package org.jasig.cas.authentication;

import com.github.inspektr.audit.annotation.Audit;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import javassist.compiler.TokenId;
import javax.validation.constraints.NotNull;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.runtime.reflect.Factory;
import org.jasig.cas.aspect.LogAspect;
import org.jasig.cas.authentication.principal.Principal;
import org.jasig.cas.authentication.principal.PrincipalResolver;
import org.perf4j.aop.Profiled;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/cas-server-core-4.0.7.jar:org/jasig/cas/authentication/PolicyBasedAuthenticationManager.class */
public class PolicyBasedAuthenticationManager implements AuthenticationManager {
    private static final Principal NULL_PRINCIPAL;
    protected final Logger logger;

    @NotNull
    private List<AuthenticationMetaDataPopulator> authenticationMetaDataPopulators;

    @NotNull
    private AuthenticationPolicy authenticationPolicy;

    @NotNull
    private final Map<AuthenticationHandler, PrincipalResolver> handlerResolverMap;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_0 = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/lib/cas-server-core-4.0.7.jar:org/jasig/cas/authentication/PolicyBasedAuthenticationManager$NullPrincipal.class */
    public static class NullPrincipal implements Principal {
        private static final String NOBODY = "nobody";
        private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_0 = null;
        private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_1 = null;

        NullPrincipal() {
        }

        @Override // org.jasig.cas.authentication.principal.Principal
        public String getId() {
            JoinPoint makeJP = Factory.makeJP(ajc$tjp_0, this, this);
            return (String) getId_aroundBody1$advice(this, makeJP, LogAspect.aspectOf(), (ProceedingJoinPoint) makeJP);
        }

        @Override // org.jasig.cas.authentication.principal.Principal
        public Map<String, Object> getAttributes() {
            JoinPoint makeJP = Factory.makeJP(ajc$tjp_1, this, this);
            return (Map) getAttributes_aroundBody3$advice(this, makeJP, LogAspect.aspectOf(), (ProceedingJoinPoint) makeJP);
        }

        static {
            ajc$preClinit();
        }

        private static final /* synthetic */ Object getId_aroundBody1$advice(NullPrincipal nullPrincipal, JoinPoint joinPoint, LogAspect logAspect, ProceedingJoinPoint proceedingJoinPoint) {
            String str;
            String str2 = null;
            Logger log = logAspect.getLog(proceedingJoinPoint);
            String name = proceedingJoinPoint.getSignature().getName();
            try {
                if (log.isTraceEnabled()) {
                    Object[] args = proceedingJoinPoint.getArgs();
                    log.trace("Entering method [{}] with arguments [{}]", name, (args == null || args.length == 0) ? "" : Arrays.deepToString(args));
                }
                str = NOBODY;
                str2 = str;
                log.trace("Leaving method [{}] with return value [{}].", name, str2 != null ? str2.toString() : "null");
                return str2;
            } catch (Throwable th) {
                log.trace("Leaving method [{}] with return value [{}].", name, str2 != null ? str2.toString() : "null");
                throw th;
            }
        }

        private static final /* synthetic */ Map getAttributes_aroundBody2(NullPrincipal nullPrincipal, JoinPoint joinPoint) {
            return Collections.emptyMap();
        }

