package org.pac4j.cas.config;

import java.nio.charset.StandardCharsets;
import java.security.PrivateKey;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.jasig.cas.client.util.PrivateKeyUtils;
import org.jasig.cas.client.validation.Cas10TicketValidator;
import org.jasig.cas.client.validation.Cas20ProxyTicketValidator;
import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
import org.jasig.cas.client.validation.Cas30ProxyTicketValidator;
import org.jasig.cas.client.validation.Cas30ServiceTicketValidator;
import org.jasig.cas.client.validation.ProxyList;
import org.jasig.cas.client.validation.Saml11TicketValidator;
import org.jasig.cas.client.validation.TicketValidator;
import org.pac4j.cas.client.CasProxyReceptor;
import org.pac4j.cas.store.ProxyGrantingTicketStore;
import org.pac4j.core.client.config.BaseClientConfiguration;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.http.url.DefaultUrlResolver;
import org.pac4j.core.http.url.UrlResolver;
import org.pac4j.core.logout.handler.DefaultLogoutHandler;
import org.pac4j.core.logout.handler.LogoutHandler;
import org.pac4j.core.util.CommonHelper;

/* loaded from: input_file:WEB-INF/lib/pac4j-cas-4.5.0.jar:org/pac4j/cas/config/CasConfiguration.class */
public class CasConfiguration extends BaseClientConfiguration {
    public static final String TICKET_PARAMETER = "ticket";
    public static final String SERVICE_PARAMETER = "service";
    public static final String LOGOUT_REQUEST_PARAMETER = "logoutRequest";
    public static final String SESSION_INDEX_TAG = "SessionIndex";
    public static final String RELAY_STATE_PARAMETER = "RelayState";
    private String encoding;
    private String loginUrl;
    private String prefixUrl;
    private String restUrl;
    private long timeTolerance;
    private CasProtocol protocol;
    private boolean renew;
    private boolean gateway;
    private boolean acceptAnyProxy;
    private ProxyList allowedProxyChains;
    private LogoutHandler logoutHandler;
    private TicketValidator defaultTicketValidator;
    private CasProxyReceptor proxyReceptor;
    private UrlResolver urlResolver;
    private String postLogoutUrlParameter;
    private Map<String, String> customParams;
    private String method;
    private String privateKeyPath;
    private String privateKeyAlgorithm;
    private PrivateKey privateKey;

    public CasConfiguration() {
        this.encoding = StandardCharsets.UTF_8.name();
        this.timeTolerance = 1000L;
        this.protocol = CasProtocol.CAS30;
        this.renew = false;
        this.gateway = false;
        this.acceptAnyProxy = false;
        this.allowedProxyChains = new ProxyList();
        this.postLogoutUrlParameter = "service";
        this.customParams = new HashMap();
    }

    public CasConfiguration(String str) {
        this.encoding = StandardCharsets.UTF_8.name();
        this.timeTolerance = 1000L;
        this.protocol = CasProtocol.CAS30;
        this.renew = false;
        this.gateway = false;
        this.acceptAnyProxy = false;
        this.allowedProxyChains = new ProxyList();
        this.postLogoutUrlParameter = "service";
        this.customParams = new HashMap();
        this.loginUrl = str;
    }

    public CasConfiguration(String str, CasProtocol casProtocol) {
        this.encoding = StandardCharsets.UTF_8.name();
        this.timeTolerance = 1000L;
        this.protocol = CasProtocol.CAS30;
        this.renew = false;
        this.gateway = false;
        this.acceptAnyProxy = false;
        this.allowedProxyChains = new ProxyList();
        this.postLogoutUrlParameter = "service";
        this.customParams = new HashMap();
        this.loginUrl = str;
        this.protocol = casProtocol;
    }

    public CasConfiguration(String str, String str2) {
        this.encoding = StandardCharsets.UTF_8.name();
        this.timeTolerance = 1000L;
        this.protocol = CasProtocol.CAS30;
        this.renew = false;
        this.gateway = false;
        this.acceptAnyProxy = false;
        this.allowedProxyChains = new ProxyList();
        this.postLogoutUrlParameter = "service";
        this.customParams = new HashMap();
        this.loginUrl = str;
        this.prefixUrl = str2;
    }

