package org.jasig.cas.web.flow;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.inspektr.common.ioc.annotation.NotNull;
import org.jasig.cas.CentralAuthenticationService;
import org.jasig.cas.authentication.handler.AuthenticationException;
import org.jasig.cas.authentication.principal.Credentials;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.jasig.cas.authentication.principal.WebApplicationService;
import org.jasig.cas.ticket.TicketException;
import org.jasig.cas.validation.UsernamePasswordCredentialsValidator;
import org.jasig.cas.web.bind.CredentialsBinder;
import org.jasig.cas.web.support.WebUtils;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.validation.DataBinder;
import org.springframework.web.util.CookieGenerator;
import org.springframework.webflow.action.FormAction;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:WEB-INF/lib/cas-server-core-3.2.1.jar:org/jasig/cas/web/flow/AuthenticationViaFormAction.class */
public class AuthenticationViaFormAction extends FormAction {
    private CredentialsBinder credentialsBinder;

    @NotNull
    private CentralAuthenticationService centralAuthenticationService;

    @NotNull
    private CookieGenerator warnCookieGenerator;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.springframework.webflow.action.FormAction
    public final void doBind(RequestContext requestContext, DataBinder dataBinder) throws Exception {
        HttpServletRequest httpServletRequest = WebUtils.getHttpServletRequest(requestContext);
        Credentials credentials = (Credentials) dataBinder.getTarget();
        if (this.credentialsBinder != null) {
            this.credentialsBinder.bind(httpServletRequest, credentials);
        }
        super.doBind(requestContext, dataBinder);
    }

    public Event referenceData(RequestContext requestContext) throws Exception {
        requestContext.getRequestScope().put("commandName", getFormObjectName());
        return success();
    }

    public final Event submit(RequestContext requestContext) throws Exception {
        Credentials credentials = (Credentials) getFormObject(requestContext);
        String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(requestContext);
        WebApplicationService service = WebUtils.getService(requestContext);
        if (StringUtils.hasText(requestContext.getRequestParameters().get("renew")) && ticketGrantingTicketId != null && service != null) {
            try {
                WebUtils.putServiceTicketInRequestScope(requestContext, this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicketId, service, credentials));
                putWarnCookieIfRequestParameterPresent(requestContext);
                return warn();
            } catch (TicketException e) {
                if (e.getCause() != null && AuthenticationException.class.isAssignableFrom(e.getCause().getClass())) {
                    populateErrorsInstance(requestContext, e);
                    return error();
                }
                this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicketId);
                if (this.logger.isDebugEnabled()) {
                    this.logger.debug("Attempted to generate a ServiceTicket using renew=true with different credentials", e);
                }
            }
        }
        try {
            WebUtils.putTicketGrantingTicketInRequestScope(requestContext, this.centralAuthenticationService.createTicketGrantingTicket(credentials));
            putWarnCookieIfRequestParameterPresent(requestContext);
            return success();
        } catch (TicketException e2) {
            populateErrorsInstance(requestContext, e2);
            return error();
        }
    }

    private final Event warn() {
        return result("warn");
    }

    private final void populateErrorsInstance(RequestContext requestContext, TicketException ticketException) {
        try {
            getFormErrors(requestContext).reject(ticketException.getCode(), ticketException.getCode());
        } catch (Exception e) {
            this.logger.error(e, e);
        }
    }

    private void putWarnCookieIfRequestParameterPresent(RequestContext requestContext) {
        HttpServletResponse httpServletResponse = WebUtils.getHttpServletResponse(requestContext);
        if (StringUtils.hasText(requestContext.getExternalContext().getRequestParameterMap().get("warn"))) {
            this.warnCookieGenerator.addCookie(httpServletResponse, "true");
        } else {
            this.warnCookieGenerator.removeCookie(httpServletResponse);
        }
    }

    public final void setCentralAuthenticationService(CentralAuthenticationService centralAuthenticationService) {
        this.centralAuthenticationService = centralAuthenticationService;
    }

    public final void setCredentialsBinder(CredentialsBinder credentialsBinder) {
        this.credentialsBinder = credentialsBinder;
    }

    public final void setWarnCookieGenerator(CookieGenerator cookieGenerator) {
        this.warnCookieGenerator = cookieGenerator;
    }

    @Override // org.springframework.webflow.action.FormAction, org.springframework.webflow.action.AbstractAction
    protected void initAction() {
        if (getFormObjectClass() == null) {
            setFormObjectClass(UsernamePasswordCredentials.class);
            setFormObjectName("credentials");
            setValidator(new UsernamePasswordCredentialsValidator());
            this.logger.info("FormObjectClass not set.  Using default class of " + getFormObjectClass().getName() + " with formObjectName " + getFormObjectName() + " and validator " + getValidator().getClass().getName() + ".");
        }
        Assert.isTrue(Credentials.class.isAssignableFrom(getFormObjectClass()), "CommandClass must be of type Credentials.");
        if (this.credentialsBinder != null) {
            Assert.isTrue(this.credentialsBinder.supports(getFormObjectClass()), "CredentialsBinder does not support supplied FormObjectClass: " + getClass().getName());
        }
    }
}