        /*  JADX ERROR: JadxRuntimeException in pass: InlineMethods
            jadx.core.utils.exceptions.JadxRuntimeException: Failed to process method for inline: org.jasig.cas.authentication.PolicyBasedAuthenticationManager.NullPrincipal.getAttributes_aroundBody2(org.jasig.cas.authentication.PolicyBasedAuthenticationManager$NullPrincipal, org.aspectj.lang.JoinPoint):java.util.Map
            	at jadx.core.dex.visitors.InlineMethods.processInvokeInsn(InlineMethods.java:74)
            	at jadx.core.dex.visitors.InlineMethods.visit(InlineMethods.java:49)
            Caused by: java.lang.IndexOutOfBoundsException: Index: 0
            	at java.base/java.util.Collections$EmptyList.get(Collections.java:4807)
            	at jadx.core.dex.nodes.InsnNode.getArg(InsnNode.java:103)
            	at jadx.core.dex.visitors.MarkMethodsForInline.isSyntheticAccessPattern(MarkMethodsForInline.java:117)
            	at jadx.core.dex.visitors.MarkMethodsForInline.inlineMth(MarkMethodsForInline.java:86)
            	at jadx.core.dex.visitors.MarkMethodsForInline.process(MarkMethodsForInline.java:53)
            	at jadx.core.dex.visitors.InlineMethods.processInvokeInsn(InlineMethods.java:63)
            	... 1 more
            */
        private static final /* synthetic */ java.lang.Object getAttributes_aroundBody3$advice(org.jasig.cas.authentication.PolicyBasedAuthenticationManager.NullPrincipal r5, org.aspectj.lang.JoinPoint r6, org.jasig.cas.aspect.LogAspect r7, org.aspectj.lang.ProceedingJoinPoint r8) {
            /*
                r0 = 0
                r9 = r0
                r0 = r7
                r1 = r8
                org.slf4j.Logger r0 = org.jasig.cas.aspect.LogAspect.ajc$inlineAccessMethod$org_jasig_cas_aspect_LogAspect$org_jasig_cas_aspect_LogAspect$getLog(r0, r1)
                r10 = r0
                r0 = r8
                org.aspectj.lang.Signature r0 = r0.getSignature()
                java.lang.String r0 = r0.getName()
                r11 = r0
                r0 = r10
                boolean r0 = r0.isTraceEnabled()     // Catch: java.lang.Throwable -> L7b
                if (r0 == 0) goto L4f
                r0 = r8
                java.lang.Object[] r0 = r0.getArgs()     // Catch: java.lang.Throwable -> L7b
                r12 = r0
                r0 = r12
                if (r0 == 0) goto L34
                r0 = r12
                int r0 = r0.length     // Catch: java.lang.Throwable -> L7b
                if (r0 != 0) goto L3b
            L34:
                java.lang.String r0 = ""
                r13 = r0
                goto L42
            L3b:
                r0 = r12
                java.lang.String r0 = java.util.Arrays.deepToString(r0)     // Catch: java.lang.Throwable -> L7b
                r13 = r0
            L42:
                r0 = r10
                java.lang.String r1 = "Entering method [{}] with arguments [{}]"
                r2 = r11
                r3 = r13
                r0.trace(r1, r2, r3)     // Catch: java.lang.Throwable -> L7b
            L4f:
                r0 = r8
                r16 = r0
                r0 = r5
                r1 = r16
                java.util.Map r0 = getAttributes_aroundBody2(r0, r1)     // Catch: java.lang.Throwable -> L7b
                r9 = r0
                r0 = r9
                r15 = r0
                r0 = r10
                java.lang.String r1 = "Leaving method [{}] with return value [{}]."
                r2 = r11
                r3 = r9
                if (r3 == 0) goto L71
                r3 = r9
                java.lang.String r3 = r3.toString()
                goto L73
            L71:
                java.lang.String r3 = "null"
            L73:
                r0.trace(r1, r2, r3)
                r0 = r15
                return r0
            L7b:
                r14 = move-exception
                r0 = r10
                java.lang.String r1 = "Leaving method [{}] with return value [{}]."
                r2 = r11
                r3 = r9
                if (r3 == 0) goto L90
                r3 = r9
                java.lang.String r3 = r3.toString()
                goto L92
            L90:
                java.lang.String r3 = "null"
            L92:
                r0.trace(r1, r2, r3)
                r0 = r14
                throw r0
            */
            throw new UnsupportedOperationException("Method not decompiled: org.jasig.cas.authentication.PolicyBasedAuthenticationManager.NullPrincipal.getAttributes_aroundBody3$advice(org.jasig.cas.authentication.PolicyBasedAuthenticationManager$NullPrincipal, org.aspectj.lang.JoinPoint, org.jasig.cas.aspect.LogAspect, org.aspectj.lang.ProceedingJoinPoint):java.lang.Object");
        }

        private static /* synthetic */ void ajc$preClinit() {
            Factory factory = new Factory("PolicyBasedAuthenticationManager.java", NullPrincipal.class);
            ajc$tjp_0 = factory.makeSJP(JoinPoint.METHOD_EXECUTION, factory.makeMethodSig("1", "getId", "org.jasig.cas.authentication.PolicyBasedAuthenticationManager$NullPrincipal", "", "", "", "java.lang.String"), 299);
            ajc$tjp_1 = factory.makeSJP(JoinPoint.METHOD_EXECUTION, factory.makeMethodSig("1", "getAttributes", "org.jasig.cas.authentication.PolicyBasedAuthenticationManager$NullPrincipal", "", "", "", "java.util.Map"), TokenId.CASE);
        }
    }

