpServletRequest getHttpServletRequestFromRequestAttributes() {
        try {
            return ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest();
        } catch (Exception e) {
            LOGGER.trace(e.getMessage(), (Throwable) e);
            return null;
        }
    }

    public static HttpServletResponse getHttpServletResponseFromRequestAttributes() {
        return ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getResponse();
    }

    public static HttpServletResponse getHttpServletResponse(RequestContext requestContext) {
        Assert.isInstanceOf(ServletExternalContext.class, requestContext.getExternalContext(), "Cannot obtain HttpServletResponse from event of type: " + requestContext.getExternalContext().getClass().getName());
        return (HttpServletResponse) requestContext.getExternalContext().getNativeResponse();
    }

    public static HttpServletResponse getHttpServletResponse() {
        ServletExternalContext servletExternalContext = (ServletExternalContext) ExternalContextHolder.getExternalContext();
        if (servletExternalContext != null) {
            return (HttpServletResponse) servletExternalContext.getNativeResponse();
        }
        return null;
    }

    public static WebApplicationService getService(List<ArgumentExtractor> list, HttpServletRequest httpServletRequest) {
        return (WebApplicationService) list.stream().map(argumentExtractor -> {
            return argumentExtractor.extractService(httpServletRequest);
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).findFirst().orElse(null);
    }

    public static WebApplicationService getService(List<ArgumentExtractor> list, RequestContext requestContext) {
        return getService(list, getHttpServletRequest(requestContext));
    }

    public static WebApplicationService getService(RequestContext requestContext) {
        if (requestContext != null) {
            return (WebApplicationService) requestContext.getFlowScope().get("service");
        }
        return null;
    }

    public static RegisteredService getRegisteredService(RequestContext requestContext) {
        if (requestContext != null) {
            return (RegisteredService) requestContext.getFlowScope().get(PARAMETER_REGISTERED_SERVICE);
        }
        return null;
    }

    public static void putTicketGrantingTicketInScopes(RequestContext requestContext, TicketGrantingTicket ticketGrantingTicket) {
        putTicketGrantingTicketInScopes(requestContext, ticketGrantingTicket != null ? ticketGrantingTicket.getId() : null);
    }

    public static void putTicketGrantingTicketInScopes(RequestContext requestContext, String str) {
        putTicketGrantingTicketIntoMap(requestContext.getRequestScope(), str);
        putTicketGrantingTicketIntoMap(requestContext.getFlowScope(), str);
        FlowSession parent = requestContext.getFlowExecutionContext().getActiveSession().getParent();
        while (true) {
            FlowSession flowSession = parent;
            if (flowSession == null) {
                return;
            }
            putTicketGrantingTicketIntoMap(flowSession.getScope(), str);
            parent = flowSession.getParent();
        }
    }

    public static void putTicketGrantingTicketIntoMap(MutableAttributeMap mutableAttributeMap, String str) {
        mutableAttributeMap.put(PARAMETER_TICKET_GRANTING_TICKET_ID, str);
    }

    public static String getTicketGrantingTicketId(RequestContext requestContext) {
        String str = (String) requestContext.getRequestScope().get(PARAMETER_TICKET_GRANTING_TICKET_ID);
        return str != null ? str : (String) requestContext.getFlowScope().get(PARAMETER_TICKET_GRANTING_TICKET_ID);
    }

    public static void putServiceTicketInRequestScope(RequestContext requestContext, ServiceTicket serviceTicket) {
        requestContext.getRequestScope().put(PARAMETER_SERVICE_TICKET_ID, serviceTicket.getId());
    }

    public static String getServiceTicketFromRequestScope(RequestContext requestContext) {
        return requestContext.getRequestScope().getString(PARAMETER_SERVICE_TICKET_ID);
    }

    public static void putUnauthorizedRedirectUrlIntoFlowScope(RequestContext requestContext, URI uri) {
        requestContext.getFlowScope().put(PARAMETER_UNAUTHORIZED_REDIRECT_URL, uri);
    }

    public static void putLogoutRequests(RequestContext requestContext, List<LogoutRequest> list) {
        requestContext.getFlowScope().put(PARAMETER_LOGOUT_REQUESTS, list);
    }

