package org.jasig.cas.client.authentication;

import java.awt.image.BufferedImage;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Map;
import javax.imageio.ImageIO;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jasig.cas.client.Protocol;
import org.jasig.cas.client.configuration.ConfigurationKeys;
import org.jasig.cas.client.util.AbstractCasFilter;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.util.ReflectUtils;
import org.jasig.cas.client.validation.Assertion;

/* loaded from: input_file:org/jasig/cas/client/authentication/AuthenticationFilter.class */
public class AuthenticationFilter extends AbstractCasFilter {
    private String casServerLoginUrl;
    private boolean renew;
    private String clientSourceTarget;
    private String casServerUrlPrefix;
    private String ajaxLoginCallBackUrlPrefix;
    private boolean gateway;
    private GatewayResolver gatewayStorage;
    private AuthenticationRedirectStrategy authenticationRedirectStrategy;
    private UrlPatternMatcherStrategy ignoreUrlPatternMatcherStrategyClass;
    private static final Map<String, Class<? extends UrlPatternMatcherStrategy>> PATTERN_MATCHER_TYPES = new HashMap();

    public AuthenticationFilter() {
        this(Protocol.CAS2);
    }

    protected AuthenticationFilter(Protocol protocol) {
        super(protocol);
        this.renew = false;
        this.gateway = false;
        this.gatewayStorage = new DefaultGatewayResolverImpl();
        this.authenticationRedirectStrategy = new DefaultAuthenticationRedirectStrategy();
        this.ignoreUrlPatternMatcherStrategyClass = null;
    }

    public void setCasServerUrlPrefix(String str) {
        this.casServerUrlPrefix = str;
    }

    public void setAjaxLoginCallBackUrlPrefix(String str) {
        this.ajaxLoginCallBackUrlPrefix = str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.jasig.cas.client.util.AbstractCasFilter
    public void initInternal(FilterConfig filterConfig) throws ServletException {
        if (isIgnoreInitConfiguration()) {
            return;
        }
        super.initInternal(filterConfig);
        setCasServerLoginUrl(getString(ConfigurationKeys.CAS_SERVER_LOGIN_URL));
        setClientSourceTarget(filterConfig.getInitParameter("clientSourceTarget"));
        setAjaxLoginCallBackUrlPrefix(filterConfig.getInitParameter("ajaxLoginCallBackUrlPrefix"));
        setCasServerUrlPrefix(filterConfig.getInitParameter("casServerUrlPrefix"));
        if (this.casServerUrlPrefix == null) {
            this.casServerUrlPrefix = this.casServerLoginUrl.replace("/login", "");
        }
        setRenew(getBoolean(ConfigurationKeys.RENEW));
        setGateway(getBoolean(ConfigurationKeys.GATEWAY));
        String string = getString(ConfigurationKeys.IGNORE_PATTERN);
        String string2 = getString(ConfigurationKeys.IGNORE_URL_PATTERN_TYPE);
        if (string != null) {
            Class<? extends UrlPatternMatcherStrategy> cls = PATTERN_MATCHER_TYPES.get(string2);
            if (cls != null) {
                this.ignoreUrlPatternMatcherStrategyClass = (UrlPatternMatcherStrategy) ReflectUtils.newInstance(cls.getName(), new Object[0]);
            } else {
                try {
                    this.logger.trace("Assuming {} is a qualified class name...", string2);
                    this.ignoreUrlPatternMatcherStrategyClass = (UrlPatternMatcherStrategy) ReflectUtils.newInstance(string2, new Object[0]);
                } catch (IllegalArgumentException e) {
                    this.logger.error("Could not instantiate class [{}]", string2, e);
                }
            }
            if (this.ignoreUrlPatternMatcherStrategyClass != null) {
                this.ignoreUrlPatternMatcherStrategyClass.setPattern(string);
            }
        }
        Class cls2 = getClass(ConfigurationKeys.GATEWAY_STORAGE_CLASS);
        if (cls2 != null) {
            setGatewayStorage((GatewayResolver) ReflectUtils.newInstance(cls2, new Object[0]));
        }
        Class cls3 = getClass(ConfigurationKeys.AUTHENTICATION_REDIRECT_STRATEGY_CLASS);
        if (cls3 != null) {
            this.authenticationRedirectStrategy = (AuthenticationRedirectStrategy) ReflectUtils.newInstance(cls3, new Object[0]);
        }
    }

