package org.jasig.cas.client.validation;

import java.io.FileInputStream;
import java.io.IOException;
import java.util.Properties;
import javax.net.ssl.HostnameVerifier;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jasig.cas.client.util.AbstractCasFilter;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.util.ReflectUtils;

/* loaded from: input_file:WEB-INF/lib/cas-client-core-3.3.2.jar:org/jasig/cas/client/validation/AbstractTicketValidationFilter.class */
public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {
    private TicketValidator ticketValidator;
    private boolean redirectAfterValidation = true;
    private boolean exceptionOnValidationFailure = false;
    private boolean useSession = true;

    protected TicketValidator getTicketValidator(FilterConfig filterConfig) {
        return this.ticketValidator;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Properties getSSLConfig(FilterConfig filterConfig) {
        Properties properties = new Properties();
        String propertyFromInitParams = getPropertyFromInitParams(filterConfig, "sslConfigFile", null);
        if (propertyFromInitParams != null) {
            FileInputStream fileInputStream = null;
            try {
                try {
                    fileInputStream = new FileInputStream(propertyFromInitParams);
                    properties.load(fileInputStream);
                    this.logger.trace("Loaded {} entries from {}", Integer.valueOf(properties.size()), propertyFromInitParams);
                    CommonUtils.closeQuietly(fileInputStream);
                } catch (IOException e) {
                    this.logger.error(e.getMessage(), (Throwable) e);
                    CommonUtils.closeQuietly(fileInputStream);
                }
            } catch (Throwable th) {
                CommonUtils.closeQuietly(fileInputStream);
                throw th;
            }
        }
        return properties;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public HostnameVerifier getHostnameVerifier(FilterConfig filterConfig) {
        String propertyFromInitParams = getPropertyFromInitParams(filterConfig, "hostnameVerifier", null);
        this.logger.trace("Using hostnameVerifier parameter: {}", propertyFromInitParams);
        String propertyFromInitParams2 = getPropertyFromInitParams(filterConfig, "hostnameVerifierConfig", null);
        this.logger.trace("Using hostnameVerifierConfig parameter: {}", propertyFromInitParams2);
        if (propertyFromInitParams != null) {
            return propertyFromInitParams2 != null ? (HostnameVerifier) ReflectUtils.newInstance(propertyFromInitParams, propertyFromInitParams2) : (HostnameVerifier) ReflectUtils.newInstance(propertyFromInitParams, new Object[0]);
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.jasig.cas.client.util.AbstractCasFilter
    public void initInternal(FilterConfig filterConfig) throws ServletException {
        setExceptionOnValidationFailure(parseBoolean(getPropertyFromInitParams(filterConfig, "exceptionOnValidationFailure", "false")));
        this.logger.trace("Setting exceptionOnValidationFailure parameter: {}", Boolean.valueOf(this.exceptionOnValidationFailure));
        setRedirectAfterValidation(parseBoolean(getPropertyFromInitParams(filterConfig, "redirectAfterValidation", "true")));
        this.logger.trace("Setting redirectAfterValidation parameter: {}", Boolean.valueOf(this.redirectAfterValidation));
        setUseSession(parseBoolean(getPropertyFromInitParams(filterConfig, "useSession", "true")));
        this.logger.trace("Setting useSession parameter: {}", Boolean.valueOf(this.useSession));
        if (!this.useSession && this.redirectAfterValidation) {
            this.logger.warn("redirectAfterValidation parameter may not be true when useSession parameter is false. Resetting it to false in order to prevent infinite redirects.");
            setRedirectAfterValidation(false);
        }
        setTicketValidator(getTicketValidator(filterConfig));
        super.initInternal(filterConfig);
    }

    @Override // org.jasig.cas.client.util.AbstractCasFilter
    public void init() {
        super.init();
        CommonUtils.assertNotNull(this.ticketValidator, "ticketValidator cannot be null.");
    }

    protected boolean preFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        return true;
    }

    protected void onSuccessfulValidation(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Assertion assertion) {
    }

    protected void onFailedValidation(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
    }

    public final void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (preFilter(servletRequest, servletResponse, filterChain)) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
            String retrieveTicketFromRequest = retrieveTicketFromRequest(httpServletRequest);
            if (CommonUtils.isNotBlank(retrieveTicketFromRequest)) {
                this.logger.debug("Attempting to validate ticket: {}", retrieveTicketFromRequest);
                try {
                    Assertion validate = this.ticketValidator.validate(retrieveTicketFromRequest, constructServiceUrl(httpServletRequest, httpServletResponse));
                    this.logger.debug("Successfully authenticated user: {}", validate.getPrincipal().getName());
                    httpServletRequest.setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION, validate);
                    if (this.useSession) {
                        httpServletRequest.getSession().setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION, validate);
                    }
                    onSuccessfulValidation(httpServletRequest, httpServletResponse, validate);
                    if (this.redirectAfterValidation) {
                        this.logger.debug("Redirecting after successful ticket validation.");
                        httpServletResponse.sendRedirect(constructServiceUrl(httpServletRequest, httpServletResponse));
                        return;
                    }
                } catch (TicketValidationException e) {
                    this.logger.debug(e.getMessage(), (Throwable) e);
                    onFailedValidation(httpServletRequest, httpServletResponse);
                    if (this.exceptionOnValidationFailure) {
                        throw new ServletException(e);
                    }
                    httpServletResponse.sendError(403, e.getMessage());
                    return;
                }
            }
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }

    public final void setTicketValidator(TicketValidator ticketValidator) {
        this.ticketValidator = ticketValidator;
    }

    public final void setRedirectAfterValidation(boolean z) {
        this.redirectAfterValidation = z;
    }

    public final void setExceptionOnValidationFailure(boolean z) {
        this.exceptionOnValidationFailure = z;
    }

    public final void setUseSession(boolean z) {
        this.useSession = z;
    }
}