    public static List<LogoutRequest> getLogoutRequests(RequestContext requestContext) {
        return (List) requestContext.getFlowScope().get(PARAMETER_LOGOUT_REQUESTS);
    }

    public static void putService(RequestContext requestContext, Service service) {
        requestContext.getFlowScope().put("service", service);
    }

    public static void putWarningCookie(RequestContext requestContext, Boolean bool) {
        requestContext.getFlowScope().put("warnCookieValue", bool);
    }

    public static boolean getWarningCookie(RequestContext requestContext) {
        return Boolean.valueOf(ObjectUtils.defaultIfNull(requestContext.getFlowScope().get("warnCookieValue"), Boolean.FALSE.toString()).toString()).booleanValue();
    }

    public static void putRegisteredService(RequestContext requestContext, RegisteredService registeredService) {
        requestContext.getFlowScope().put(PARAMETER_REGISTERED_SERVICE, registeredService);
    }

    public static <T extends Credential> T getCredential(RequestContext requestContext, Class<T> cls) {
        Assert.notNull(cls, "clazz cannot be null");
        T t = (T) getCredential(requestContext);
        if (t == null) {
            return null;
        }
        if (cls.isAssignableFrom(t.getClass())) {
            return t;
        }
        throw new ClassCastException("credential [" + t.getId() + " is of type " + t.getClass() + " when we were expecting " + cls);
    }

    public static Credential getCredential(RequestContext requestContext) {
        Credential credential = (Credential) requestContext.getRequestScope().get("credential");
        Credential credential2 = credential != null ? credential : (Credential) requestContext.getFlowScope().get("credential");
        if (credential2 == null) {
            credential2 = (Credential) requestContext.getFlowExecutionContext().getActiveSession().getScope().get("credential", Credential.class);
        }
        if (credential2 == null || !StringUtils.isBlank(credential2.getId())) {
            return credential2;
        }
        return null;
    }

    public static void putCredential(RequestContext requestContext, Credential credential) {
        if (credential == null) {
            requestContext.getRequestScope().remove("credential");
            requestContext.getFlowScope().remove("credential");
        } else {
            requestContext.getRequestScope().put("credential", credential);
            requestContext.getFlowScope().put("credential", credential);
        }
    }

    public static String getAuthenticatedUsername() {
        Optional optional;
        String id;
        HttpServletRequest httpServletRequestFromRequestAttributes = getHttpServletRequestFromRequestAttributes();
        HttpServletResponse httpServletResponseFromRequestAttributes = getHttpServletResponseFromRequestAttributes();
        return (httpServletRequestFromRequestAttributes == null || httpServletResponseFromRequestAttributes == null || (optional = getPac4jProfileManager(httpServletRequestFromRequestAttributes, httpServletResponseFromRequestAttributes).get(true)) == null || !optional.isPresent() || (id = ((UserProfile) optional.get()).getId()) == null) ? PrincipalResolver.UNKNOWN_USER : id;
    }

    public static ProfileManager getPac4jProfileManager(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return getPac4jProfileManager(getPac4jJ2EContext(httpServletRequest, httpServletResponse));
    }

    public static ProfileManager getPac4jProfileManager(WebContext webContext) {
        return new ProfileManager(webContext);
    }

    public static J2EContext getPac4jJ2EContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return new J2EContext(httpServletRequest, httpServletResponse);
    }

    public static J2EContext getPac4jJ2EContext() {
        return getPac4jJ2EContext(getHttpServletRequestFromRequestAttributes(), getHttpServletResponseFromRequestAttributes());
    }

    public static boolean isAuthenticatingAtPublicWorkstation(RequestContext requestContext) {
        if (!requestContext.getFlowScope().contains(PUBLIC_WORKSTATION_ATTRIBUTE)) {
            return false;
        }
        LOGGER.debug("Public workstation flag detected. SSO session will be considered renewed.");
        return true;
    }

