package org.pac4j.core.client;

import org.pac4j.core.client.RedirectAction;
import org.pac4j.core.context.Pac4jConstants;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.exception.RequiresHttpAction;
import org.pac4j.core.http.AjaxRequestResolver;
import org.pac4j.core.http.CallbackUrlResolver;
import org.pac4j.core.http.DefaultAjaxRequestResolver;
import org.pac4j.core.http.DefaultCallbackUrlResolver;
import org.pac4j.core.profile.CommonProfile;
import org.pac4j.core.util.CommonHelper;

/* loaded from: input_file:WEB-INF/lib/pac4j-core-1.8.8.jar:org/pac4j/core/client/IndirectClient.class */
public abstract class IndirectClient<C extends Credentials, U extends CommonProfile> extends BaseClient<C, U> {
    public static final String NEEDS_CLIENT_REDIRECTION_PARAMETER = "needs_client_redirection";
    public static final String ATTEMPTED_AUTHENTICATION_SUFFIX = "$attemptedAuthentication";
    protected String callbackUrl;
    private boolean includeClientNameInCallbackUrl = true;
    private AjaxRequestResolver ajaxRequestResolver = new DefaultAjaxRequestResolver();
    protected CallbackUrlResolver callbackUrlResolver = new DefaultCallbackUrlResolver();

    protected abstract boolean isDirectRedirection();

    @Override // org.pac4j.core.client.Client
    public final void redirect(WebContext webContext, boolean z) throws RequiresHttpAction {
        RedirectAction redirectAction = getRedirectAction(webContext, z);
        if (redirectAction.getType() == RedirectAction.RedirectType.REDIRECT) {
            webContext.setResponseStatus(302);
            webContext.setResponseHeader("Location", redirectAction.getLocation());
        } else if (redirectAction.getType() == RedirectAction.RedirectType.SUCCESS) {
            webContext.setResponseStatus(200);
            webContext.writeResponseContent(redirectAction.getContent());
        }
    }

    public final RedirectAction getRedirectAction(WebContext webContext, boolean z) throws RequiresHttpAction {
        if (this.ajaxRequestResolver.isAjax(webContext)) {
            this.logger.info("AJAX request detected -> returning 401");
            cleanRequestedUrl(webContext);
            throw RequiresHttpAction.unauthorized("AJAX request -> 401", webContext, null);
        }
        if (CommonHelper.isNotBlank((String) webContext.getSessionAttribute(getName() + ATTEMPTED_AUTHENTICATION_SUFFIX))) {
            cleanAttemptedAuthentication(webContext);
            if (z) {
                cleanRequestedUrl(webContext);
                throw RequiresHttpAction.forbidden("authentication already tried -> forbidden", webContext);
            }
        }
        if (!isDirectRedirection() && !z) {
            return RedirectAction.redirect(CommonHelper.addParameter(computeFinalCallbackUrl(webContext), NEEDS_CLIENT_REDIRECTION_PARAMETER, "true"));
        }
        init(webContext);
        return retrieveRedirectAction(webContext);
    }

    private void cleanRequestedUrl(WebContext webContext) {
        webContext.setSessionAttribute(Pac4jConstants.REQUESTED_URL, "");
    }

    private void cleanAttemptedAuthentication(WebContext webContext) {
        webContext.setSessionAttribute(getName() + ATTEMPTED_AUTHENTICATION_SUFFIX, "");
    }

    public String computeFinalCallbackUrl(WebContext webContext) {
        return this.callbackUrlResolver.compute(this.callbackUrl, webContext);
    }

    public String getRedirectionUrl(WebContext webContext) {
        try {
            return getRedirectAction(webContext, false).getLocation();
        } catch (RequiresHttpAction e) {
            return null;
        }
    }

    protected abstract RedirectAction retrieveRedirectAction(WebContext webContext);

    @Override // org.pac4j.core.client.Client
    public final C getCredentials(WebContext webContext) throws RequiresHttpAction {
        init(webContext);
        if (CommonHelper.isNotBlank(webContext.getRequestParameter(NEEDS_CLIENT_REDIRECTION_PARAMETER))) {
            RedirectAction retrieveRedirectAction = retrieveRedirectAction(webContext);
            if (retrieveRedirectAction.getType() == RedirectAction.RedirectType.SUCCESS) {
                throw RequiresHttpAction.ok("Needs client redirection", webContext, retrieveRedirectAction.getContent());
            }
            throw RequiresHttpAction.redirect("Needs client redirection", webContext, retrieveRedirectAction.getLocation());
        }
        C retrieveCredentials = retrieveCredentials(webContext);
        if (retrieveCredentials == null) {
            webContext.setSessionAttribute(getName() + ATTEMPTED_AUTHENTICATION_SUFFIX, "true");
        } else {
            cleanAttemptedAuthentication(webContext);
        }
        return retrieveCredentials;
    }

    protected abstract C retrieveCredentials(WebContext webContext) throws RequiresHttpAction;

    protected String getStateParameter(WebContext webContext) {
        throw new UnsupportedOperationException("To be implemented in subclasses if required");
    }

    public boolean isIncludeClientNameInCallbackUrl() {
        return this.includeClientNameInCallbackUrl;
    }

    public void setIncludeClientNameInCallbackUrl(boolean z) {
        this.includeClientNameInCallbackUrl = z;
    }

    public void setCallbackUrl(String str) {
        this.callbackUrl = str;
    }

    public String getCallbackUrl() {
        return this.callbackUrl;
    }

    public AjaxRequestResolver getAjaxRequestResolver() {
        return this.ajaxRequestResolver;
    }

    public void setAjaxRequestResolver(AjaxRequestResolver ajaxRequestResolver) {
        this.ajaxRequestResolver = ajaxRequestResolver;
    }

    public CallbackUrlResolver getCallbackUrlResolver() {
        return this.callbackUrlResolver;
    }

    public void setCallbackUrlResolver(CallbackUrlResolver callbackUrlResolver) {
        this.callbackUrlResolver = callbackUrlResolver;
    }
}
