package fr.wseduc.cas.endpoint;

import fr.wseduc.cas.async.Handler;
import fr.wseduc.cas.data.DataHandler;
import fr.wseduc.cas.data.DataHandlerFactory;
import fr.wseduc.cas.entities.AuthCas;
import fr.wseduc.cas.entities.LoginTicket;
import fr.wseduc.cas.entities.ServiceTicket;
import fr.wseduc.cas.exceptions.AuthenticationException;
import fr.wseduc.cas.exceptions.Try;
import fr.wseduc.cas.http.HttpClientFactory;
import fr.wseduc.cas.http.Request;
import java.net.URI;
import java.net.URISyntaxException;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Map;
import java.util.UUID;
import java.util.logging.Logger;

/* loaded from: input_file:fr/wseduc/cas/endpoint/Credential.class */
public class Credential {
    private DataHandlerFactory dataHandlerFactory;
    private CredentialResponse credentialResponse;
    private HttpClientFactory httpClientFactory;
    private static final DateFormat df = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ");
    private static final Logger log = Logger.getLogger("Credential");

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: fr.wseduc.cas.endpoint.Credential$2, reason: invalid class name */
    /* loaded from: input_file:fr/wseduc/cas/endpoint/Credential$2.class */
    public class AnonymousClass2 implements Handler<AuthCas> {
        final /* synthetic */ Request val$request;
        final /* synthetic */ AuthCas val$authCas;
        final /* synthetic */ DataHandler val$dataHandler;

        AnonymousClass2(Request request, AuthCas authCas, DataHandler dataHandler) {
            this.val$request = request;
            this.val$authCas = authCas;
            this.val$dataHandler = dataHandler;
        }

        @Override // fr.wseduc.cas.async.Handler
        public void handle(AuthCas authCas) {
            if (authCas == null || !authCas.isLoggedIn()) {
                this.val$request.getFormAttributesMap(new Handler<Map<String, String>>() { // from class: fr.wseduc.cas.endpoint.Credential.2.1
                    @Override // fr.wseduc.cas.async.Handler
                    public void handle(Map<String, String> map) {
                        AnonymousClass2.this.val$dataHandler.authenticateUser(map.get("login"), map.get("password"), AnonymousClass2.this.val$authCas, new Handler<Try<AuthenticationException, AuthCas>>() { // from class: fr.wseduc.cas.endpoint.Credential.2.1.1
                            @Override // fr.wseduc.cas.async.Handler
                            public void handle(Try<AuthenticationException, AuthCas> r6) {
                                try {
                                    Credential.this.generateServiceTicket(AnonymousClass2.this.val$request, r6.get(), AnonymousClass2.this.val$dataHandler);
                                } catch (AuthenticationException e) {
                                    Credential.this.credentialResponse.denyResponse(AnonymousClass2.this.val$request, e);
                                }
                            }
                        });
                    }
                });
            } else {
                Credential.this.generateServiceTicket(this.val$request, this.val$authCas, this.val$dataHandler);
            }
        }
    }

    public void loginRequestor(final Request request) {
        DataHandler create = this.dataHandlerFactory.create(request);
        final String parameter = request.getParameter("service") != null ? request.getParameter("service") : request.getParameter("TARGET");
        final boolean z = Boolean.getBoolean(request.getParameter("renew"));
        final boolean z2 = Boolean.getBoolean(request.getParameter("gateway"));
        final String parameter2 = request.getParameter("method") != null ? request.getParameter("method") : "GET";
        create.getOrCreateAuth(request, new Handler<AuthCas>() { // from class: fr.wseduc.cas.endpoint.Credential.1
            @Override // fr.wseduc.cas.async.Handler
            public void handle(AuthCas authCas) {
                if (!authCas.isLoggedIn()) {
                    Credential.this.credentialResponse.loginRequestorResponse(request, new LoginTicket(), parameter, z, z2, parameter2);
                } else if (parameter == null || parameter.trim().isEmpty()) {
                    Credential.this.credentialResponse.loggedIn(request);
                } else {
                    Credential.this.loginAcceptor(request, authCas);
                }
            }
        });
    }

