package org.apereo.cas.web.pac4j;

import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.pac4j.core.config.Config;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.engine.DefaultSecurityLogic;
import org.pac4j.core.exception.HttpAction;
import org.pac4j.springframework.web.SecurityInterceptor;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.view.RedirectView;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-pac4j-core-5.2.0.jar:org/apereo/cas/web/pac4j/CasSecurityInterceptor.class */
public class CasSecurityInterceptor extends SecurityInterceptor {
    public CasSecurityInterceptor(Config config, String str) {
        super(config, str);
    }

    public CasSecurityInterceptor(Config config, String str, String str2) {
        super(config, str, str2);
        DefaultSecurityLogic defaultSecurityLogic = new DefaultSecurityLogic() { // from class: org.apereo.cas.web.pac4j.CasSecurityInterceptor.1
            @Override // org.pac4j.core.engine.DefaultSecurityLogic
            protected HttpAction unauthorized(WebContext webContext, List list) {
                return HttpAction.forbidden("Access Denied", webContext);
            }

            @Override // org.pac4j.core.engine.DefaultSecurityLogic
            protected boolean loadProfilesFromSession(WebContext webContext, List list) {
                return true;
            }
        };
        defaultSecurityLogic.setSaveProfileInSession(true);
        setSecurityLogic(defaultSecurityLogic);
    }

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) {
        if (modelAndView != null && StringUtils.isNotBlank(httpServletRequest.getQueryString()) && httpServletRequest.getQueryString().contains("ticket")) {
            RedirectView redirectView = new RedirectView(httpServletRequest.getRequestURL().toString());
            redirectView.setExposeModelAttributes(false);
            redirectView.setExposePathVariables(false);
            modelAndView.setView(redirectView);
        }
    }
}
