package org.apereo.cas.ticket.proxy.support;

import java.net.URL;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.HttpBasedServiceCredential;
import org.apereo.cas.ticket.TicketGrantingTicket;
import org.apereo.cas.ticket.UniqueTicketIdGenerator;
import org.apereo.cas.ticket.proxy.ProxyGrantingTicket;
import org.apereo.cas.ticket.proxy.ProxyHandler;
import org.apereo.cas.util.DefaultUniqueTicketIdGenerator;
import org.apereo.cas.util.http.HttpClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/cas-server-core-tickets-5.0.3.1.jar:org/apereo/cas/ticket/proxy/support/Cas20ProxyHandler.class */
public class Cas20ProxyHandler implements ProxyHandler {
    private static final int BUFFER_LENGTH_ADDITIONAL_CHARGE = 15;
    private static final String PARAMETER_PROXY_GRANTING_TICKET_IOU = "pgtIou";
    private static final String PARAMETER_PROXY_GRANTING_TICKET_ID = "pgtId";
    private transient Logger logger = LoggerFactory.getLogger(getClass());
    private UniqueTicketIdGenerator uniqueTicketIdGenerator = new DefaultUniqueTicketIdGenerator();
    private HttpClient httpClient;

    @Override // org.apereo.cas.ticket.proxy.ProxyHandler
    public String handle(Credential credential, TicketGrantingTicket ticketGrantingTicket) {
        HttpBasedServiceCredential httpBasedServiceCredential = (HttpBasedServiceCredential) credential;
        String newTicketId = this.uniqueTicketIdGenerator.getNewTicketId(ProxyGrantingTicket.PROXY_GRANTING_TICKET_IOU_PREFIX);
        URL callbackUrl = httpBasedServiceCredential.getCallbackUrl();
        String externalForm = callbackUrl.toExternalForm();
        StringBuilder sb = new StringBuilder(externalForm.length() + newTicketId.length() + ticketGrantingTicket.getId().length() + 15);
        sb.append(externalForm);
        if (callbackUrl.getQuery() != null) {
            sb.append('&');
        } else {
            sb.append('?');
        }
        sb.append("pgtIou");
        sb.append('=');
        sb.append(newTicketId);
        sb.append('&');
        sb.append("pgtId");
        sb.append('=');
        sb.append(ticketGrantingTicket);
        if (this.httpClient.isValidEndPoint(sb.toString())) {
            this.logger.debug("Sent ProxyIou of {} for service: {}", newTicketId, httpBasedServiceCredential);
            return newTicketId;
        }
        this.logger.debug("Failed to send ProxyIou of {} for service: {}", newTicketId, httpBasedServiceCredential);
        return null;
    }

    public void setUniqueTicketIdGenerator(UniqueTicketIdGenerator uniqueTicketIdGenerator) {
        this.uniqueTicketIdGenerator = uniqueTicketIdGenerator;
    }

    public void setHttpClient(HttpClient httpClient) {
        this.httpClient = httpClient;
    }

    @Override // org.apereo.cas.ticket.proxy.ProxyHandler
    public boolean canHandle(Credential credential) {
        return true;
    }
}
