package org.jasig.cas.web.flow;

import java.util.Arrays;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.constraints.NotNull;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.runtime.reflect.Factory;
import org.aspectj.weaver.model.AsmRelationshipUtils;
import org.jasig.cas.CentralAuthenticationService;
import org.jasig.cas.aspect.LogAspect;
import org.jasig.cas.authentication.handler.AuthenticationException;
import org.jasig.cas.authentication.principal.Credentials;
import org.jasig.cas.authentication.principal.WebApplicationService;
import org.jasig.cas.ticket.TicketException;
import org.jasig.cas.web.bind.CredentialsBinder;
import org.jasig.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.binding.message.MessageBuilder;
import org.springframework.binding.message.MessageContext;
import org.springframework.util.StringUtils;
import org.springframework.web.util.CookieGenerator;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:WEB-INF/lib/cas-server-core-3.5.1.jar:org/jasig/cas/web/flow/AuthenticationViaFormAction.class */
public class AuthenticationViaFormAction {
    private CredentialsBinder credentialsBinder;

    @NotNull
    private CentralAuthenticationService centralAuthenticationService;

    @NotNull
    private CookieGenerator warnCookieGenerator;
    protected Logger logger = LoggerFactory.getLogger(getClass());
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_1 = null;

    public final void doBind(RequestContext requestContext, Credentials credentials) throws Exception {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_0, this, this, requestContext, credentials);
        doBind_aroundBody1$advice(this, requestContext, credentials, makeJP, LogAspect.aspectOf(), (ProceedingJoinPoint) makeJP);
    }

    public final String submit(RequestContext requestContext, Credentials credentials, MessageContext messageContext) throws Exception {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_1, (Object) this, (Object) this, new Object[]{requestContext, credentials, messageContext});
        return (String) submit_aroundBody3$advice(this, requestContext, credentials, messageContext, makeJP, LogAspect.aspectOf(), (ProceedingJoinPoint) makeJP);
    }

    private void populateErrorsInstance(TicketException ticketException, MessageContext messageContext) {
        try {
            messageContext.addMessage(new MessageBuilder().error().code(ticketException.getCode()).defaultText(ticketException.getCode()).build());
        } catch (Exception e) {
            this.logger.error(e.getMessage(), (Throwable) e);
        }
    }

    private void putWarnCookieIfRequestParameterPresent(RequestContext requestContext) {
        HttpServletResponse httpServletResponse = WebUtils.getHttpServletResponse(requestContext);
        if (StringUtils.hasText(requestContext.getExternalContext().getRequestParameterMap().get("warn"))) {
            this.warnCookieGenerator.addCookie(httpServletResponse, "true");
        } else {
            this.warnCookieGenerator.removeCookie(httpServletResponse);
        }
    }

    private AuthenticationException getAuthenticationExceptionAsCause(TicketException ticketException) {
        return (AuthenticationException) ticketException.getCause();
    }

    private String getAuthenticationExceptionEventId(TicketException ticketException) {
        AuthenticationException authenticationExceptionAsCause = getAuthenticationExceptionAsCause(ticketException);
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("An authentication error has occurred. Returning the event id " + authenticationExceptionAsCause.getType());
        }
        return authenticationExceptionAsCause.getType();
    }

    private boolean isCauseAuthenticationException(TicketException ticketException) {
        return ticketException.getCause() != null && AuthenticationException.class.isAssignableFrom(ticketException.getCause().getClass());
    }

    public final void setCentralAuthenticationService(CentralAuthenticationService centralAuthenticationService) {
        this.centralAuthenticationService = centralAuthenticationService;
    }

    public final void setCredentialsBinder(CredentialsBinder credentialsBinder) {
        this.credentialsBinder = credentialsBinder;
    }

    public final void setWarnCookieGenerator(CookieGenerator cookieGenerator) {
        this.warnCookieGenerator = cookieGenerator;
    }

    static {
        ajc$preClinit();
    }

    private static final /* synthetic */ void doBind_aroundBody0(AuthenticationViaFormAction authenticationViaFormAction, RequestContext requestContext, Credentials credentials, JoinPoint joinPoint) {
        HttpServletRequest httpServletRequest = WebUtils.getHttpServletRequest(requestContext);
        if (authenticationViaFormAction.credentialsBinder == null || !authenticationViaFormAction.credentialsBinder.supports(credentials.getClass())) {
            return;
        }
        authenticationViaFormAction.credentialsBinder.bind(httpServletRequest, credentials);
    }

    private static final /* synthetic */ Object doBind_aroundBody1$advice(AuthenticationViaFormAction authenticationViaFormAction, RequestContext requestContext, Credentials credentials, JoinPoint joinPoint, LogAspect logAspect, ProceedingJoinPoint proceedingJoinPoint) {
        Object obj = null;
        Logger log = logAspect.getLog(proceedingJoinPoint);
        String name = proceedingJoinPoint.getSignature().getName();
        try {
            if (log.isTraceEnabled()) {
                Object[] args = proceedingJoinPoint.getArgs();
                log.trace("Entering method [" + name + " with arguments [" + ((args == null || args.length == 0) ? "" : Arrays.deepToString(args)) + "]");
            }
            doBind_aroundBody0(authenticationViaFormAction, requestContext, credentials, proceedingJoinPoint);
            obj = null;
            if (log.isTraceEnabled()) {
                log.trace("Leaving method [" + name + "] with return value [" + (0 != 0 ? obj.toString() : "null") + "].");
            }
            return null;
        } catch (Throwable th) {
            if (log.isTraceEnabled()) {
                log.trace("Leaving method [" + name + "] with return value [" + (obj != null ? obj.toString() : "null") + "].");
            }
            throw th;
        }
    }