    public static void putPublicWorkstationToFlowIfRequestParameterPresent(RequestContext requestContext) {
        if (StringUtils.isNotBlank(requestContext.getExternalContext().getRequestParameterMap().get(PUBLIC_WORKSTATION_ATTRIBUTE))) {
            requestContext.getFlowScope().put(PUBLIC_WORKSTATION_ATTRIBUTE, Boolean.TRUE);
        }
    }

    public static void putWarnCookieIfRequestParameterPresent(CookieGenerator cookieGenerator, RequestContext requestContext) {
        if (cookieGenerator == null) {
            LOGGER.debug("No warning cookie generator is defined");
            return;
        }
        LOGGER.debug("Evaluating request to determine if warning cookie should be generated");
        HttpServletResponse httpServletResponse = getHttpServletResponse(requestContext);
        if (StringUtils.isNotBlank(requestContext.getExternalContext().getRequestParameterMap().get("warn"))) {
            cookieGenerator.addCookie(httpServletResponse, "true");
        }
    }

    public static void putAuthentication(Authentication authentication, RequestContext requestContext) {
        requestContext.getConversationScope().put(PARAMETER_AUTHENTICATION, authentication);
    }

    public static Authentication getAuthentication(RequestContext requestContext) {
        return (Authentication) requestContext.getConversationScope().get(PARAMETER_AUTHENTICATION, Authentication.class);
    }

    public static void putAuthenticationResultBuilder(AuthenticationResultBuilder authenticationResultBuilder, RequestContext requestContext) {
        requestContext.getConversationScope().put(PARAMETER_AUTHENTICATION_RESULT_BUILDER, authenticationResultBuilder);
    }

    public static Principal getPrincipalFromRequestContext(RequestContext requestContext, TicketRegistrySupport ticketRegistrySupport) {
        String ticketGrantingTicketId = getTicketGrantingTicketId(requestContext);
        if (StringUtils.isBlank(ticketGrantingTicketId)) {
            throw new IllegalArgumentException("No ticket-granting ticket could be found in the context");
        }
        return ticketRegistrySupport.getAuthenticatedPrincipalFrom(ticketGrantingTicketId);
    }

    public static AuthenticationResultBuilder getAuthenticationResultBuilder(RequestContext requestContext) {
        return (AuthenticationResultBuilder) requestContext.getConversationScope().get(PARAMETER_AUTHENTICATION_RESULT_BUILDER, AuthenticationResultBuilder.class);
    }

    public static void putAuthenticationResult(AuthenticationResult authenticationResult, RequestContext requestContext) {
        requestContext.getConversationScope().put(PARAMETER_AUTHENTICATION_RESULT, authenticationResult);
    }

    public static AuthenticationResult getAuthenticationResult(RequestContext requestContext) {
        return (AuthenticationResult) requestContext.getConversationScope().get(PARAMETER_AUTHENTICATION_RESULT, AuthenticationResult.class);
    }

    public static String getHttpServletRequestUserAgent(HttpServletRequest httpServletRequest) {
        if (httpServletRequest != null) {
            return httpServletRequest.getHeader(USER_AGENT_HEADER);
        }
        return null;
    }

    public static String getHttpServletRequestUserAgent() {
        return getHttpServletRequestUserAgent(getHttpServletRequest());
    }

    public static GeoLocationRequest getHttpServletRequestGeoLocation(HttpServletRequest httpServletRequest) {
        GeoLocationRequest geoLocationRequest = new GeoLocationRequest();
        if (httpServletRequest != null) {
            String parameter = httpServletRequest.getParameter("geolocation");
            if (StringUtils.isNotBlank(parameter)) {
                String[] split = parameter.split(",");
                geoLocationRequest.setLatitude(split[0]);
                geoLocationRequest.setLongitude(split[1]);
                geoLocationRequest.setAccuracy(split[2]);
                geoLocationRequest.setTimestamp(split[3]);
            }
        }
        return geoLocationRequest;
    }

    public static GeoLocationRequest getHttpServletRequestGeoLocation() {
        return getHttpServletRequestGeoLocation(getHttpServletRequest());
    }

    public static void putGeoLocationTrackingIntoFlowScope(RequestContext requestContext, Object obj) {
        requestContext.getFlowScope().put("trackGeoLocation", obj);
    }

