package fi.vm.sade.javautils.http.auth;

import fi.vm.sade.javautils.cas.CasClient;
import org.apache.http.client.CookieStore;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.cookie.Cookie;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/java-http-0.5.0-SNAPSHOT.jar:fi/vm/sade/javautils/http/auth/CasAuthenticator.class */
public class CasAuthenticator implements Authenticator {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) CasAuthenticator.class);
    private static final String CAS_SECURITY_TICKET = "CasSecurityTicket";
    public static final String X_KUTSUKETJU_ALOITTAJA_KAYTTAJA_TUNNUS = "X-Kutsuketju.Aloittaja.KayttajaTunnus";
    public static final String X_PALVELUKUTSU_LAHETTAJA_KAYTTAJA_TUNNUS = "X-Palvelukutsu.Lahettaja.KayttajaTunnus";
    private String webCasUrl;
    private String username;
    private String password;
    private String casServiceUrl;
    private String casServiceSessionInitUrl;
    private boolean addSpringSecSuffix;
    private String sessionCookieName;
    private String serviceAsAUserTicket;
    private Cookie sessionCookieValue;

    /* loaded from: input_file:WEB-INF/lib/java-http-0.5.0-SNAPSHOT.jar:fi/vm/sade/javautils/http/auth/CasAuthenticator$Builder.class */
    public static class Builder {
        String webCasUrl;
        String username;
        String password;
        String casServiceUrl;
        String sessionCookieName;
        String casServiceSessionInitUrl;
        boolean addSpringSecSuffix = true;

        public Builder username(String str) {
            this.username = str;
            return this;
        }

        public Builder password(String str) {
            this.password = str;
            return this;
        }

        public Builder webCasUrl(String str) {
            this.webCasUrl = str;
            return this;
        }

        public Builder casServiceUrl(String str) {
            if (str != null) {
                str = str.replace("/j_spring_cas_security_check", "");
            }
            this.casServiceUrl = str;
            return this;
        }

        public Builder casServiceSessionInitUrl(String str) {
            this.casServiceSessionInitUrl = str;
            return this;
        }

        public Builder sessionCookieName(String str) {
            this.sessionCookieName = str;
            return this;
        }

        public Builder addSpringSecSuffix(boolean z) {
            this.addSpringSecSuffix = z;
            return this;
        }

        public CasAuthenticator build() {
            return new CasAuthenticator(this);
        }
    }

    public CasAuthenticator(Builder builder) {
        this.webCasUrl = builder.webCasUrl;
        this.casServiceUrl = builder.casServiceUrl;
        this.username = builder.username;
        this.password = builder.password;
        this.sessionCookieName = builder.sessionCookieName;
        this.casServiceSessionInitUrl = builder.casServiceSessionInitUrl;
        this.addSpringSecSuffix = builder.addSpringSecSuffix;
    }

    @Override // fi.vm.sade.javautils.http.auth.Authenticator
    public void clearSession() {
        this.serviceAsAUserTicket = null;
        this.sessionCookieValue = null;
    }

    @Override // fi.vm.sade.javautils.http.auth.Authenticator
    public synchronized boolean authenticate(HttpUriRequest httpUriRequest, CookieStore cookieStore) {
        if (this.serviceAsAUserTicket == null) {
            checkNotNull(getUsername(), "username");
            checkNotNull(getPassword(), "password");
            checkNotNull(getWebCasUrl(), "webCasUrl");
            checkNotNull(getCasServiceUrl(), "casService");
            this.serviceAsAUserTicket = obtainNewCasServiceAsAUserTicket();
            log.info("got new serviceAsAUser ticket, service: " + getCasServiceUrl() + ", ticket: " + getServiceAsAUserTicket());
        }
        if (this.sessionCookieName != null && this.sessionCookieValue == null) {
            this.sessionCookieValue = initCookieSessionToService(this.serviceAsAUserTicket);
            log.info("got new serviceSessionCookie, cookie: " + this.sessionCookieValue);
            cookieStore.addCookie(this.sessionCookieValue);
        }
        if (this.sessionCookieValue == null) {
            httpUriRequest.setHeader(CAS_SECURITY_TICKET, this.serviceAsAUserTicket);
        }
        setKayttajaHeaders(httpUriRequest, getUsername(), getUsername());
        log.debug("set serviceAsAUser ticket to header, service: " + getCasServiceUrl() + ", ticket: " + getServiceAsAUserTicket() + ", currentUser: " + getUsername() + ", callAsUser: " + getUsername());
        return true;
    }

    @Override // fi.vm.sade.javautils.http.auth.Authenticator
    public String getUrlPrefix() {
        return getCasServiceUrl();
    }

    private void checkNotNull(String str, String str2) {
        if (str == null) {
            throw new NullPointerException(String.format("CasAuthenticator.%s is null, and guess what, it shouldn't!", str2));
        }
    }

    private String obtainNewCasServiceAsAUserTicket() {
        return CasClient.getTicket(this.webCasUrl + "/v1/tickets", this.username, this.password, getCasServiceUrl(), this.addSpringSecSuffix);
    }

    private Cookie initCookieSessionToService(String str) {
        return CasClient.initServiceSession(this.casServiceSessionInitUrl, str, this.sessionCookieName);
    }

    private static void setKayttajaHeaders(HttpUriRequest httpUriRequest, String str, String str2) {
        httpUriRequest.setHeader("X-Kutsuketju.Aloittaja.KayttajaTunnus", str);
        httpUriRequest.setHeader("X-Palvelukutsu.Lahettaja.KayttajaTunnus", str2);
    }

    public String getWebCasUrl() {
        return this.webCasUrl;
    }

    public String getUsername() {
        return this.username;
    }

    public String getPassword() {
        return this.password;
    }

    public String getCasServiceUrl() {
        return this.casServiceUrl;
    }

    public String getCasServiceSessionInitUrl() {
        return this.casServiceSessionInitUrl;
    }

    public boolean isAddSpringSecSuffix() {
        return this.addSpringSecSuffix;
    }

    public String getSessionCookieName() {
        return this.sessionCookieName;
    }

    public String getServiceAsAUserTicket() {
        return this.serviceAsAUserTicket;
    }

    public Cookie getSessionCookieValue() {
        return this.sessionCookieValue;
    }

    public void setWebCasUrl(String str) {
        this.webCasUrl = str;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public void setCasServiceUrl(String str) {
        this.casServiceUrl = str;
    }

    public void setCasServiceSessionInitUrl(String str) {
        this.casServiceSessionInitUrl = str;
    }

    public void setAddSpringSecSuffix(boolean z) {
        this.addSpringSecSuffix = z;
    }

    public void setSessionCookieName(String str) {
        this.sessionCookieName = str;
    }

    public void setServiceAsAUserTicket(String str) {
        this.serviceAsAUserTicket = str;
    }

    public void setSessionCookieValue(Cookie cookie) {
        this.sessionCookieValue = cookie;
    }
}
