package net.sourceforge.openutils.mgnlcas;

import info.magnolia.cms.security.SecuritySupport;
import info.magnolia.cms.security.User;
import info.magnolia.cms.security.auth.callback.RealmCallback;
import info.magnolia.cms.security.auth.login.LoginHandler;
import info.magnolia.cms.security.auth.login.LoginHandlerBase;
import info.magnolia.cms.security.auth.login.LoginResult;
import java.io.IOException;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.TextInputCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.jasig.cas.client.util.CommonUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/sourceforge/openutils/mgnlcas/CasLogin.class */
public class CasLogin extends LoginHandlerBase implements LoginHandler {
    private static final Logger log = LoggerFactory.getLogger(CasLogin.class);
    private String artifactParameterName = "ticket";
    private String jaasChain = "magnolia";
    private String realm;
    private String casValidateUrl;

    /* loaded from: input_file:net/sourceforge/openutils/mgnlcas/CasLogin$CasCallBackHandler.class */
    public class CasCallBackHandler implements CallbackHandler {
        private String service;
        private String ticket;
        private String realm;

        public CasCallBackHandler(String str, String str2, String str3) {
            this.service = str;
            this.ticket = str2;
            this.realm = str3;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            for (int i = 0; i < callbackArr.length; i++) {
                if (callbackArr[i] instanceof TextInputCallback) {
                    TextInputCallback textInputCallback = (TextInputCallback) callbackArr[i];
                    if ("ticket".equals(textInputCallback.getPrompt())) {
                        CasLogin.log.info(getTicket());
                        textInputCallback.setText(getTicket());
                    } else if ("service".equals(textInputCallback.getPrompt())) {
                        CasLogin.log.info(getService());
                        textInputCallback.setText(getService());
                    } else if ("casValidateUrl".equals(textInputCallback.getPrompt())) {
                        CasLogin.log.info(CasLogin.this.casValidateUrl);
                        textInputCallback.setText(CasLogin.this.casValidateUrl);
                    }
                } else {
                    if (!(callbackArr[i] instanceof RealmCallback)) {
                        throw new UnsupportedCallbackException(callbackArr[i], "Callback class not supported");
                    }
                    CasLogin.log.info(this.realm);
                    ((RealmCallback) callbackArr[i]).setRealm(this.realm);
                }
            }
        }

        public String getTicket() {
            return this.ticket;
        }

        public String getService() {
            return this.service;
        }

        public String getRealm() {
            return this.realm;
        }
    }

    public void setArtifactParameterName(String str) {
        this.artifactParameterName = str;
    }

    public String getJaasChain() {
        return this.jaasChain;
    }

    public void setJaasChain(String str) {
        this.jaasChain = str;
    }

    public String getRealm() {
        return this.realm;
    }

    public void setRealm(String str) {
        this.realm = str;
    }

    public String getCasValidateUrl() {
        return this.casValidateUrl;
    }

    public void setCasValidateUrl(String str) {
        this.casValidateUrl = str;
    }

    public LoginResult handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String parameter = httpServletRequest.getParameter(this.artifactParameterName);
        if (!StringUtils.isNotEmpty(parameter)) {
            return LoginResult.NOT_HANDLED;
        }
        String constructServiceUrl = CommonUtils.constructServiceUrl(httpServletRequest, httpServletResponse, (String) null, RequestUtils.serverName(httpServletRequest), this.artifactParameterName, true);
        if (constructServiceUrl.lastIndexOf("/") == constructServiceUrl.length() - 1) {
            constructServiceUrl = constructServiceUrl.substring(0, constructServiceUrl.lastIndexOf("/"));
        }
        return authenticateCas(new CasCallBackHandler(constructServiceUrl, parameter, this.realm), getJaasChain());
    }

    protected LoginResult authenticateCas(CasCallBackHandler casCallBackHandler, String str) {
        try {
            LoginContext loginContext = new LoginContext(StringUtils.defaultString(str, "magnolia"), casCallBackHandler);
            loginContext.login();
            Subject subject = loginContext.getSubject();
            User user = SecuritySupport.Factory.getInstance().getUserManager().getUser(subject);
            if (user != null) {
                user.setSubject(subject);
            } else {
                log.error("Unable to obtain a user from userManager, maybe the external user manager is not configured for the cas realm?");
            }
            return new LoginResult(1, user);
        } catch (LoginException e) {
            log.info("Can't login due to:", e);
            return new LoginResult(2, e);
        }
    }
}
