package org.apereo.cas.adaptors.radius.server;

import java.io.Serializable;
import java.security.Security;
import java.util.List;
import java.util.Optional;
import lombok.Generated;
import net.jradius.client.RadiusClient;
import net.jradius.client.auth.RadiusAuthenticator;
import net.jradius.dictionary.Attr_ClientIPAddress;
import net.jradius.dictionary.Attr_NASIPAddress;
import net.jradius.dictionary.Attr_NASIPv6Address;
import net.jradius.dictionary.Attr_NASIdentifier;
import net.jradius.dictionary.Attr_NASPort;
import net.jradius.dictionary.Attr_NASPortId;
import net.jradius.dictionary.Attr_NASPortType;
import net.jradius.dictionary.Attr_State;
import net.jradius.dictionary.Attr_UserName;
import net.jradius.dictionary.Attr_UserPassword;
import net.jradius.dictionary.vsa_redback.Attr_NASRealPort;
import net.jradius.packet.AccessAccept;
import net.jradius.packet.AccessChallenge;
import net.jradius.packet.AccessRequest;
import net.jradius.packet.RadiusResponse;
import net.jradius.packet.attribute.AttributeFactory;
import net.jradius.packet.attribute.AttributeList;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.adaptors.radius.CasRadiusResponse;
import org.apereo.cas.adaptors.radius.RadiusServer;
import org.apereo.inspektr.common.web.ClientInfo;
import org.apereo.inspektr.common.web.ClientInfoHolder;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apereo/cas/adaptors/radius/server/AbstractRadiusServer.class */
public abstract class AbstractRadiusServer implements RadiusServer {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(AbstractRadiusServer.class);
    public static final int DEFAULT_RETRY_COUNT = 3;
    private static final long serialVersionUID = -7122734096722096617L;
    private final RadiusServerConfigurationContext configurationContext;

    @Override // org.apereo.cas.adaptors.radius.RadiusServer
    public final CasRadiusResponse authenticate(String str, String str2, Optional optional) throws Exception {
        AttributeList attributeList = new AttributeList();
        if (StringUtils.isNotBlank(str)) {
            attributeList.add(new Attr_UserName(str));
        }
        if (StringUtils.isNotBlank(str2)) {
            attributeList.add(new Attr_UserPassword(str2));
        }
        ClientInfo clientInfo = ClientInfoHolder.getClientInfo();
        if (clientInfo != null) {
            Attr_ClientIPAddress attr_ClientIPAddress = new Attr_ClientIPAddress(clientInfo.getClientIpAddress());
            LOGGER.debug("Adding client IP address attribute [{}]", attr_ClientIPAddress);
            attributeList.add(attr_ClientIPAddress);
        }
        optional.ifPresent(obj -> {
            attributeList.add(new Attr_State((Serializable) Serializable.class.cast(obj)));
        });
        if (StringUtils.isNotBlank(this.configurationContext.getNasIpAddress())) {
            attributeList.add(new Attr_NASIPAddress(this.configurationContext.getNasIpAddress()));
        }
        if (StringUtils.isNotBlank(this.configurationContext.getNasIpv6Address())) {
            attributeList.add(new Attr_NASIPv6Address(this.configurationContext.getNasIpv6Address()));
        }
        if (this.configurationContext.getNasPort() != -1) {
            attributeList.add(new Attr_NASPort(Long.valueOf(this.configurationContext.getNasPort())));
        }
        if (this.configurationContext.getNasPortId() != -1) {
            attributeList.add(new Attr_NASPortId(Long.valueOf(this.configurationContext.getNasPortId())));
        }
        if (StringUtils.isNotBlank(this.configurationContext.getNasIdentifier())) {
            attributeList.add(new Attr_NASIdentifier(this.configurationContext.getNasIdentifier()));
        }
        if (this.configurationContext.getNasRealPort() != -1) {
            attributeList.add(new Attr_NASRealPort(Long.valueOf(this.configurationContext.getNasRealPort())));
        }
        if (this.configurationContext.getNasPortType() != -1) {
            attributeList.add(new Attr_NASPortType(Long.valueOf(this.configurationContext.getNasPortType())));
        }
        RadiusClient newInstance = this.configurationContext.getRadiusClientFactory().newInstance();
        try {
            AccessRequest accessRequest = new AccessRequest(newInstance, attributeList);
            LOGGER.debug("RADIUS access request prepared as [{}]", accessRequest.toString(true, true));
            RadiusResponse authenticateRequest = authenticateRequest(newInstance, accessRequest);
            LOGGER.debug("RADIUS response from [{}]: [{}] as [{}]", new Object[]{newInstance.getRemoteInetAddress().getCanonicalHostName(), authenticateRequest.getClass().getName(), authenticateRequest.toString(true, true)});
            if (!(authenticateRequest instanceof AccessAccept) && !(authenticateRequest instanceof AccessChallenge)) {
                LOGGER.warn("Response [{}] is not recognized", authenticateRequest);
                if (newInstance == null) {
                    return null;
                }
                newInstance.close();
                return null;
            }
            List attributeList2 = authenticateRequest.getAttributes().getAttributeList();
            LOGGER.debug("Radius response code [{}] accepted with attributes [{}] and identifier [{}]", new Object[]{Integer.valueOf(authenticateRequest.getCode()), attributeList2, Integer.valueOf(authenticateRequest.getIdentifier())});
            CasRadiusResponse casRadiusResponse = new CasRadiusResponse(authenticateRequest.getCode(), authenticateRequest.getIdentifier(), attributeList2);
            if (newInstance != null) {
                newInstance.close();
            }
            return casRadiusResponse;
        } catch (Throwable th) {
            if (newInstance != null) {
                newInstance.close();
            }
            throw th;
        }
    }

    public RadiusAuthenticator getRadiusAuthenticator() {
        return RadiusClient.getAuthProtocol(this.configurationContext.getProtocol().getName());
    }

    protected abstract RadiusResponse authenticateRequest(RadiusClient radiusClient, AccessRequest accessRequest) throws Exception;

    @Generated
    public String toString() {
        return "AbstractRadiusServer(configurationContext=" + this.configurationContext + ")";
    }

    @Generated
    public RadiusServerConfigurationContext getConfigurationContext() {
        return this.configurationContext;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Generated
    public AbstractRadiusServer(RadiusServerConfigurationContext radiusServerConfigurationContext) {
        this.configurationContext = radiusServerConfigurationContext;
    }

    static {
        AttributeFactory.loadAttributeDictionary("net.jradius.dictionary.AttributeDictionaryImpl");
        Security.addProvider(new BouncyCastleProvider());
    }
}
