package org.apereo.cas.web.support.gen;

import java.io.Serializable;
import java.util.List;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.RememberMeCredential;
import org.apereo.cas.web.cookie.CasCookieBuilder;
import org.apereo.cas.web.cookie.CookieGenerationContext;
import org.apereo.cas.web.cookie.CookieValueManager;
import org.apereo.cas.web.support.WebUtils;
import org.apereo.cas.web.support.mgmr.NoOpCookieValueManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.util.CookieGenerator;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:WEB-INF/lib/cas-server-core-cookie-api-6.1.0-RC3.jar:org/apereo/cas/web/support/gen/CookieRetrievingCookieGenerator.class */
public class CookieRetrievingCookieGenerator extends CookieGenerator implements Serializable, CasCookieBuilder {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) CookieRetrievingCookieGenerator.class);
    private static final long serialVersionUID = -4926982428809856313L;
    private final CookieValueManager casCookieValueManager;
    private final CookieGenerationContext cookieGenerationContext;

    public CookieRetrievingCookieGenerator(CookieGenerationContext cookieGenerationContext) {
        this(cookieGenerationContext, new NoOpCookieValueManager());
    }

    public CookieRetrievingCookieGenerator(CookieGenerationContext cookieGenerationContext, CookieValueManager cookieValueManager) {
        super.setCookieName(cookieGenerationContext.getName());
        super.setCookiePath(cookieGenerationContext.getPath());
        super.setCookieMaxAge(Integer.valueOf(cookieGenerationContext.getMaxAge()));
        super.setCookieSecure(cookieGenerationContext.isSecure());
        super.setCookieHttpOnly(cookieGenerationContext.isHttpOnly());
        setCookieDomain(cookieGenerationContext.getDomain());
        this.cookieGenerationContext = cookieGenerationContext;
        this.casCookieValueManager = cookieValueManager;
    }

    @Override // org.apereo.cas.web.cookie.CasCookieBuilder
    public void addCookie(RequestContext requestContext, String str) {
        HttpServletRequest httpServletRequestFromExternalWebflowContext = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext);
        HttpServletResponse httpServletResponseFromExternalWebflowContext = WebUtils.getHttpServletResponseFromExternalWebflowContext(requestContext);
        String buildCookieValue = this.casCookieValueManager.buildCookieValue(str, httpServletRequestFromExternalWebflowContext);
        if (!isRememberMeAuthentication(requestContext).booleanValue()) {
            LOGGER.trace("Creating cookie [{}]", getCookieName());
            super.addCookie(httpServletResponseFromExternalWebflowContext, buildCookieValue);
            return;
        }
        LOGGER.trace("Creating cookie [{}] for remember-me authentication", getCookieName());
        Cookie createCookie = createCookie(buildCookieValue);
        createCookie.setMaxAge(this.cookieGenerationContext.getRememberMeMaxAge());
        createCookie.setSecure(isCookieSecure());
        createCookie.setHttpOnly(isCookieHttpOnly());
        createCookie.setComment("CAS Cookie w/ Remember-Me");
        httpServletResponseFromExternalWebflowContext.addCookie(createCookie);
    }

    @Override // org.apereo.cas.web.cookie.CasCookieBuilder
    public void addCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        String buildCookieValue = this.casCookieValueManager.buildCookieValue(str, httpServletRequest);
        LOGGER.trace("Creating cookie [{}]", getCookieName());
        super.addCookie(httpServletResponse, buildCookieValue);
    }

    @Override // org.apereo.cas.web.cookie.CasCookieBuilder
    public String retrieveCookieValue(HttpServletRequest httpServletRequest) {
        try {
            Cookie cookie = org.springframework.web.util.WebUtils.getCookie(httpServletRequest, getCookieName());
            if (cookie == null) {
                String header = httpServletRequest.getHeader(getCookieName());
                if (StringUtils.isNotBlank(header)) {
                    LOGGER.trace("Found cookie [{}] under header name [{}]", header, getCookieName());
                    cookie = createCookie(header);
                }
            }
            if (cookie == null) {
                return null;
            }
            return this.casCookieValueManager.obtainCookieValue(cookie, httpServletRequest);
        } catch (Exception e) {
            LOGGER.debug(e.getMessage(), (Throwable) e);
            return null;
        }
    }

    @Override // org.springframework.web.util.CookieGenerator
    public void setCookieDomain(String str) {
        super.setCookieDomain((String) StringUtils.defaultIfEmpty(str, null));
    }

    private static Boolean isRememberMeAuthentication(RequestContext requestContext) {
        if (isRememberMeProvidedInRequest(requestContext)) {
            LOGGER.debug("This request is from a remember-me authentication event");
            return Boolean.TRUE;
        }
        if (!isRememberMeRecordedInAuthentication(requestContext).booleanValue()) {
            return Boolean.FALSE;
        }
        LOGGER.debug("The recorded authentication is from a remember-me request");
        return Boolean.TRUE;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.springframework.web.util.CookieGenerator
    public Cookie createCookie(String str) {
        Cookie createCookie = super.createCookie(str);
        createCookie.setComment("CAS Cookie");
        return createCookie;
    }

    private static Boolean isRememberMeRecordedInAuthentication(RequestContext requestContext) {
        LOGGER.debug("Request does not indicate a remember-me authentication event. Locating authentication object from the request context...");
        Authentication authentication = WebUtils.getAuthentication(requestContext);
        if (authentication == null) {
            return Boolean.FALSE;
        }
        Map<String, List<Object>> attributes = authentication.getAttributes();
        LOGGER.trace("Located authentication attributes [{}]", attributes);
        if (!attributes.containsKey(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME)) {
            return Boolean.FALSE;
        }
        List<Object> list = attributes.get(RememberMeCredential.AUTHENTICATION_ATTRIBUTE_REMEMBER_ME);
        LOGGER.debug("Located remember-me authentication attribute [{}]", list);
        return Boolean.valueOf(list.contains(Boolean.TRUE));
    }

    private static boolean isRememberMeProvidedInRequest(RequestContext requestContext) {
        String parameter = WebUtils.getHttpServletRequestFromExternalWebflowContext(requestContext).getParameter(RememberMeCredential.REQUEST_PARAMETER_REMEMBER_ME);
        LOGGER.trace("Locating request parameter [{}] with value [{}]", RememberMeCredential.REQUEST_PARAMETER_REMEMBER_ME, parameter);
        return StringUtils.isNotBlank(parameter) && WebUtils.isRememberMeAuthenticationEnabled(requestContext).booleanValue();
    }
}
