package org.apereo.cas.authentication.principal;

import com.google.common.base.Splitter;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import lombok.Generated;
import net.bytebuddy.description.type.TypeDescription;
import org.apereo.cas.authentication.principal.Response;
import org.apereo.cas.util.EncodingUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.BeanFactory;

/* loaded from: input_file:BOOT-INF/lib/cas-server-core-services-authentication-5.3.0-RC2.jar:org/apereo/cas/authentication/principal/DefaultResponse.class */
public class DefaultResponse implements Response {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) DefaultResponse.class);
    private static final Pattern NON_PRINTABLE = Pattern.compile("[\\x00-\\x1F\\x7F]+");
    private static final int CONST_REDIRECT_RESPONSE_MULTIPLIER = 40;
    private static final int CONST_REDIRECT_RESPONSE_BUFFER = 100;
    private static final long serialVersionUID = -8251042088720603062L;
    private final Response.ResponseType responseType;
    private final String url;
    private final Map<String, String> attributes;

    public static Response getPostResponse(String str, Map<String, String> map) {
        return new DefaultResponse(Response.ResponseType.POST, str, map);
    }

    public static Response getHeaderResponse(String str, Map<String, String> map) {
        return new DefaultResponse(Response.ResponseType.HEADER, str, map);
    }

    public static Response getRedirectResponse(String str, Map<String, String> map) {
        StringBuilder sb = new StringBuilder((map.size() * 40) + 100);
        String sanitizeUrl = sanitizeUrl(str);
        LOGGER.debug("Sanitized URL for redirect response is [{}]", sanitizeUrl);
        List<String> splitToList = Splitter.on("#").splitToList(sanitizeUrl);
        sb.append(splitToList.get(0));
        String str2 = (String) map.entrySet().stream().filter(entry -> {
            return entry.getValue() != null;
        }).map(entry2 -> {
            String join;
            try {
                join = String.join("=", (CharSequence) entry2.getKey(), EncodingUtils.urlEncode((String) entry2.getValue()));
            } catch (Exception e) {
                join = String.join("=", (CharSequence) entry2.getKey(), (CharSequence) entry2.getValue());
            }
            return join;
        }).collect(Collectors.joining(BeanFactory.FACTORY_BEAN_PREFIX));
        if (str2 != null && !str2.isEmpty()) {
            sb.append(str.contains(TypeDescription.Generic.OfWildcardType.SYMBOL) ? BeanFactory.FACTORY_BEAN_PREFIX : TypeDescription.Generic.OfWildcardType.SYMBOL);
            sb.append(str2);
        }
        if (splitToList.size() > 1) {
            sb.append('#');
            sb.append(splitToList.get(1));
        }
        String sb2 = sb.toString();
        LOGGER.debug("Final redirect response is [{}]", sb2);
        return new DefaultResponse(Response.ResponseType.REDIRECT, sb2, map);
    }

    private static String sanitizeUrl(String str) {
        boolean z;
        Matcher matcher = NON_PRINTABLE.matcher(str);
        StringBuffer stringBuffer = new StringBuffer(str.length());
        boolean z2 = false;
        while (true) {
            z = z2;
            if (!matcher.find()) {
                break;
            }
            matcher.appendReplacement(stringBuffer, " ");
            z2 = true;
        }
        matcher.appendTail(stringBuffer);
        if (z) {
            LOGGER.warn("The following redirect URL has been sanitized and may be sign of attack:\n[{}]", str);
        }
        return stringBuffer.toString();
    }

    @Override // org.apereo.cas.authentication.principal.Response
    @Generated
    public Response.ResponseType getResponseType() {
        return this.responseType;
    }

    @Override // org.apereo.cas.authentication.principal.Response
    @Generated
    public String getUrl() {
        return this.url;
    }

    @Override // org.apereo.cas.authentication.principal.Response
    @Generated
    public Map<String, String> getAttributes() {
        return this.attributes;
    }

    @Generated
    public DefaultResponse(Response.ResponseType responseType, String str, Map<String, String> map) {
        this.responseType = responseType;
        this.url = str;
        this.attributes = map;
    }
}
