package net.gbicc.cloud.shiro.cas;

import java.util.Map;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheException;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.cas.CasAuthenticationException;
import org.apache.shiro.cas.CasToken;
import org.apache.shiro.realm.AuthenticatingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.apache.shiro.util.CollectionUtils;
import org.apache.shiro.util.StringUtils;
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.jasig.cas.client.validation.Saml11TicketValidator;
import org.jasig.cas.client.validation.TicketValidationException;
import org.jasig.cas.client.validation.TicketValidator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:net/gbicc/cloud/shiro/cas/SimpleCasRealm.class */
public class SimpleCasRealm extends AuthenticatingRealm {

    @Autowired
    private CacheManager a;
    private static final Logger b = LoggerFactory.getLogger(SimpleCasRealm.class);
    public static final String DEFAULT_REMEMBER_ME_ATTRIBUTE_NAME = "longTermAuthenticationRequestTokenUsed";
    public static final String DEFAULT_VALIDATION_PROTOCOL = "CAS";
    private String c;
    private String d;
    private String e = "CAS";
    private String f = "longTermAuthenticationRequestTokenUsed";
    private TicketValidator g;

    public SimpleCasRealm() {
        setAuthenticationTokenClass(CasToken.class);
        setCacheManager(this.a);
    }

    protected void onInit() {
        super.onInit();
        ensureTicketValidator();
    }

    protected TicketValidator ensureTicketValidator() {
        if (this.g == null) {
            this.g = createTicketValidator();
        }
        return this.g;
    }

    protected TicketValidator createTicketValidator() {
        String casServerUrlPrefix = getCasServerUrlPrefix();
        return "saml".equalsIgnoreCase(getValidationProtocol()) ? new Saml11TicketValidator(casServerUrlPrefix) : new Cas20ServiceTicketValidator(casServerUrlPrefix);
    }

    public String getCasServerUrlPrefix() {
        return this.c;
    }

    public void setCasServerUrlPrefix(String str) {
        this.c = str;
    }

    public String getCasService() {
        return this.d;
    }

    public void setCasService(String str) {
        this.d = str;
    }

    public String getValidationProtocol() {
        return this.e;
    }

    public void setValidationProtocol(String str) {
        this.e = str;
    }

    public String getRememberMeAttributeName() {
        return this.f;
    }

    public void setRememberMeAttributeName(String str) {
        this.f = str;
    }

    public boolean supports(AuthenticationToken authenticationToken) {
        if (authenticationToken instanceof CasToken) {
            return ((CasToken) authenticationToken).getCredentials() != null ? true : true;
        }
        return false;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        CasToken casToken = (CasToken) authenticationToken;
        if (authenticationToken == null) {
            return null;
        }
        String str = (String) casToken.getCredentials();
        if (!StringUtils.hasText(str)) {
            return null;
        }
        try {
            AttributePrincipal principal = ensureTicketValidator().validate(str, getCasService()).getPrincipal();
            String name = principal.getName();
            b.debug("Validate ticket : {} in CAS server : {} to retrieve user : {}", new Object[]{str, getCasServerUrlPrefix(), name});
            Map attributes = principal.getAttributes();
            casToken.setUserId(name);
            String str2 = (String) attributes.get(getRememberMeAttributeName());
            if (str2 != null && Boolean.parseBoolean(str2)) {
                casToken.setRememberMe(true);
            }
            return new SimpleAuthenticationInfo(new SimplePrincipalCollection(CollectionUtils.asList(new Object[]{name, attributes}), getName()), str);
        } catch (TicketValidationException e) {
            throw new CasAuthenticationException("Unable to validate ticket [" + str + "]", e);
        }
    }

    protected void doClearCache(PrincipalCollection principalCollection) {
        Object primaryPrincipal = principalCollection.getPrimaryPrincipal();
        try {
            getCache().remove(primaryPrincipal);
            b.debug(new StringBuffer().append(primaryPrincipal).append(" on logout to remove the cache [").append(primaryPrincipal).append("]").toString());
        } catch (CacheException e) {
            b.error(e.getMessage());
        }
    }

    protected Cache<Object, Object> getCache() throws CacheException {
        return this.a.getCache("encache-cas");
    }

    public CacheManager getCacheManager() {
        return this.a;
    }

    public void setCacheManager(CacheManager cacheManager) {
        this.a = cacheManager;
    }
}