    @Override // org.jasig.cas.client.util.AbstractCasFilter
    public void init() {
        super.init();
        CommonUtils.assertNotNull(this.casServerLoginUrl, "casServerLoginUrl cannot be null.");
    }

    private final String getLoginImgStr(String str) {
        return "(function(){\n\tvar body = document.getElementsByTagName('body')[0];\n\tvar img = document.createElement(\"img\");\n\timg.src = '" + str + "';\n\timg.style.display='none'\n\tbody.appendChild(img); \n})();\n";
    }

    public final void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String str;
        if (servletRequest.getAttribute("__pass_sso") != null) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (isRequestUrlExcluded(httpServletRequest)) {
            this.logger.debug("Request is ignored.");
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        Boolean bool = false;
        if (httpServletRequest.getCookies() != null) {
            Cookie[] cookies = httpServletRequest.getCookies();
            int length = cookies.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Cookie cookie = cookies[i];
                if ("__l".equals(cookie.getName()) && "true".equals(cookie.getValue())) {
                    bool = true;
                    break;
                }
                i++;
            }
        }
        Boolean bool2 = false;
        Boolean bool3 = false;
        String str2 = null;
        String str3 = null;
        if (httpServletRequest.getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION) != null || (httpServletRequest.getSession() != null && httpServletRequest.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION) != null)) {
            bool2 = true;
            str3 = (String) httpServletRequest.getSession().getAttribute(AbstractCasFilter.PRINCIPAL_UU_ID);
            if (httpServletRequest.getCookies() != null && str3 != null && !"".equals(str3)) {
                Cookie[] cookies2 = httpServletRequest.getCookies();
                int length2 = cookies2.length;
                int i2 = 0;
                while (true) {
                    if (i2 >= length2) {
                        break;
                    }
                    Cookie cookie2 = cookies2[i2];
                    if ("__u".equals(cookie2.getName())) {
                        str2 = cookie2.getValue();
                        break;
                    }
                    i2++;
                }
            }
        }
        if (str2 == null || "".equals(str2) || str2.equals(str3)) {
            bool3 = true;
        }
        if (!bool2.booleanValue() || !bool.booleanValue() || !bool3.booleanValue()) {
            if (httpServletRequest.getRequestURI().endsWith("_checkStatus.js")) {
                String header = httpServletRequest.getHeader("Referer");
                if (header == null) {
                    header = "";
                }
                String str4 = this.casServerLoginUrl + (this.casServerLoginUrl.indexOf("?") > 0 ? "&" : "?") + "service=" + URLEncoder.encode(this.ajaxLoginCallBackUrlPrefix + "/_ajaxLoginCallback.js?_source_target=" + makeSourceTarget(httpServletRequest, httpServletResponse) + "&_backUrl=" + URLEncoder.encode(makeLoginCallBackUrl(header, makeSourceTarget(httpServletRequest, httpServletResponse), httpServletRequest, httpServletResponse), "UTF-8"), "UTF-8");
                String makeSourceTarget = makeSourceTarget(httpServletRequest, httpServletResponse);
                if (makeSourceTarget != null) {
                    str4 = str4 + "&_source_target=" + makeSourceTarget;
                }
                httpServletResponse.setContentType("application/javascript");
                httpServletResponse.getWriter().write("window.location.href='" + str4 + "';");
                return;
            }
            String constructServiceUrl = constructServiceUrl(httpServletRequest, httpServletResponse);
            String retrieveTicketFromRequest = retrieveTicketFromRequest(httpServletRequest);
            boolean z = this.gateway && this.gatewayStorage.hasGatewayedAlready(httpServletRequest, constructServiceUrl);
            if (CommonUtils.isNotBlank(retrieveTicketFromRequest) || z) {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
            this.logger.debug("no ticket and no assertion found");
            if (this.gateway) {
                this.logger.debug("setting gateway attribute in session");
                str = this.gatewayStorage.storeGatewayInformation(httpServletRequest, constructServiceUrl);
            } else {
                str = constructServiceUrl;
            }
            String makeLoginCallBackUrl = makeLoginCallBackUrl(str, makeSourceTarget(httpServletRequest, httpServletResponse), httpServletRequest, httpServletResponse);
            this.logger.debug("Constructed service url: {}", makeLoginCallBackUrl);
            String constructRedirectUrl = CommonUtils.constructRedirectUrl(this.casServerLoginUrl, getProtocol().getServiceParameterName(), makeLoginCallBackUrl, this.renew, this.gateway);
            String makeSourceTarget2 = makeSourceTarget(httpServletRequest, httpServletResponse);
            if (makeSourceTarget2 != null) {
                constructRedirectUrl = constructRedirectUrl + (constructRedirectUrl.indexOf("?") > 0 ? "&" : "?") + "_source_target=" + makeSourceTarget2;
            }
            this.logger.debug("redirecting to \"{}\"", constructRedirectUrl);
            this.authenticationRedirectStrategy.redirect(httpServletRequest, httpServletResponse, constructRedirectUrl, bool3.booleanValue());
            return;
        }
        if (!httpServletRequest.getRequestURI().endsWith("_getuserinfo.jsonp")) {
            if (httpServletRequest.getRequestURI().indexOf("_autologin_") >= 0) {
                httpServletResponse.setContentType("image/jpeg");
                ImageIO.write(new BufferedImage(1, 1, 1), "jpg", httpServletResponse.getOutputStream());
                return;
            }
            if (httpServletRequest.getRequestURI().indexOf("_checkStatus.js") > 0) {
                httpServletResponse.setContentType("application/javascript");
                httpServletResponse.getWriter().write("");
                return;
            }
            if (httpServletRequest.getRequestURI().indexOf("_ajaxLoginCallback.js") <= 0) {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
            String parameter = httpServletRequest.getParameter("logout");
            if (parameter != null && "true".equals(parameter.trim()) && httpServletRequest.getSession(false) != null) {
                httpServletRequest.getSession(false).invalidate();
            }
            String parameter2 = httpServletRequest.getParameter("_backUrl");
            if (parameter2 == null) {
                httpServletResponse.sendRedirect(httpServletRequest.getContextPath());
                return;
            } else {
                httpServletResponse.sendRedirect(parameter2);
                return;
            }
        }
        httpServletResponse.setContentType("application/javascript");
        String parameter3 = httpServletRequest.getParameter("callback");
        if (parameter3 == null || "".endsWith(parameter3)) {
            parameter3 = "callback";
        }
        String replace = parameter3.replace("<", "");
        StringBuilder sb = new StringBuilder();
        Map<String, Object> attributes = ((Assertion) httpServletRequest.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION)).getPrincipal().getAttributes();
        sb.append("{");
        String str5 = (String) attributes.get("phone");
        String str6 = (String) attributes.get("email");
        String str7 = (String) attributes.get("userName");
        if (str5 != null && str5.length() > 3) {
            sb.append("\"phone\":\"" + str5.substring(0, 3) + "****\",");
        }
        if (str7 != null && !"".equals(str7.trim())) {
            if (str7.length() > 3) {
                sb.append("\"userName\":\"" + str7.substring(0, 3) + "****\",");
            } else {
                sb.append("\"userName\":\"" + str7 + "****\",");
            }
        }
        if (str6 != null && str6.indexOf("@") > 0) {
            String substring = str6.substring(str6.indexOf("@"), str6.length());
            String substring2 = str6.substring(0, str6.indexOf("@"));
            if (substring2.length() > 3) {
                sb.append("\"email\":\"" + substring2.substring(0, 3) + "****" + substring + "\",");
            } else {
                sb.append("\"email\":\"" + substring2 + "****" + substring + "\",");
            }
        }
        sb.append("\"version\":" + System.currentTimeMillis() + "");
        sb.append("}");
        httpServletResponse.setContentType("application/javascript; charset=UTF-8");
        httpServletResponse.getWriter().write(replace + "(" + sb.toString() + ")");
    }