    private static final /* synthetic */ String submit_aroundBody2(AuthenticationViaFormAction authenticationViaFormAction, RequestContext requestContext, Credentials credentials, MessageContext messageContext, JoinPoint joinPoint) {
        String loginTicketFromFlowScope = WebUtils.getLoginTicketFromFlowScope(requestContext);
        String loginTicketFromRequest = WebUtils.getLoginTicketFromRequest(requestContext);
        if (!loginTicketFromFlowScope.equals(loginTicketFromRequest)) {
            authenticationViaFormAction.logger.warn("Invalid login ticket " + loginTicketFromRequest);
            messageContext.addMessage(new MessageBuilder().error().code("INVALID_TICKET").arg(loginTicketFromRequest).defaultText("INVALID_TICKET").build());
            return AsmRelationshipUtils.DECLARE_ERROR;
        }
        String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(requestContext);
        WebApplicationService service = WebUtils.getService(requestContext);
        if (StringUtils.hasText(requestContext.getRequestParameters().get("renew")) && ticketGrantingTicketId != null && service != null) {
            try {
                WebUtils.putServiceTicketInRequestScope(requestContext, authenticationViaFormAction.centralAuthenticationService.grantServiceTicket(ticketGrantingTicketId, service, credentials));
                authenticationViaFormAction.putWarnCookieIfRequestParameterPresent(requestContext);
                return "warn";
            } catch (TicketException e) {
                if (authenticationViaFormAction.isCauseAuthenticationException(e)) {
                    authenticationViaFormAction.populateErrorsInstance(e, messageContext);
                    return authenticationViaFormAction.getAuthenticationExceptionEventId(e);
                }
                authenticationViaFormAction.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicketId);
                if (authenticationViaFormAction.logger.isDebugEnabled()) {
                    authenticationViaFormAction.logger.debug("Attempted to generate a ServiceTicket using renew=true with different credentials", (Throwable) e);
                }
            }
        }
        try {
            WebUtils.putTicketGrantingTicketInRequestScope(requestContext, authenticationViaFormAction.centralAuthenticationService.createTicketGrantingTicket(credentials));
            authenticationViaFormAction.putWarnCookieIfRequestParameterPresent(requestContext);
            return "success";
        } catch (TicketException e2) {
            authenticationViaFormAction.populateErrorsInstance(e2, messageContext);
            return authenticationViaFormAction.isCauseAuthenticationException(e2) ? authenticationViaFormAction.getAuthenticationExceptionEventId(e2) : AsmRelationshipUtils.DECLARE_ERROR;
        }
    }

    private static final /* synthetic */ Object submit_aroundBody3$advice(AuthenticationViaFormAction authenticationViaFormAction, RequestContext requestContext, Credentials credentials, MessageContext messageContext, JoinPoint joinPoint, LogAspect logAspect, ProceedingJoinPoint proceedingJoinPoint) {
        String str = null;
        Logger log = logAspect.getLog(proceedingJoinPoint);
        String name = proceedingJoinPoint.getSignature().getName();
        try {
            if (log.isTraceEnabled()) {
                Object[] args = proceedingJoinPoint.getArgs();
                log.trace("Entering method [" + name + " with arguments [" + ((args == null || args.length == 0) ? "" : Arrays.deepToString(args)) + "]");
            }
            str = submit_aroundBody2(authenticationViaFormAction, requestContext, credentials, messageContext, proceedingJoinPoint);
            if (log.isTraceEnabled()) {
                log.trace("Leaving method [" + name + "] with return value [" + (str != null ? str.toString() : "null") + "].");
            }
            return str;
        } catch (Throwable th) {
            if (log.isTraceEnabled()) {
                log.trace("Leaving method [" + name + "] with return value [" + (str != null ? str.toString() : "null") + "].");
            }
            throw th;
        }
    }

    private static /* synthetic */ void ajc$preClinit() {
        Factory factory = new Factory("AuthenticationViaFormAction.java", AuthenticationViaFormAction.class);
        ajc$tjp_0 = factory.makeSJP(JoinPoint.METHOD_EXECUTION, factory.makeMethodSig("11", "doBind", "org.jasig.cas.web.flow.AuthenticationViaFormAction", "org.springframework.webflow.execution.RequestContext:org.jasig.cas.authentication.principal.Credentials", "context:credentials", "java.lang.Exception", "void"), 66);
        ajc$tjp_1 = factory.makeSJP(JoinPoint.METHOD_EXECUTION, factory.makeMethodSig("11", "submit", "org.jasig.cas.web.flow.AuthenticationViaFormAction", "org.springframework.webflow.execution.RequestContext:org.jasig.cas.authentication.principal.Credentials:org.springframework.binding.message.MessageContext", "context:credentials:messageContext", "java.lang.Exception", "java.lang.String"), 74);
    }
}