    public static void putRecaptchaSiteKeyIntoFlowScope(RequestContext requestContext, Object obj) {
        requestContext.getFlowScope().put("recaptchaSiteKey", obj);
    }

    public static void putStaticAuthenticationIntoFlowScope(RequestContext requestContext, Object obj) {
        requestContext.getFlowScope().put("staticAuthentication", obj);
    }

    public static void putPasswordManagementEnabled(RequestContext requestContext, Boolean bool) {
        requestContext.getFlowScope().put("passwordManagementEnabled", bool);
    }

    public static void putGoogleAnalyticsTrackingIdIntoFlowScope(RequestContext requestContext, Object obj) {
        requestContext.getFlowScope().put("googleAnalyticsTrackingId", obj);
    }

    public static void putUnauthorizedRedirectUrl(RequestContext requestContext, URI uri) {
        requestContext.getFlowScope().put(PARAMETER_UNAUTHORIZED_REDIRECT_URL, uri);
    }

    public static void putPrincipal(RequestContext requestContext, Principal principal) {
        requestContext.getFlowScope().put(CasViewConstants.MODEL_ATTRIBUTE_NAME_PRINCIPAL, principal);
    }

    public static void putLogoutRedirectUrl(RequestContext requestContext, String str) {
        requestContext.getFlowScope().put("logoutRedirectUrl", str);
    }

    public static void putRememberMeAuthenticationEnabled(RequestContext requestContext, Boolean bool) {
        requestContext.getFlowScope().put("rememberMeAuthenticationEnabled", bool);
    }

    public static Map<String, MultifactorAuthenticationProvider> getAvailableMultifactorAuthenticationProviders(ApplicationContext applicationContext) {
        try {
            return applicationContext.getBeansOfType(MultifactorAuthenticationProvider.class, false, true);
        } catch (Exception e) {
            LOGGER.warn("Could not locate beans of type [{}]", MultifactorAuthenticationProvider.class);
            return Collections.emptyMap();
        }
    }

    public static void putResolvedMultifactorAuthenticationProviders(RequestContext requestContext, Collection<MultifactorAuthenticationProvider> collection) {
        requestContext.getConversationScope().put("resolvedMultifactorAuthenticationProviders", collection);
    }

    public static Collection<MultifactorAuthenticationProvider> getResolvedMultifactorAuthenticationProviders(RequestContext requestContext) {
        return (Collection) requestContext.getConversationScope().get("resolvedMultifactorAuthenticationProviders", Collection.class);
    }

    public static void putServiceUserInterfaceMetadata(RequestContext requestContext, Serializable serializable) {
        if (serializable != null) {
            requestContext.getFlowScope().put(PARAMETER_SERVICE_UI_METADATA, serializable);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static <T> T getServiceUserInterfaceMetadata(RequestContext requestContext, Class<T> cls) {
        if (requestContext.getFlowScope().contains(PARAMETER_SERVICE_UI_METADATA)) {
            return (T) requestContext.getFlowScope().get(PARAMETER_SERVICE_UI_METADATA, (Class) cls);
        }
        return null;
    }

    public static void putServiceResponseIntoRequestScope(RequestContext requestContext, Response response) {
        requestContext.getRequestScope().put(SequenceGenerator.PARAMETERS, response.getAttributes());
        requestContext.getRequestScope().put("url", response.getUrl());
    }

    public static void putServiceOriginalUrlIntoRequestScope(RequestContext requestContext, WebApplicationService webApplicationService) {
        requestContext.getRequestScope().put("originalUrl", webApplicationService.getOriginalUrl());
    }

    public static ModelAndView produceUnauthorizedErrorView() {
        return produceErrorView(new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, ""));
    }

    public static ModelAndView produceErrorView(Exception exc) {
        HashMap hashMap = new HashMap();
        hashMap.put(TransitionExecutingFlowExecutionExceptionHandler.ROOT_CAUSE_EXCEPTION_ATTRIBUTE, exc);
        return new ModelAndView(CasWebflowConstants.VIEW_ID_SERVICE_ERROR, hashMap);
    }
}
