package org.acegisecurity.providers.cas;

import org.acegisecurity.AcegiMessageSource;
import org.acegisecurity.Authentication;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.BadCredentialsException;
import org.acegisecurity.providers.AuthenticationProvider;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.acegisecurity.ui.cas.CasProcessingFilter;
import org.acegisecurity.userdetails.UserDetails;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.MessageSource;
import org.springframework.context.MessageSourceAware;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.util.Assert;

/* loaded from: input_file:acegi-security-1.0.1.jar:org/acegisecurity/providers/cas/CasAuthenticationProvider.class */
public class CasAuthenticationProvider implements AuthenticationProvider, InitializingBean, MessageSourceAware {
    private static final Log logger;
    private CasAuthoritiesPopulator casAuthoritiesPopulator;
    private CasProxyDecider casProxyDecider;
    protected MessageSourceAccessor messages = AcegiMessageSource.getAccessor();
    private StatelessTicketCache statelessTicketCache;
    private String key;
    private TicketValidator ticketValidator;
    static Class class$org$acegisecurity$providers$cas$CasAuthenticationProvider;
    static Class class$org$acegisecurity$providers$UsernamePasswordAuthenticationToken;
    static Class class$org$acegisecurity$providers$cas$CasAuthenticationToken;

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.casAuthoritiesPopulator, "A casAuthoritiesPopulator must be set");
        Assert.notNull(this.ticketValidator, "A ticketValidator must be set");
        Assert.notNull(this.casProxyDecider, "A casProxyDecider must be set");
        Assert.notNull(this.statelessTicketCache, "A statelessTicketCache must be set");
        Assert.notNull(this.key, "A Key is required so CasAuthenticationProvider can identify tokens it previously authenticated");
        Assert.notNull(this.messages, "A message source must be set");
    }

    @Override // org.acegisecurity.providers.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (!supports(authentication.getClass())) {
            return null;
        }
        if ((authentication instanceof UsernamePasswordAuthenticationToken) && !CasProcessingFilter.CAS_STATEFUL_IDENTIFIER.equals(authentication.getPrincipal().toString()) && !CasProcessingFilter.CAS_STATELESS_IDENTIFIER.equals(authentication.getPrincipal().toString())) {
            return null;
        }
        if (authentication instanceof CasAuthenticationToken) {
            if (this.key.hashCode() == ((CasAuthenticationToken) authentication).getKeyHash()) {
                return authentication;
            }
            throw new BadCredentialsException(this.messages.getMessage("CasAuthenticationProvider.incorrectKey", "The presented CasAuthenticationToken does not contain the expected key"));
        }
        if (authentication.getCredentials() == null || "".equals(authentication.getCredentials())) {
            throw new BadCredentialsException(this.messages.getMessage("CasAuthenticationProvider.noServiceTicket", "Failed to provide a CAS service ticket to validate"));
        }
        boolean z = false;
        if ((authentication instanceof UsernamePasswordAuthenticationToken) && CasProcessingFilter.CAS_STATELESS_IDENTIFIER.equals(authentication.getPrincipal())) {
            z = true;
        }
        CasAuthenticationToken casAuthenticationToken = null;
        if (z) {
            casAuthenticationToken = this.statelessTicketCache.getByTicketId(authentication.getCredentials().toString());
        }
        if (casAuthenticationToken == null) {
            casAuthenticationToken = authenticateNow(authentication);
        }
        if (z) {
            this.statelessTicketCache.putTicketInCache(casAuthenticationToken);
        }
        return casAuthenticationToken;
    }

    private CasAuthenticationToken authenticateNow(Authentication authentication) throws AuthenticationException {
        TicketResponse confirmTicketValid = this.ticketValidator.confirmTicketValid(authentication.getCredentials().toString());
        this.casProxyDecider.confirmProxyListTrusted(confirmTicketValid.getProxyList());
        UserDetails userDetails = this.casAuthoritiesPopulator.getUserDetails(confirmTicketValid.getUser());
        return new CasAuthenticationToken(this.key, userDetails, authentication.getCredentials(), userDetails.getAuthorities(), userDetails, confirmTicketValid.getProxyList(), confirmTicketValid.getProxyGrantingTicketIou());
    }

    public CasAuthoritiesPopulator getCasAuthoritiesPopulator() {
        return this.casAuthoritiesPopulator;
    }

    public CasProxyDecider getCasProxyDecider() {
        return this.casProxyDecider;
    }

    public String getKey() {
        return this.key;
    }

    public StatelessTicketCache getStatelessTicketCache() {
        return this.statelessTicketCache;
    }

    public TicketValidator getTicketValidator() {
        return this.ticketValidator;
    }

    public void setCasAuthoritiesPopulator(CasAuthoritiesPopulator casAuthoritiesPopulator) {
        this.casAuthoritiesPopulator = casAuthoritiesPopulator;
    }

    public void setCasProxyDecider(CasProxyDecider casProxyDecider) {
        this.casProxyDecider = casProxyDecider;
    }

    public void setKey(String str) {
        this.key = str;
    }

    @Override // org.springframework.context.MessageSourceAware
    public void setMessageSource(MessageSource messageSource) {
        this.messages = new MessageSourceAccessor(messageSource);
    }

    public void setStatelessTicketCache(StatelessTicketCache statelessTicketCache) {
        this.statelessTicketCache = statelessTicketCache;
    }

    public void setTicketValidator(TicketValidator ticketValidator) {
        this.ticketValidator = ticketValidator;
    }

    @Override // org.acegisecurity.providers.AuthenticationProvider
    public boolean supports(Class cls) {
        Class cls2;
        Class cls3;
        if (class$org$acegisecurity$providers$UsernamePasswordAuthenticationToken == null) {
            cls2 = class$("org.acegisecurity.providers.UsernamePasswordAuthenticationToken");
            class$org$acegisecurity$providers$UsernamePasswordAuthenticationToken = cls2;
        } else {
            cls2 = class$org$acegisecurity$providers$UsernamePasswordAuthenticationToken;
        }
        if (cls2.isAssignableFrom(cls)) {
            return true;
        }
        if (class$org$acegisecurity$providers$cas$CasAuthenticationToken == null) {
            cls3 = class$("org.acegisecurity.providers.cas.CasAuthenticationToken");
            class$org$acegisecurity$providers$cas$CasAuthenticationToken = cls3;
        } else {
            cls3 = class$org$acegisecurity$providers$cas$CasAuthenticationToken;
        }
        return cls3.isAssignableFrom(cls);
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$acegisecurity$providers$cas$CasAuthenticationProvider == null) {
            cls = class$("org.acegisecurity.providers.cas.CasAuthenticationProvider");
            class$org$acegisecurity$providers$cas$CasAuthenticationProvider = cls;
        } else {
            cls = class$org$acegisecurity$providers$cas$CasAuthenticationProvider;
        }
        logger = LogFactory.getLog(cls);
    }
}