    @Override // org.pac4j.core.util.InitializableObject
    protected void internalInit() {
        if (CommonHelper.isBlank(this.loginUrl) && CommonHelper.isBlank(this.prefixUrl) && CommonHelper.isBlank(this.restUrl)) {
            throw new TechnicalException("loginUrl, prefixUrl and restUrl cannot be all blank");
        }
        if (this.urlResolver == null) {
            this.urlResolver = new DefaultUrlResolver();
        }
        initializeClientConfiguration();
        initializeLogoutHandler();
        if (this.privateKeyPath != null) {
            this.privateKey = PrivateKeyUtils.createKey(this.privateKeyPath, this.privateKeyAlgorithm != null ? this.privateKeyAlgorithm : "RSA");
        }
    }

    protected void initializeClientConfiguration() {
        if (this.prefixUrl != null && !this.prefixUrl.endsWith("/")) {
            this.prefixUrl += "/";
        }
        if (CommonHelper.isBlank(this.prefixUrl)) {
            this.prefixUrl = this.loginUrl.replaceFirst("/login$", "/");
        } else if (CommonHelper.isBlank(this.loginUrl)) {
            this.loginUrl = this.prefixUrl + "login";
        }
        if (CommonHelper.isBlank(this.restUrl)) {
            this.restUrl = this.prefixUrl;
            if (!this.restUrl.endsWith("/")) {
                this.restUrl += "/";
            }
            this.restUrl += "v1/tickets";
        }
    }

    protected void initializeLogoutHandler() {
        if (this.logoutHandler == null) {
            this.logoutHandler = new DefaultLogoutHandler();
        }
    }

    public TicketValidator retrieveTicketValidator(WebContext webContext) {
        if (this.defaultTicketValidator != null) {
            return this.defaultTicketValidator;
        }
        if (this.protocol == CasProtocol.CAS10) {
            return buildCas10TicketValidator(webContext);
        }
        if (this.protocol == CasProtocol.CAS20) {
            return buildCas20TicketValidator(webContext);
        }
        if (this.protocol == CasProtocol.CAS20_PROXY) {
            return buildCas20ProxyTicketValidator(webContext);
        }
        if (this.protocol == CasProtocol.CAS30) {
            return buildCas30TicketValidator(webContext);
        }
        if (this.protocol == CasProtocol.CAS30_PROXY) {
            return buildCas30ProxyTicketValidator(webContext);
        }
        if (this.protocol == CasProtocol.SAML) {
            return buildSAMLTicketValidator(webContext);
        }
        throw new TechnicalException("Unable to initialize the TicketValidator for protocol: " + this.protocol);
    }

    protected TicketValidator buildSAMLTicketValidator(WebContext webContext) {
        Saml11TicketValidator saml11TicketValidator = new Saml11TicketValidator(computeFinalPrefixUrl(webContext));
        saml11TicketValidator.setTolerance(getTimeTolerance());
        saml11TicketValidator.setEncoding(this.encoding);
        saml11TicketValidator.setRenew(this.renew);
        return saml11TicketValidator;
    }

    protected void addPrivateKey(Cas20ServiceTicketValidator cas20ServiceTicketValidator) {
        if (this.privateKey != null) {
            cas20ServiceTicketValidator.setPrivateKey(this.privateKey);
        }
    }

    protected TicketValidator buildCas30ProxyTicketValidator(WebContext webContext) {
        Cas30ProxyTicketValidator cas30ProxyTicketValidator = new Cas30ProxyTicketValidator(computeFinalPrefixUrl(webContext));
        cas30ProxyTicketValidator.setEncoding(this.encoding);
        cas30ProxyTicketValidator.setRenew(this.renew);
        cas30ProxyTicketValidator.setAcceptAnyProxy(this.acceptAnyProxy);
        cas30ProxyTicketValidator.setAllowedProxyChains(this.allowedProxyChains);
        if (this.proxyReceptor != null) {
            cas30ProxyTicketValidator.setProxyCallbackUrl(this.proxyReceptor.computeFinalCallbackUrl(webContext));
            cas30ProxyTicketValidator.setProxyGrantingTicketStorage(new ProxyGrantingTicketStore(this.proxyReceptor.getStore()));
        }
        addPrivateKey(cas30ProxyTicketValidator);
        return cas30ProxyTicketValidator;
    }

