package org.fenixedu.bennu.cas.client.api;

import com.google.common.base.Strings;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLDecoder;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Optional;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.fenixedu.bennu.cas.client.CASClientConfiguration;
import org.fenixedu.bennu.cas.client.strategy.DefaultTicketValidationStrategy;
import org.fenixedu.bennu.cas.client.strategy.TicketValidationStrategy;
import org.fenixedu.bennu.core.domain.exceptions.AuthorizationException;
import org.fenixedu.bennu.portal.servlet.PortalLoginServlet;
import org.jasig.cas.client.validation.TicketValidationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("/cas-client/login")
/* loaded from: input_file:org/fenixedu/bennu/cas/client/api/CASResource.class */
public class CASResource {
    private static final Logger logger = LoggerFactory.getLogger(CASResource.class);
    private static final Charset CHARSET = StandardCharsets.UTF_8;
    private static TicketValidationStrategy VALIDATION_STRATEGY = null;
    public static final String CALLBACK_URL = "CALLBACK_URL";

    private TicketValidationStrategy getTicketValidator() {
        if (VALIDATION_STRATEGY == null) {
            try {
                VALIDATION_STRATEGY = (TicketValidationStrategy) Class.forName(CASClientConfiguration.getConfiguration().getCasLoginStrategy()).newInstance();
            } catch (Throwable th) {
                logger.error("Problem instantiating ticket validation strategy, falling back to default strategy", th);
                VALIDATION_STRATEGY = new DefaultTicketValidationStrategy();
            }
        }
        return VALIDATION_STRATEGY;
    }

    @GET
    @Path("/{callback}")
    public Response returnFromCAS(@QueryParam("ticket") String str, @PathParam("callback") String str2, @Context HttpServletRequest httpServletRequest, @Context HttpServletResponse httpServletResponse) throws UnsupportedEncodingException, URISyntaxException {
        if (!CASClientConfiguration.getConfiguration().casEnabled().booleanValue()) {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        if (Strings.isNullOrEmpty(str)) {
            return Response.status(Response.Status.BAD_REQUEST).build();
        }
        Optional<String> filter = decode(str2).filter(PortalLoginServlet::validateCallback);
        if (!filter.isPresent()) {
            return Response.status(Response.Status.BAD_REQUEST).build();
        }
        String str3 = filter.get();
        try {
            String decode = URLDecoder.decode(httpServletRequest.getRequestURL().toString(), CHARSET.name());
            String str4 = (String) httpServletRequest.getSession(false).getAttribute(CALLBACK_URL);
            getTicketValidator().validateTicket(str, decode, httpServletRequest, httpServletResponse);
            if (str4 != null) {
                httpServletRequest.getSession(false).setAttribute(CALLBACK_URL, str4);
            }
            if (getCookie(httpServletRequest, "redirectToCas") == null) {
                Cookie cookie = new Cookie("redirectToCas", "true");
                cookie.setPath("/");
                cookie.setMaxAge(86400);
                httpServletResponse.addCookie(cookie);
            }
        } catch (TicketValidationException | AuthorizationException e) {
            logger.debug(e.getMessage(), e);
            str3 = str3 + (str3.contains("?") ? "&" : "?") + "login_failed=true";
        }
        return Response.status(Response.Status.FOUND).location(new URI(str3)).build();
    }

    private static Cookie getCookie(HttpServletRequest httpServletRequest, String str) {
        Cookie[] cookies = httpServletRequest.getCookies();
        Cookie cookie = null;
        if (cookies != null) {
            int length = cookies.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Cookie cookie2 = cookies[i];
                if (cookie2.getName().equals(str)) {
                    cookie = cookie2;
                    break;
                }
                i++;
            }
        }
        return cookie;
    }

    private static Optional<String> decode(String str) {
        try {
            return Optional.of(new String(Base64.getUrlDecoder().decode(str), CHARSET));
        } catch (IllegalArgumentException e) {
            return Optional.empty();
        }
    }
}
