package net.unicon.cas.mfa.web.flow;

import javax.validation.constraints.NotNull;
import net.unicon.cas.addons.authentication.AuthenticationSupport;
import net.unicon.cas.mfa.authentication.principal.MultiFactorCredentials;
import net.unicon.cas.mfa.web.flow.util.MultiFactorRequestContextUtils;
import org.jasig.cas.CentralAuthenticationService;
import org.jasig.cas.web.support.CookieRetrievingCookieGenerator;
import org.jasig.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.action.AbstractAction;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:WEB-INF/lib/cas-mfa-java-1.0.0-RC9.jar:net/unicon/cas/mfa/web/flow/SendTicketGrantingTicketAction.class */
public final class SendTicketGrantingTicketAction extends AbstractAction {

    @NotNull
    private CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator;

    @NotNull
    private CentralAuthenticationService centralAuthenticationService;
    private AuthenticationSupport authenticationSupport;
    private final Logger logger = LoggerFactory.getLogger(getClass());
    private boolean destroyPreviousSSOSession = true;

    @Override // org.springframework.webflow.action.AbstractAction
    protected Event doExecute(RequestContext requestContext) {
        MultiFactorCredentials mfaCredentials = MultiFactorRequestContextUtils.getMfaCredentials(requestContext);
        String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(requestContext);
        String str = (String) requestContext.getFlowScope().get(MultiFactorRequestContextUtils.CAS_TICKET_GRANTING_TICKET_ATTR_NAME);
        if (ticketGrantingTicketId == null) {
            return success();
        }
        this.ticketGrantingTicketCookieGenerator.addCookie(WebUtils.getHttpServletRequest(requestContext), WebUtils.getHttpServletResponse(requestContext), ticketGrantingTicketId);
        if ((mfaCredentials == null || this.destroyPreviousSSOSession) && str != null && !ticketGrantingTicketId.equals(str)) {
            this.logger.debug("Destroying the previous SSO session mapped to [{}] because, this is not an MFA request, or configuration dictated destroying the SSO session.", str);
            this.centralAuthenticationService.destroyTicketGrantingTicket(str);
        }
        return success();
    }

    public void setTicketGrantingTicketCookieGenerator(CookieRetrievingCookieGenerator cookieRetrievingCookieGenerator) {
        this.ticketGrantingTicketCookieGenerator = cookieRetrievingCookieGenerator;
    }

    public void setCentralAuthenticationService(CentralAuthenticationService centralAuthenticationService) {
        this.centralAuthenticationService = centralAuthenticationService;
    }

    public void setAuthenticationSupport(AuthenticationSupport authenticationSupport) {
        this.authenticationSupport = authenticationSupport;
    }

    public void setDestroyPreviousSSOSession(boolean z) {
        this.destroyPreviousSSOSession = z;
    }
}
