package fi.vm.sade.javautils.cas;

import fi.vm.sade.javautils.httpclient.OphHttpClient;
import fi.vm.sade.javautils.httpclient.OphHttpResponse;
import fi.vm.sade.javautils.httpclient.OphRequestParameters;
import fi.vm.sade.javautils.httpclient.apache.ApacheOphHttpClient;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.apache.http.cookie.Cookie;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/* loaded from: input_file:WEB-INF/lib/java-cas-0.5.0-SNAPSHOT.jar:fi/vm/sade/javautils/cas/CasClient.class */
public final class CasClient {
    public static final String CAS_URL_SUFFIX = "/v1/tickets";
    public static final String SERVICE_URL_SUFFIX = "/j_spring_cas_security_check";
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) CasClient.class);

    private CasClient() {
    }

    public static String getTicket(String str, String str2, String str3, String str4) {
        return getTicket(str, str2, str3, str4, true);
    }

    public static String getTicket(String str, String str2, String str3, String str4, boolean z) {
        logger.debug("getTicket for server:{}, username:{}, service::{} ", str, str2, str4);
        notNull(str, "server must not be null");
        notNull(str2, "username must not be null");
        notNull(str3, "password must not be null");
        notNull(str4, "service must not be null");
        String checkUrl = checkUrl(str, CAS_URL_SUFFIX);
        if (z) {
            str4 = checkUrl(str4, SERVICE_URL_SUFFIX);
        }
        OphHttpClient ophHttpClient = new OphHttpClient(ApacheOphHttpClient.createCustomBuilder().createClosableClient().setDefaultConfiguration(10000, 60L).build(), "CasClient");
        Throwable th = null;
        try {
            try {
                String serviceTicket = getServiceTicket(checkUrl, str2, str3, str4, ophHttpClient);
                if (ophHttpClient != null) {
                    if (0 != 0) {
                        try {
                            ophHttpClient.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        ophHttpClient.close();
                    }
                }
                return serviceTicket;
            } finally {
            }
        } catch (Throwable th3) {
            if (ophHttpClient != null) {
                if (th != null) {
                    try {
                        ophHttpClient.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    ophHttpClient.close();
                }
            }
            throw th3;
        }
    }

    public static Cookie initServiceSession(String str, String str2, String str3) {
        ApacheOphHttpClient build = ApacheOphHttpClient.createCustomBuilder().createClosableClient().setDefaultConfiguration(10000, 60L).build();
        OphHttpClient ophHttpClient = new OphHttpClient(build, "CasClient");
        Throwable th = null;
        try {
            try {
                Cookie cookie = (Cookie) ophHttpClient.get(str + "?ticket=" + str2, new Object[0]).skipResponseAssertions().execute(ophHttpResponse -> {
                    for (Cookie cookie2 : build.getCookieStore().getCookies()) {
                        if (str3.equals(cookie2.getName())) {
                            return cookie2;
                        }
                    }
                    throw new RuntimeException("failed to init session to target service, response code: " + ophHttpResponse.getStatusCode() + ", casServiceSessionInitUrl: " + str + ", serviceTicket: " + str2);
                });
                if (ophHttpClient != null) {
                    if (0 != 0) {
                        try {
                            ophHttpClient.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        ophHttpClient.close();
                    }
                }
                return cookie;
            } finally {
            }
        } catch (Throwable th3) {
            if (ophHttpClient != null) {
                if (th != null) {
                    try {
                        ophHttpClient.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    ophHttpClient.close();
                }
            }
            throw th3;
        }
    }

