package com.liferay.portal.servlet.filters.sso.cas;

import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.util.HttpUtil;
import com.liferay.portal.kernel.util.ParamUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.servlet.filters.BasePortalFilter;
import com.liferay.portal.util.CookieKeys;
import com.liferay.portal.util.PortalUtil;
import com.liferay.portal.util.PrefsPropsUtil;
import com.liferay.portal.util.PropsValues;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.validation.Assertion;
import org.jasig.cas.client.validation.Cas20ProxyTicketValidator;
import org.jasig.cas.client.validation.TicketValidator;

/* loaded from: input_file:com/liferay/portal/servlet/filters/sso/cas/CASFilter.class */
public class CASFilter extends BasePortalFilter {
    public static String LOGIN = String.valueOf(CASFilter.class.getName()) + CookieKeys.LOGIN;
    private static Log _log = LogFactoryUtil.getLog(CASFilter.class);
    private static Map<Long, TicketValidator> _ticketValidators = new ConcurrentHashMap();

    public static void reload(long j) {
        _ticketValidators.remove(Long.valueOf(j));
    }

    @Override // com.liferay.portal.servlet.filters.BasePortalFilter
    protected Log getLog() {
        return _log;
    }

    protected TicketValidator getTicketValidator(long j) throws Exception {
        TicketValidator ticketValidator = _ticketValidators.get(Long.valueOf(j));
        if (ticketValidator != null) {
            return ticketValidator;
        }
        String string = PrefsPropsUtil.getString(j, "cas.server.name", PropsValues.CAS_SERVER_NAME);
        String string2 = PrefsPropsUtil.getString(j, "cas.server.url", PropsValues.CAS_SERVER_URL);
        String string3 = PrefsPropsUtil.getString(j, "cas.login.url", PropsValues.CAS_LOGIN_URL);
        TicketValidator cas20ProxyTicketValidator = new Cas20ProxyTicketValidator(string2);
        HashMap hashMap = new HashMap();
        hashMap.put("serverName", string);
        hashMap.put("casServerUrlPrefix", string2);
        hashMap.put("casServerLoginUrl", string3);
        hashMap.put("redirectAfterValidation", "false");
        cas20ProxyTicketValidator.setCustomParameters(hashMap);
        _ticketValidators.put(Long.valueOf(j), cas20ProxyTicketValidator);
        return cas20ProxyTicketValidator;
    }

    protected void processFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws Exception {
        long companyId = PortalUtil.getCompanyId(httpServletRequest);
        if (PrefsPropsUtil.getBoolean(companyId, "cas.auth.enabled", PropsValues.CAS_AUTH_ENABLED)) {
            HttpSession session = httpServletRequest.getSession();
            if (httpServletRequest.getPathInfo().indexOf("/portal/logout") != -1) {
                session.invalidate();
                httpServletResponse.sendRedirect(PrefsPropsUtil.getString(companyId, "cas.logout.url", PropsValues.CAS_LOGOUT_URL));
                return;
            }
            String str = (String) session.getAttribute(LOGIN);
            String string = PrefsPropsUtil.getString(companyId, "cas.server.name", PropsValues.CAS_SERVER_NAME);
            String string2 = PrefsPropsUtil.getString(companyId, "cas.service.url", PropsValues.CAS_SERVICE_URL);
            if (Validator.isNull(string2)) {
                string2 = CommonUtils.constructServiceUrl(httpServletRequest, httpServletResponse, string2, string, "ticket", false);
            }
            String string3 = ParamUtil.getString(httpServletRequest, "ticket");
            if (Validator.isNull(string3)) {
                if (Validator.isNotNull(str)) {
                    processFilter(CASFilter.class, httpServletRequest, httpServletResponse, filterChain);
                    return;
                } else {
                    httpServletResponse.sendRedirect(HttpUtil.addParameter(PrefsPropsUtil.getString(companyId, "cas.login.url", PropsValues.CAS_LOGIN_URL), "service", string2));
                    return;
                }
            }
            Assertion validate = getTicketValidator(companyId).validate(string3, string2);
            if (validate != null) {
                session.setAttribute(LOGIN, validate.getPrincipal().getName());
            }
        }
        processFilter(CASFilter.class, httpServletRequest, httpServletResponse, filterChain);
    }
}
