package org.jasig.cas.web;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.constraints.NotNull;
import org.jasig.cas.CasProtocolConstants;
import org.jasig.cas.CasViewConstants;
import org.jasig.cas.CentralAuthenticationService;
import org.jasig.cas.authentication.principal.Service;
import org.jasig.cas.authentication.principal.WebApplicationServiceFactory;
import org.jasig.cas.services.UnauthorizedServiceException;
import org.jasig.cas.ticket.AbstractTicketException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.ApplicationContext;
import org.springframework.stereotype.Component;
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;

@Component("proxyController")
@Controller
/* loaded from: input_file:WEB-INF/lib/cas-server-webapp-validation-4.2.3.jar:org/jasig/cas/web/ProxyController.class */
public class ProxyController {
    private static final String CONST_PROXY_FAILURE = "cas2ProxyFailureView";
    private static final String CONST_PROXY_SUCCESS = "cas2ProxySuccessView";
    private static final String MODEL_SERVICE_TICKET = "ticket";

    @NotNull
    private CentralAuthenticationService centralAuthenticationService;

    @Autowired
    private ApplicationContext context;

    @RequestMapping(path = {"/proxy"}, method = {RequestMethod.GET})
    protected ModelAndView handleRequestInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String parameter = httpServletRequest.getParameter(CasProtocolConstants.PARAMETER_PROXY_GRANTINOG_TICKET);
        Service targetService = getTargetService(httpServletRequest);
        if (!StringUtils.hasText(parameter) || targetService == null) {
            return generateErrorView(CasProtocolConstants.ERROR_CODE_INVALID_REQUEST, CasProtocolConstants.ERROR_CODE_INVALID_REQUEST_PROXY, null, httpServletRequest);
        }
        try {
            return new ModelAndView(CONST_PROXY_SUCCESS, "ticket", this.centralAuthenticationService.grantProxyTicket(parameter, targetService));
        } catch (UnauthorizedServiceException unused) {
            return generateErrorView(CasProtocolConstants.ERROR_CODE_UNAUTHORIZED_SERVICE, "UNAUTHORIZED_SERVICE_PROXY", new Object[]{targetService}, httpServletRequest);
        } catch (AbstractTicketException e) {
            return generateErrorView(e.getCode(), e.getCode(), new Object[]{parameter}, httpServletRequest);
        }
    }

    private static Service getTargetService(HttpServletRequest httpServletRequest) {
        return new WebApplicationServiceFactory().createService(httpServletRequest);
    }

    private ModelAndView generateErrorView(String str, String str2, Object[] objArr, HttpServletRequest httpServletRequest) {
        ModelAndView modelAndView = new ModelAndView(CONST_PROXY_FAILURE);
        modelAndView.addObject(CasViewConstants.MODEL_ATTRIBUTE_NAME_ERROR_CODE, str);
        modelAndView.addObject("description", this.context.getMessage(str2, objArr, str2, httpServletRequest.getLocale()));
        return modelAndView;
    }

    @Autowired
    public void setCentralAuthenticationService(@Qualifier("centralAuthenticationService") CentralAuthenticationService centralAuthenticationService) {
        this.centralAuthenticationService = centralAuthenticationService;
    }

    public void setApplicationContext(ApplicationContext applicationContext) {
        this.context = applicationContext;
    }
}