    protected TicketValidator buildCas30TicketValidator(WebContext webContext) {
        Cas30ServiceTicketValidator cas30ServiceTicketValidator = new Cas30ServiceTicketValidator(computeFinalPrefixUrl(webContext));
        cas30ServiceTicketValidator.setEncoding(this.encoding);
        cas30ServiceTicketValidator.setRenew(this.renew);
        if (this.proxyReceptor != null) {
            cas30ServiceTicketValidator.setProxyCallbackUrl(this.proxyReceptor.computeFinalCallbackUrl(webContext));
            cas30ServiceTicketValidator.setProxyGrantingTicketStorage(new ProxyGrantingTicketStore(this.proxyReceptor.getStore()));
        }
        addPrivateKey(cas30ServiceTicketValidator);
        return cas30ServiceTicketValidator;
    }

    protected TicketValidator buildCas20ProxyTicketValidator(WebContext webContext) {
        Cas20ProxyTicketValidator cas20ProxyTicketValidator = new Cas20ProxyTicketValidator(computeFinalPrefixUrl(webContext));
        cas20ProxyTicketValidator.setEncoding(this.encoding);
        cas20ProxyTicketValidator.setRenew(this.renew);
        cas20ProxyTicketValidator.setAcceptAnyProxy(this.acceptAnyProxy);
        cas20ProxyTicketValidator.setAllowedProxyChains(this.allowedProxyChains);
        if (this.proxyReceptor != null) {
            cas20ProxyTicketValidator.setProxyCallbackUrl(this.proxyReceptor.computeFinalCallbackUrl(webContext));
            cas20ProxyTicketValidator.setProxyGrantingTicketStorage(new ProxyGrantingTicketStore(this.proxyReceptor.getStore()));
        }
        addPrivateKey(cas20ProxyTicketValidator);
        return cas20ProxyTicketValidator;
    }

    protected TicketValidator buildCas20TicketValidator(WebContext webContext) {
        Cas20ServiceTicketValidator cas20ServiceTicketValidator = new Cas20ServiceTicketValidator(computeFinalPrefixUrl(webContext));
        cas20ServiceTicketValidator.setEncoding(this.encoding);
        cas20ServiceTicketValidator.setRenew(this.renew);
        if (this.proxyReceptor != null) {
            cas20ServiceTicketValidator.setProxyCallbackUrl(this.proxyReceptor.computeFinalCallbackUrl(webContext));
            cas20ServiceTicketValidator.setProxyGrantingTicketStorage(new ProxyGrantingTicketStore(this.proxyReceptor.getStore()));
        }
        addPrivateKey(cas20ServiceTicketValidator);
        return cas20ServiceTicketValidator;
    }

    protected TicketValidator buildCas10TicketValidator(WebContext webContext) {
        Cas10TicketValidator cas10TicketValidator = new Cas10TicketValidator(computeFinalPrefixUrl(webContext));
        cas10TicketValidator.setEncoding(this.encoding);
        cas10TicketValidator.setRenew(this.renew);
        return cas10TicketValidator;
    }

    public String getEncoding() {
        return this.encoding;
    }

    public void setEncoding(String str) {
        this.encoding = str;
    }

    public String computeFinalLoginUrl(WebContext webContext) {
        init();
        return this.urlResolver.compute(this.loginUrl, webContext);
    }

    public String getLoginUrl() {
        return this.loginUrl;
    }

    public void setLoginUrl(String str) {
        this.loginUrl = str;
    }

    public String getPrefixUrl() {
        return this.prefixUrl;
    }

    public String computeFinalPrefixUrl(WebContext webContext) {
        init();
        return this.urlResolver.compute(this.prefixUrl, webContext);
    }

    public void setPrefixUrl(String str) {
        this.prefixUrl = str;
    }

    public Map<String, String> getCustomParams() {
        return this.customParams;
    }

    public void setCustomParams(Map<String, String> map) {
        this.customParams = map;
    }