    private static String getServiceTicket(String str, String str2, String str3, String str4, OphHttpClient ophHttpClient) {
        String ticketGrantingTicket = getTicketGrantingTicket(str, str2, str3, ophHttpClient);
        logger.debug("getServiceTicket: server:'{}', ticketGrantingTicket:'{}', service:'{}'", str, ticketGrantingTicket, str4);
        try {
            return (String) ophHttpClient.post(str + "/" + ticketGrantingTicket, new Object[0]).dataWriter("application/x-www-form-urlencoded", "UTF-8", writer -> {
                OphHttpClient.formUrlEncodedWriter(writer).param("service", str4);
            }).skipResponseAssertions().execute(ophHttpResponse -> {
                String asText = ophHttpResponse.asText();
                printTraceResponse(ophHttpResponse, asText);
                switch (ophHttpResponse.getStatusCode()) {
                    case 200:
                        logger.debug("serviceTicket found: {}", asText);
                        return asText;
                    default:
                        logger.warn("Invalid response code ({}) from CAS server!", Integer.valueOf(ophHttpResponse.getStatusCode()));
                        logger.info("Response (1k): " + asText.substring(0, Math.min(1024, asText.length())));
                        throw new RuntimeException("failed to get CAS service ticket, response code: " + ophHttpResponse.getStatusCode() + ", server: " + str + ", tgt: " + ticketGrantingTicket + ", service: " + str4);
                }
            });
        } catch (Exception e) {
            throw new RuntimeException("failed to get CAS service ticket, server: " + str + ", tgt: " + ticketGrantingTicket + ", service: " + str4 + ", cause: " + e, e);
        }
    }

    private static String getTicketGrantingTicket(String str, String str2, String str3, OphHttpClient ophHttpClient) {
        logger.debug("getTicketGrantingTicket: server:'{}', user:'{}'", str, str2);
        try {
            return (String) ophHttpClient.post(str, new Object[0]).dataWriter("application/x-www-form-urlencoded", "UTF-8", writer -> {
                OphHttpClient.formUrlEncodedWriter(writer).param("username", str2).param(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, str3);
            }).skipResponseAssertions().execute(ophHttpResponse -> {
                switch (ophHttpResponse.getStatusCode()) {
                    case 201:
                        List<String> headerValues = ophHttpResponse.getHeaderValues("Location");
                        logger.debug("locationHeader: " + headerValues);
                        printTraceResponse(ophHttpResponse, ophHttpResponse.asText());
                        if (headerValues == null || headerValues.size() != 1) {
                            throw new RuntimeException("Successful ticket granting request, but no ticket found! server: " + str + ", user: " + str2);
                        }
                        String substringAfterLast = StringUtils.substringAfterLast(headerValues.get(0), "/");
                        logger.debug("-> ticket: " + substringAfterLast);
                        return substringAfterLast;
                    default:
                        throw new RuntimeException("Invalid response code from CAS server: " + ophHttpResponse.getStatusCode() + ", server: " + str + ", user: " + str2);
                }
            });
        } catch (Exception e) {
            throw new RuntimeException("error getting TGT, server: " + str + ", user: " + str2 + ", exception: " + e, e);
        }
    }

    private static void notNull(Object obj, String str) {
        if (obj == null) {
            throw new IllegalArgumentException(str);
        }
    }

    private static String checkUrl(String str, String str2) {
        logger.debug("url: " + str);
        String trim = str.trim();
        String substring = trim.endsWith("/") ? trim.substring(0, trim.length() - 1) : trim;
        if (!substring.endsWith(str2)) {
            substring = substring + str2;
        }
        logger.debug("-> fixed url: " + substring);
        return substring;
    }

    private static void printTraceResponse(OphHttpResponse ophHttpResponse, String str) {
        if (logger.isTraceEnabled()) {
            OphRequestParameters requestParameters = ophHttpResponse.getRequestParameters();
            logger.debug("\n<cas-http-response>");
            logger.debug("Status : " + ophHttpResponse.getStatusCode());
            logger.debug("URI: " + requestParameters.url);
            logger.debug("Request Headers: " + requestParameters.headers.size());
            for (String str2 : requestParameters.headers.keySet()) {
                Iterator it = ((List) requestParameters.headers.get(str2)).iterator();
                while (it.hasNext()) {
                    logger.debug("  " + str2 + " = " + ((String) it.next()));
                }
            }
            logger.debug("Response Path: " + requestParameters.url);
            logger.debug("Response Headers: " + ophHttpResponse.getHeaderKeys().size());
            for (String str3 : ophHttpResponse.getHeaderKeys()) {
                Iterator<String> it2 = ophHttpResponse.getHeaderValues(str3).iterator();
                while (it2.hasNext()) {
                    logger.debug("  " + str3 + " = " + it2.next());
                }
            }
            logger.debug("Response Text: ");
            logger.debug(str);
            logger.debug("</cas-http-response>\n");
        }
    }
}