    static {
        ajc$preClinit();
        NULL_PRINCIPAL = new NullPrincipal();
    }

    public PolicyBasedAuthenticationManager(AuthenticationHandler... authenticationHandlerArr) {
        this((List<AuthenticationHandler>) Arrays.asList(authenticationHandlerArr));
    }

    public PolicyBasedAuthenticationManager(List<AuthenticationHandler> list) {
        this.logger = LoggerFactory.getLogger(getClass());
        this.authenticationMetaDataPopulators = new ArrayList();
        this.authenticationPolicy = new AnyAuthenticationPolicy();
        Assert.notEmpty(list, "At least one authentication handler is required");
        this.handlerResolverMap = new LinkedHashMap(list.size());
        Iterator<AuthenticationHandler> it = list.iterator();
        while (it.hasNext()) {
            this.handlerResolverMap.put(it.next(), null);
        }
    }

    public PolicyBasedAuthenticationManager(Map<AuthenticationHandler, PrincipalResolver> map) {
        this.logger = LoggerFactory.getLogger(getClass());
        this.authenticationMetaDataPopulators = new ArrayList();
        this.authenticationPolicy = new AnyAuthenticationPolicy();
        Assert.notEmpty(map, "At least one authentication handler is required");
        this.handlerResolverMap = map;
    }

    @Override // org.jasig.cas.authentication.AuthenticationManager
    @Audit(action = "AUTHENTICATION", actionResolverName = "AUTHENTICATION_RESOLVER", resourceResolverName = "AUTHENTICATION_RESOURCE_RESOLVER")
    @Profiled(tag = "AUTHENTICATE", logFailuresSeparately = false)
    public final Authentication authenticate(Credential... credentialArr) throws AuthenticationException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_0, (Object) this, (Object) this, (Object) credentialArr);
        return (Authentication) authenticate_aroundBody1$advice(this, credentialArr, makeJP, LogAspect.aspectOf(), (ProceedingJoinPoint) makeJP);
    }

    public final void setAuthenticationMetaDataPopulators(List<AuthenticationMetaDataPopulator> list) {
        this.authenticationMetaDataPopulators = list;
    }

    public void setAuthenticationPolicy(AuthenticationPolicy authenticationPolicy) {
        this.authenticationPolicy = authenticationPolicy;
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected AuthenticationBuilder authenticateInternal(Credential... credentialArr) throws AuthenticationException {
        Principal resolvePrincipal;
        AuthenticationBuilder authenticationBuilder = new AuthenticationBuilder(NULL_PRINCIPAL);
        for (Credential credential : credentialArr) {
            authenticationBuilder.addCredential(new BasicCredentialMetaData(credential));
        }
        for (Credential credential2 : credentialArr) {
            boolean z = false;
            for (AuthenticationHandler authenticationHandler : this.handlerResolverMap.keySet()) {
                if (authenticationHandler.supports(credential2)) {
                    z = true;
                    try {
                        HandlerResult authenticate = authenticationHandler.authenticate(credential2);
                        authenticationBuilder.addSuccess(authenticationHandler.getName(), authenticate);
                        this.logger.info("{} successfully authenticated {}", authenticationHandler.getName(), credential2);
                        PrincipalResolver principalResolver = this.handlerResolverMap.get(authenticationHandler);
                        if (principalResolver == null) {
                            resolvePrincipal = authenticate.getPrincipal();
                            this.logger.debug("No resolver configured for {}. Falling back to handler principal {}", authenticationHandler.getName(), resolvePrincipal);
                        } else {
                            resolvePrincipal = resolvePrincipal(authenticationHandler.getName(), principalResolver, credential2);
                        }
                        if (resolvePrincipal != null) {
                            authenticationBuilder.setPrincipal(resolvePrincipal);
                        }
                        if (this.authenticationPolicy.isSatisfiedBy(authenticationBuilder.build())) {
                            return authenticationBuilder;
                        }
                    } catch (GeneralSecurityException e) {
                        this.logger.info("{} failed authenticating {}", authenticationHandler.getName(), credential2);
                        authenticationBuilder.addFailure(authenticationHandler.getName(), e.getClass());
                    } catch (PreventedException e2) {
                        authenticationBuilder.addFailure(authenticationHandler.getName(), e2.getClass());
                    }
                }
            }
            if (!z) {
                this.logger.warn("Cannot find authentication handler that supports {}, which suggests a configuration problem.", credential2);
            }
        }
        if (authenticationBuilder.getSuccesses().isEmpty()) {
            throw new AuthenticationException(authenticationBuilder.getFailures(), authenticationBuilder.getSuccesses());
        }
        if (this.authenticationPolicy.isSatisfiedBy(authenticationBuilder.build())) {
            return authenticationBuilder;
        }
        throw new AuthenticationException(authenticationBuilder.getFailures(), authenticationBuilder.getSuccesses());
    }