    public void loginAcceptor(Request request) {
        loginAcceptor(request, null);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void loginAcceptor(Request request, AuthCas authCas) {
        DataHandler create = this.dataHandlerFactory.create(request);
        if (authCas == null || !authCas.isLoggedIn()) {
            create.getOrCreateAuth(request, new AnonymousClass2(request, authCas, create));
        } else {
            generateServiceTicket(request, authCas, create);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void generateServiceTicket(final Request request, final AuthCas authCas, final DataHandler dataHandler) {
        final String parameter = request.getParameter("service") != null ? request.getParameter("service") : request.getParameter("TARGET");
        dataHandler.validateService(parameter, new Handler<Boolean>() { // from class: fr.wseduc.cas.endpoint.Credential.3
            @Override // fr.wseduc.cas.async.Handler
            public void handle(Boolean bool) {
                if (!bool.booleanValue()) {
                    Credential.this.credentialResponse.denyResponse(request, new AuthenticationException("INVALID_SERVICE"));
                    return;
                }
                final ServiceTicket serviceTicket = new ServiceTicket(parameter);
                String parameter2 = request.getParameter("ticketAttributeName");
                if (parameter2 != null && !parameter2.trim().isEmpty()) {
                    serviceTicket.setTicketParameter(parameter2);
                }
                if (request.getParameter("TARGET") != null) {
                    serviceTicket.setTicketParameter("SAMLart");
                }
                authCas.addServiceTicket(serviceTicket);
                dataHandler.persistAuth(authCas, new Handler<Boolean>() { // from class: fr.wseduc.cas.endpoint.Credential.3.1
                    @Override // fr.wseduc.cas.async.Handler
                    public void handle(Boolean bool2) {
                        if (bool2.booleanValue()) {
                            Credential.this.credentialResponse.loginAcceptorResponse(request, serviceTicket);
                        } else {
                            Credential.this.credentialResponse.denyResponse(request, new AuthenticationException("SESSION_ERROR"));
                        }
                    }
                });
            }
        });
    }

    public void logout(final Request request) {
        final String parameter = request.getParameter("service");
        this.dataHandlerFactory.create(request).getAndDestroyAuth(request, new Handler<AuthCas>() { // from class: fr.wseduc.cas.endpoint.Credential.4
            @Override // fr.wseduc.cas.async.Handler
            public void handle(AuthCas authCas) {
                if (authCas != null) {
                    Credential.this.singleLogout(authCas);
                }
                if (parameter == null || parameter.trim().isEmpty()) {
                    Credential.this.credentialResponse.logoutResponse(request);
                } else {
                    Credential.this.credentialResponse.logoutRedirectService(request, parameter);
                }
            }
        });
    }

    public void logout(String str) {
        this.dataHandlerFactory.create(null).getAndDestroyAuth(str, new Handler<AuthCas>() { // from class: fr.wseduc.cas.endpoint.Credential.5
            @Override // fr.wseduc.cas.async.Handler
            public void handle(AuthCas authCas) {
                if (authCas != null) {
                    Credential.this.singleLogout(authCas);
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void singleLogout(AuthCas authCas) {
        for (ServiceTicket serviceTicket : authCas.getServiceTickets()) {
            try {
                URI uri = new URI(serviceTicket.redirectUri());
                this.httpClientFactory.create(uri.getHost(), uri.getPort() > 0 ? uri.getPort() : "https".equals(uri.getScheme()) ? 443 : 80, "https".equals(uri.getScheme())).post(serviceTicket.redirectUri().replaceFirst("^(?:([^:/?#]+):)?(?://((?:(([^:@]*):?([^:@]*))?@)?([^:/?#]*)(?::(\\\\d*))?))?", ""), sloBody(serviceTicket.getTicket()), null);
            } catch (URISyntaxException e) {
                log.severe(e.getMessage());
            }
        }
    }

    private String sloBody(String str) {
        return "<samlp:LogoutRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\"\n     ID=\"" + UUID.randomUUID().toString() + "\" Version=\"2.0\" IssueInstant=\"" + df.format(new Date()) + "\">\n    <saml:NameID xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">\n      @NOT_USED@\n    </saml:NameID>\n    <samlp:SessionIndex>" + str + "</samlp:SessionIndex>\n  </samlp:LogoutRequest>";
    }

    public void setDataHandlerFactory(DataHandlerFactory dataHandlerFactory) {
        this.dataHandlerFactory = dataHandlerFactory;
    }

    public void setCredentialResponse(CredentialResponse credentialResponse) {
        this.credentialResponse = credentialResponse;
    }

    public void setHttpClientFactory(HttpClientFactory httpClientFactory) {
        this.httpClientFactory = httpClientFactory;
    }
}
