package org.jasig.cas.client.authentication;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.jasig.cas.client.Protocol;
import org.jasig.cas.client.configuration.ConfigurationKeys;
import org.jasig.cas.client.util.AbstractCasFilter;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.util.ReflectUtils;
import org.jasig.cas.client.validation.Assertion;

/* loaded from: input_file:WEB-INF/lib/cas-client-core-3.6.4.jar:org/jasig/cas/client/authentication/AuthenticationFilter.class */
public class AuthenticationFilter extends AbstractCasFilter {
    private String casServerLoginUrl;
    private boolean renew;
    private boolean gateway;
    private String method;
    private GatewayResolver gatewayStorage;
    private AuthenticationRedirectStrategy authenticationRedirectStrategy;
    private UrlPatternMatcherStrategy ignoreUrlPatternMatcherStrategyClass;
    private static final Map<String, Class<? extends UrlPatternMatcherStrategy>> PATTERN_MATCHER_TYPES = new HashMap();

    public AuthenticationFilter() {
        this(Protocol.CAS2);
    }

    protected AuthenticationFilter(Protocol protocol) {
        super(protocol);
        this.renew = false;
        this.gateway = false;
        this.gatewayStorage = new DefaultGatewayResolverImpl();
        this.authenticationRedirectStrategy = new DefaultAuthenticationRedirectStrategy();
        this.ignoreUrlPatternMatcherStrategyClass = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.jasig.cas.client.util.AbstractCasFilter
    public void initInternal(FilterConfig filterConfig) throws ServletException {
        if (isIgnoreInitConfiguration()) {
            return;
        }
        super.initInternal(filterConfig);
        String string = getString(ConfigurationKeys.CAS_SERVER_LOGIN_URL);
        if (string != null) {
            setCasServerLoginUrl(string);
        } else {
            setCasServerUrlPrefix(getString(ConfigurationKeys.CAS_SERVER_URL_PREFIX));
        }
        setRenew(getBoolean(ConfigurationKeys.RENEW));
        setGateway(getBoolean(ConfigurationKeys.GATEWAY));
        setMethod(getString(ConfigurationKeys.METHOD));
        String string2 = getString(ConfigurationKeys.IGNORE_PATTERN);
        String string3 = getString(ConfigurationKeys.IGNORE_URL_PATTERN_TYPE);
        if (string2 != null) {
            Class<? extends UrlPatternMatcherStrategy> cls = PATTERN_MATCHER_TYPES.get(string3);
            if (cls != null) {
                this.ignoreUrlPatternMatcherStrategyClass = (UrlPatternMatcherStrategy) ReflectUtils.newInstance(cls.getName(), new Object[0]);
            } else {
                try {
                    this.logger.trace("Assuming {} is a qualified class name...", string3);
                    this.ignoreUrlPatternMatcherStrategyClass = (UrlPatternMatcherStrategy) ReflectUtils.newInstance(string3, new Object[0]);
                } catch (IllegalArgumentException e) {
                    this.logger.error("Could not instantiate class [{}]", string3, e);
                }
            }
            if (this.ignoreUrlPatternMatcherStrategyClass != null) {
                this.ignoreUrlPatternMatcherStrategyClass.setPattern(string2);
            }
        }
        Class cls2 = getClass(ConfigurationKeys.GATEWAY_STORAGE_CLASS);
        if (cls2 != null) {
            setGatewayStorage((GatewayResolver) ReflectUtils.newInstance(cls2, new Object[0]));
        }
        Class cls3 = getClass(ConfigurationKeys.AUTHENTICATION_REDIRECT_STRATEGY_CLASS);
        if (cls3 != null) {
            this.authenticationRedirectStrategy = (AuthenticationRedirectStrategy) ReflectUtils.newInstance(cls3, new Object[0]);
        }
    }

    @Override // org.jasig.cas.client.util.AbstractCasFilter
    public void init() {
        super.init();
        CommonUtils.assertNotNull(this.casServerLoginUrl, String.format("one of %s and %s must not be null.", ConfigurationKeys.CAS_SERVER_LOGIN_URL.getName(), ConfigurationKeys.CAS_SERVER_URL_PREFIX.getName()));
    }

    public final void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String str;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (isRequestUrlExcluded(httpServletRequest)) {
            this.logger.debug("Request is ignored.");
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        HttpSession session = httpServletRequest.getSession(false);
        if ((session != null ? (Assertion) session.getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION) : null) != null) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        String constructServiceUrl = constructServiceUrl(httpServletRequest, httpServletResponse);
        String retrieveTicketFromRequest = retrieveTicketFromRequest(httpServletRequest);
        boolean z = this.gateway && this.gatewayStorage.hasGatewayedAlready(httpServletRequest, constructServiceUrl);
        if (CommonUtils.isNotBlank(retrieveTicketFromRequest) || z) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        this.logger.debug("no ticket and no assertion found");
        if (this.gateway) {
            this.logger.debug("setting gateway attribute in session");
            str = this.gatewayStorage.storeGatewayInformation(httpServletRequest, constructServiceUrl);
        } else {
            str = constructServiceUrl;
        }
        this.logger.debug("Constructed service url: {}", str);
        String constructRedirectUrl = CommonUtils.constructRedirectUrl(this.casServerLoginUrl, getProtocol().getServiceParameterName(), str, this.renew, this.gateway, this.method);
        this.logger.debug("redirecting to \"{}\"", constructRedirectUrl);
        this.authenticationRedirectStrategy.redirect(httpServletRequest, httpServletResponse, constructRedirectUrl);
    }

    public final void setRenew(boolean z) {
        this.renew = z;
    }

    public final void setGateway(boolean z) {
        this.gateway = z;
    }

    public void setMethod(String str) {
        this.method = str;
    }

    public final void setCasServerUrlPrefix(String str) {
        setCasServerLoginUrl(CommonUtils.addTrailingSlash(str) + "login");
    }

    public final void setCasServerLoginUrl(String str) {
        this.casServerLoginUrl = str;
    }

    public final void setGatewayStorage(GatewayResolver gatewayResolver) {
        this.gatewayStorage = gatewayResolver;
    }

    private boolean isRequestUrlExcluded(HttpServletRequest httpServletRequest) {
        if (this.ignoreUrlPatternMatcherStrategyClass == null) {
            return false;
        }
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        if (httpServletRequest.getQueryString() != null) {
            requestURL.append("?").append(httpServletRequest.getQueryString());
        }
        return this.ignoreUrlPatternMatcherStrategyClass.matches(requestURL.toString());
    }

    public final void setIgnoreUrlPatternMatcherStrategyClass(UrlPatternMatcherStrategy urlPatternMatcherStrategy) {
        this.ignoreUrlPatternMatcherStrategyClass = urlPatternMatcherStrategy;
    }

    static {
        PATTERN_MATCHER_TYPES.put("CONTAINS", ContainsPatternUrlPatternMatcherStrategy.class);
        PATTERN_MATCHER_TYPES.put("REGEX", RegexUrlPatternMatcherStrategy.class);
        PATTERN_MATCHER_TYPES.put("FULL_REGEX", EntireRegionRegexUrlPatternMatcherStrategy.class);
        PATTERN_MATCHER_TYPES.put("EXACT", ExactUrlPatternMatcherStrategy.class);
    }
}
