package org.jasig.cas.web.flow;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jasig.cas.CentralAuthenticationService;
import org.jasig.cas.authentication.principal.Credentials;
import org.jasig.cas.authentication.principal.SimpleService;
import org.jasig.cas.ticket.TicketException;
import org.jasig.cas.validation.UsernamePasswordCredentialsValidator;
import org.jasig.cas.web.bind.CredentialsBinder;
import org.jasig.cas.web.flow.util.ContextUtils;
import org.jasig.cas.web.support.WebConstants;
import org.jasig.cas.web.util.SecureCookieGenerator;
import org.jasig.cas.web.util.WebUtils;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.validation.DataBinder;
import org.springframework.webflow.Event;
import org.springframework.webflow.RequestContext;
import org.springframework.webflow.action.FormAction;
import org.springframework.webflow.action.FormObjectAccessor;

/* loaded from: input_file:WEB-INF/lib/cas-server-3.0.4.jar:org/jasig/cas/web/flow/AuthenticationViaFormAction.class */
public final class AuthenticationViaFormAction extends FormAction implements InitializingBean {
    private CredentialsBinder credentialsBinder;
    private CentralAuthenticationService centralAuthenticationService;
    private SecureCookieGenerator warnCookieGenerator;
    private SecureCookieGenerator ticketGrantingTicketCookieGenerator;
    static Class class$org$jasig$cas$authentication$handler$AuthenticationException;
    static Class class$org$jasig$cas$authentication$principal$UsernamePasswordCredentials;
    static Class class$org$jasig$cas$authentication$principal$Credentials;

    protected void doBind(RequestContext requestContext, DataBinder dataBinder) throws Exception {
        HttpServletRequest httpServletRequest = ContextUtils.getHttpServletRequest(requestContext);
        Credentials credentials = (Credentials) dataBinder.getTarget();
        if (this.credentialsBinder != null) {
            this.credentialsBinder.bind(httpServletRequest, credentials);
        }
        super.doBind(requestContext, dataBinder);
    }

    public Event submit(RequestContext requestContext) throws Exception {
        Class cls;
        Credentials credentials = (Credentials) getFormObject(requestContext);
        HttpServletRequest httpServletRequest = ContextUtils.getHttpServletRequest(requestContext);
        HttpServletResponse httpServletResponse = ContextUtils.getHttpServletResponse(requestContext);
        boolean requestParameterAsBoolean = WebUtils.getRequestParameterAsBoolean(httpServletRequest, "warn");
        boolean requestParameterAsBoolean2 = WebUtils.getRequestParameterAsBoolean(httpServletRequest, "renew");
        String requestParameterAsString = WebUtils.getRequestParameterAsString(httpServletRequest, "service");
        String cookieValue = this.ticketGrantingTicketCookieGenerator.getCookieValue(httpServletRequest);
        if (requestParameterAsBoolean2 && StringUtils.hasText(cookieValue) && StringUtils.hasText(requestParameterAsString)) {
            try {
                ContextUtils.addAttribute(requestContext, WebConstants.TICKET, this.centralAuthenticationService.grantServiceTicket(cookieValue, new SimpleService(requestParameterAsString), credentials));
                setWarningCookie(httpServletResponse, requestParameterAsBoolean);
                return warn();
            } catch (TicketException e) {
                if (e.getCause() != null) {
                    if (class$org$jasig$cas$authentication$handler$AuthenticationException == null) {
                        cls = class$("org.jasig.cas.authentication.handler.AuthenticationException");
                        class$org$jasig$cas$authentication$handler$AuthenticationException = cls;
                    } else {
                        cls = class$org$jasig$cas$authentication$handler$AuthenticationException;
                    }
                    if (cls.isAssignableFrom(e.getCause().getClass())) {
                        populateErrorsInstance(requestContext, e);
                        return error();
                    }
                }
                this.centralAuthenticationService.destroyTicketGrantingTicket(cookieValue);
                if (this.logger.isDebugEnabled()) {
                    this.logger.debug("Attempted to generate a ServiceTicket using renew=true with different credentials", e);
                }
            }
        }
        try {
            ContextUtils.addAttribute(requestContext, AbstractLoginAction.REQUEST_ATTRIBUTE_TICKET_GRANTING_TICKET, this.centralAuthenticationService.createTicketGrantingTicket(credentials));
            setWarningCookie(httpServletResponse, requestParameterAsBoolean);
            return success();
        } catch (TicketException e2) {
            populateErrorsInstance(requestContext, e2);
            return error();
        }
    }

    private Event warn() {
        return result("warn");
    }

    private void populateErrorsInstance(RequestContext requestContext, TicketException ticketException) {
        new FormObjectAccessor(requestContext).getFormErrors(getFormObjectName(), getFormErrorsScope()).reject(ticketException.getCode(), ticketException.getCode());
    }

    private void setWarningCookie(HttpServletResponse httpServletResponse, boolean z) {
        if (z) {
            this.warnCookieGenerator.addCookie(httpServletResponse);
        } else {
            this.warnCookieGenerator.removeCookie(httpServletResponse);
        }
    }

    public void setTicketGrantingTicketCookieGenerator(SecureCookieGenerator secureCookieGenerator) {
        this.ticketGrantingTicketCookieGenerator = secureCookieGenerator;
    }

    public void setWarnCookieGenerator(SecureCookieGenerator secureCookieGenerator) {
        this.warnCookieGenerator = secureCookieGenerator;
    }

    public void setCentralAuthenticationService(CentralAuthenticationService centralAuthenticationService) {
        this.centralAuthenticationService = centralAuthenticationService;
    }

    public void setCredentialsBinder(CredentialsBinder credentialsBinder) {
        this.credentialsBinder = credentialsBinder;
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() {
        Class cls;
        Class cls2;
        super.afterPropertiesSet();
        Assert.notNull(this.centralAuthenticationService);
        Assert.notNull(this.warnCookieGenerator);
        Assert.notNull(this.ticketGrantingTicketCookieGenerator);
        if (getFormObjectClass() == null) {
            if (class$org$jasig$cas$authentication$principal$UsernamePasswordCredentials == null) {
                cls2 = class$("org.jasig.cas.authentication.principal.UsernamePasswordCredentials");
                class$org$jasig$cas$authentication$principal$UsernamePasswordCredentials = cls2;
            } else {
                cls2 = class$org$jasig$cas$authentication$principal$UsernamePasswordCredentials;
            }
            setFormObjectClass(cls2);
            setFormObjectName("credentials");
            setValidator(new UsernamePasswordCredentialsValidator());
            this.logger.info(new StringBuffer().append("FormObjectClass not set.  Using default class of ").append(getFormObjectClass().getName()).append(" with formObjectName ").append(getFormObjectName()).append(" and validator ").append(getValidator().getClass().getName()).append(".").toString());
        }
        if (class$org$jasig$cas$authentication$principal$Credentials == null) {
            cls = class$("org.jasig.cas.authentication.principal.Credentials");
            class$org$jasig$cas$authentication$principal$Credentials = cls;
        } else {
            cls = class$org$jasig$cas$authentication$principal$Credentials;
        }
        Assert.isTrue(cls.isAssignableFrom(getFormObjectClass()), "CommandClass must be of type Credentials.");
        if (this.credentialsBinder != null && !this.credentialsBinder.supports(getFormObjectClass())) {
            throw new IllegalStateException(new StringBuffer().append("CredentialsBinder does not support supplied FormObjectClass: ").append(getClass().getName()).toString());
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
