package org.apache.shiro.spring.boot.cas.realm;

import java.util.Map;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.biz.realm.AbstractAuthorizingRealm;
import org.apache.shiro.spring.boot.ShiroCasProperties;
import org.apache.shiro.spring.boot.cas.token.CasToken;
import org.apache.shiro.spring.boot.utils.CasTicketValidatorUtils;
import org.apache.shiro.util.StringUtils;
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.jasig.cas.client.util.AssertionHolder;
import org.jasig.cas.client.validation.Assertion;
import org.jasig.cas.client.validation.TicketValidator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/shiro/spring/boot/cas/realm/CasStatefulAuthorizingRealm.class */
public class CasStatefulAuthorizingRealm extends AbstractAuthorizingRealm<String> {
    private static Logger log = LoggerFactory.getLogger(CasStatefulAuthorizingRealm.class);
    private TicketValidator ticketValidator;
    private ShiroCasProperties casProperties;

    public CasStatefulAuthorizingRealm(ShiroCasProperties shiroCasProperties) {
        setAuthenticationTokenClass(CasToken.class);
        setCasProperties(shiroCasProperties);
    }

    protected void onInit() {
        super.onInit();
        ensureTicketValidator();
    }

    protected TicketValidator ensureTicketValidator() {
        if (this.ticketValidator == null) {
            this.ticketValidator = CasTicketValidatorUtils.createTicketValidator(this.casProperties);
        }
        return this.ticketValidator;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        CasToken casToken = (CasToken) authenticationToken;
        if (authenticationToken == null) {
            return null;
        }
        String str = (String) casToken.getCredentials();
        Assertion assertion = AssertionHolder.getAssertion();
        if (assertion != null) {
            AttributePrincipal principal = assertion.getPrincipal();
            String name = principal.getName();
            Map<String, Object> attributes = principal.getAttributes();
            casToken.setUsername(name);
            casToken.setAttrs(attributes);
            String str2 = (String) attributes.get(this.casProperties.getRememberMeAttributeName());
            if (str2 != null && Boolean.parseBoolean(str2)) {
                casToken.setRememberMe(true);
            }
        } else if (StringUtils.hasText(str)) {
            try {
                AttributePrincipal principal2 = ensureTicketValidator().validate(str, this.casProperties.getServerName()).getPrincipal();
                String name2 = principal2.getName();
                log.debug("Validate ticket : {} in CAS server : {} to retrieve user : {}", new Object[]{str, this.casProperties.getCasServerUrlPrefix(), name2});
                Map<String, Object> attributes2 = principal2.getAttributes();
                casToken.setUsername(name2);
                casToken.setAttrs(attributes2);
                String str3 = (String) attributes2.get(this.casProperties.getRememberMeAttributeName());
                if (str3 != null && Boolean.parseBoolean(str3)) {
                    casToken.setRememberMe(true);
                }
            } catch (Exception e) {
                throw new AuthenticationException("Unable to validate ticket [" + str + "]", e);
            }
        }
        return super.doGetAuthenticationInfo(casToken);
    }

    public ShiroCasProperties getCasProperties() {
        return this.casProperties;
    }

    public void setCasProperties(ShiroCasProperties shiroCasProperties) {
        this.casProperties = shiroCasProperties;
    }
}