    public long getTimeTolerance() {
        return this.timeTolerance;
    }

    public void setTimeTolerance(long j) {
        this.timeTolerance = j;
    }

    public CasProtocol getProtocol() {
        return this.protocol;
    }

    public void setProtocol(CasProtocol casProtocol) {
        this.protocol = casProtocol;
    }

    public boolean isRenew() {
        return this.renew;
    }

    public void setRenew(boolean z) {
        this.renew = z;
    }

    public boolean isGateway() {
        return this.gateway;
    }

    public void setGateway(boolean z) {
        this.gateway = z;
    }

    public boolean isAcceptAnyProxy() {
        return this.acceptAnyProxy;
    }

    public void setAcceptAnyProxy(boolean z) {
        this.acceptAnyProxy = z;
    }

    public ProxyList getAllowedProxyChains() {
        return this.allowedProxyChains;
    }

    public void setAllowedProxyChains(ProxyList proxyList) {
        this.allowedProxyChains = proxyList;
    }

    public void setAllowedProxies(List<String> list) {
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(new String[]{it.next()});
        }
        this.allowedProxyChains = new ProxyList(arrayList);
    }

    public LogoutHandler getLogoutHandler() {
        return this.logoutHandler;
    }

    public LogoutHandler findLogoutHandler() {
        init();
        return this.logoutHandler;
    }

    public void setLogoutHandler(LogoutHandler logoutHandler) {
        this.logoutHandler = logoutHandler;
    }

    public TicketValidator getDefaultTicketValidator() {
        return this.defaultTicketValidator;
    }

    public void setDefaultTicketValidator(TicketValidator ticketValidator) {
        this.defaultTicketValidator = ticketValidator;
    }

    public CasProxyReceptor getProxyReceptor() {
        return this.proxyReceptor;
    }

    public void setProxyReceptor(CasProxyReceptor casProxyReceptor) {
        this.proxyReceptor = casProxyReceptor;
    }

    public String getPostLogoutUrlParameter() {
        return this.postLogoutUrlParameter;
    }

    public void setPostLogoutUrlParameter(String str) {
        this.postLogoutUrlParameter = str;
    }

    public String getRestUrl() {
        return this.restUrl;
    }

    public void setRestUrl(String str) {
        this.restUrl = str;
    }

    public String computeFinalRestUrl(WebContext webContext) {
        init();
        return this.urlResolver.compute(this.restUrl, webContext);
    }

    public UrlResolver getUrlResolver() {
        return this.urlResolver;
    }

    public void setUrlResolver(UrlResolver urlResolver) {
        this.urlResolver = urlResolver;
    }

    public void addCustomParam(String str, String str2) {
        this.customParams.put(str, str2);
    }

    public String getMethod() {
        return this.method;
    }

    public void setMethod(String str) {
        this.method = str;
    }

    public String getPrivateKeyPath() {
        return this.privateKeyPath;
    }

    public void setPrivateKeyPath(String str) {
        this.privateKeyPath = str;
    }

    public String getPrivateKeyAlgorithm() {
        return this.privateKeyAlgorithm;
    }

    public void setPrivateKeyAlgorithm(String str) {
        this.privateKeyAlgorithm = str;
    }

    public String toString() {
        return CommonHelper.toNiceString(getClass(), "loginUrl", this.loginUrl, "prefixUrl", this.prefixUrl, "restUrl", this.restUrl, "protocol", this.protocol, "renew", Boolean.valueOf(this.renew), "gateway", Boolean.valueOf(this.gateway), "encoding", this.encoding, "logoutHandler", this.logoutHandler, "acceptAnyProxy", Boolean.valueOf(this.acceptAnyProxy), "allowedProxyChains", this.allowedProxyChains, "proxyReceptor", this.proxyReceptor, "timeTolerance", Long.valueOf(this.timeTolerance), "postLogoutUrlParameter", this.postLogoutUrlParameter, "defaultTicketValidator", this.defaultTicketValidator, "urlResolver", this.urlResolver, "method", this.method, "privateKeyPath", this.privateKeyPath, "privateKeyAlgorithm", this.privateKeyAlgorithm);
    }
}