    public final void setRenew(boolean z) {
        this.renew = z;
    }

    public final void setGateway(boolean z) {
        this.gateway = z;
    }

    public final void setCasServerLoginUrl(String str) {
        this.casServerLoginUrl = str;
    }

    public final void setClientSourceTarget(String str) {
        this.clientSourceTarget = str;
    }

    protected String makeLoginCallBackUrl(String str, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return str;
    }

    protected String makeSourceTarget(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return this.clientSourceTarget;
    }

    public final void setGatewayStorage(GatewayResolver gatewayResolver) {
        this.gatewayStorage = gatewayResolver;
    }

    private boolean isRequestUrlExcluded(HttpServletRequest httpServletRequest) {
        if (this.ignoreUrlPatternMatcherStrategyClass == null) {
            return false;
        }
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        if (httpServletRequest.getQueryString() != null) {
            requestURL.append("?").append(httpServletRequest.getQueryString());
        }
        return this.ignoreUrlPatternMatcherStrategyClass.matches(requestURL.toString());
    }

    static {
        PATTERN_MATCHER_TYPES.put("CONTAINS", ContainsPatternUrlPatternMatcherStrategy.class);
        PATTERN_MATCHER_TYPES.put("REGEX", RegexUrlPatternMatcherStrategy.class);
        PATTERN_MATCHER_TYPES.put("EXACT", ExactUrlPatternMatcherStrategy.class);
    }
}