    protected Principal resolvePrincipal(String str, PrincipalResolver principalResolver, Credential credential) {
        if (!principalResolver.supports(credential)) {
            this.logger.warn("{} is configured to use {} but it does not support {}, which suggests a configuration problem.", str, principalResolver, credential);
            return null;
        }
        try {
            Principal resolve = principalResolver.resolve(credential);
            this.logger.debug("{} resolved {} from {}", principalResolver, resolve, credential);
            return resolve;
        } catch (Exception e) {
            this.logger.error("{} failed to resolve principal from {}", principalResolver, credential, e);
            return null;
        }
    }

    private static AuthenticationException createAuthenticationException(Authentication authentication) {
        return new AuthenticationException(authentication.getFailures(), authentication.getSuccesses());
    }

    private static final /* synthetic */ Authentication authenticate_aroundBody0(PolicyBasedAuthenticationManager policyBasedAuthenticationManager, Credential[] credentialArr, JoinPoint joinPoint) {
        AuthenticationBuilder authenticateInternal = policyBasedAuthenticationManager.authenticateInternal(credentialArr);
        Authentication build = authenticateInternal.build();
        Principal principal = build.getPrincipal();
        if (principal instanceof NullPrincipal) {
            throw new UnresolvedPrincipalException(build);
        }
        Iterator<HandlerResult> it = build.getSuccesses().values().iterator();
        while (it.hasNext()) {
            authenticateInternal.addAttribute(AuthenticationManager.AUTHENTICATION_METHOD_ATTRIBUTE, it.next().getHandlerName());
        }
        policyBasedAuthenticationManager.logger.info("Authenticated {} with credentials {}.", principal, Arrays.asList(credentialArr));
        policyBasedAuthenticationManager.logger.debug("Attribute map for {}: {}", principal.getId(), principal.getAttributes());
        for (AuthenticationMetaDataPopulator authenticationMetaDataPopulator : policyBasedAuthenticationManager.authenticationMetaDataPopulators) {
            for (Credential credential : credentialArr) {
                authenticationMetaDataPopulator.populateAttributes(authenticateInternal, credential);
            }
        }
        return authenticateInternal.build();
    }

    private static final /* synthetic */ Object authenticate_aroundBody1$advice(PolicyBasedAuthenticationManager policyBasedAuthenticationManager, Credential[] credentialArr, JoinPoint joinPoint, LogAspect logAspect, ProceedingJoinPoint proceedingJoinPoint) {
        Authentication authentication = null;
        Logger log = logAspect.getLog(proceedingJoinPoint);
        String name = proceedingJoinPoint.getSignature().getName();
        try {
            if (log.isTraceEnabled()) {
                Object[] args = proceedingJoinPoint.getArgs();
                log.trace("Entering method [{}] with arguments [{}]", name, (args == null || args.length == 0) ? "" : Arrays.deepToString(args));
            }
            authentication = authenticate_aroundBody0(policyBasedAuthenticationManager, credentialArr, proceedingJoinPoint);
            log.trace("Leaving method [{}] with return value [{}].", name, authentication != null ? authentication.toString() : "null");
            return authentication;
        } catch (Throwable th) {
            log.trace("Leaving method [{}] with return value [{}].", name, authentication != null ? authentication.toString() : "null");
            throw th;
        }
    }

    private static /* synthetic */ void ajc$preClinit() {
        Factory factory = new Factory("PolicyBasedAuthenticationManager.java", PolicyBasedAuthenticationManager.class);
        ajc$tjp_0 = factory.makeSJP(JoinPoint.METHOD_EXECUTION, factory.makeMethodSig("91", "authenticate", "org.jasig.cas.authentication.PolicyBasedAuthenticationManager", "[Lorg.jasig.cas.authentication.Credential;", "credentials", "org.jasig.cas.authentication.AuthenticationException", "org.jasig.cas.authentication.Authentication"), 141);
    }
}
