package org.jasig.cas.support.spnego.authentication.handler.support;

import java.security.GeneralSecurityException;
import java.security.Principal;
import java.util.regex.Pattern;
import javax.security.auth.login.FailedLoginException;
import jcifs.spnego.Authentication;
import jcifs.spnego.AuthenticationException;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.Conversions;
import org.aspectj.runtime.reflect.Factory;
import org.jasig.cas.authentication.BasicCredentialMetaData;
import org.jasig.cas.authentication.Credential;
import org.jasig.cas.authentication.DefaultHandlerResult;
import org.jasig.cas.authentication.HandlerResult;
import org.jasig.cas.authentication.PreventedException;
import org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler;
import org.jasig.cas.authentication.principal.DefaultPrincipalFactory;
import org.jasig.cas.authentication.principal.SimplePrincipal;
import org.jasig.cas.support.spnego.authentication.principal.SpnegoCredential;
import org.jasig.inspektr.aspect.TraceLogAspect;

@Deprecated
/* loaded from: input_file:org/jasig/cas/support/spnego/authentication/handler/support/JCIFSSpnegoAuthenticationHandler.class */
public final class JCIFSSpnegoAuthenticationHandler extends AbstractPreAndPostProcessingAuthenticationHandler {
    private Authentication authentication;
    private boolean principalWithDomainName = true;
    private boolean isNTLMallowed;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;

    /* loaded from: input_file:org/jasig/cas/support/spnego/authentication/handler/support/JCIFSSpnegoAuthenticationHandler$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {

        /* renamed from: org.jasig.cas.support.spnego.authentication.handler.support.JCIFSSpnegoAuthenticationHandler$AjcClosure1$AjcClosure1, reason: collision with other inner class name */
        /* loaded from: input_file:org/jasig/cas/support/spnego/authentication/handler/support/JCIFSSpnegoAuthenticationHandler$AjcClosure1$AjcClosure1.class */
        public class C0002AjcClosure1 extends AroundClosure {
            private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_0 = null;

            /* renamed from: org.jasig.cas.support.spnego.authentication.handler.support.JCIFSSpnegoAuthenticationHandler$AjcClosure1$AjcClosure1$AjcClosure1, reason: collision with other inner class name */
            /* loaded from: input_file:org/jasig/cas/support/spnego/authentication/handler/support/JCIFSSpnegoAuthenticationHandler$AjcClosure1$AjcClosure1$AjcClosure1.class */
            public class C0003AjcClosure1 extends AroundClosure {
                public C0003AjcClosure1(Object[] objArr) {
                    super(objArr);
                }

                public Object run(Object[] objArr) {
                    Object[] objArr2 = ((AroundClosure) this).state;
                    return C0002AjcClosure1.run_aroundBody0((C0002AjcClosure1) objArr2[0], (Object[]) objArr2[1], (JoinPoint) objArr2[2]);
                }
            }

            public C0002AjcClosure1(Object[] objArr) {
                super(objArr);
            }

            public Object run(Object[] objArr) {
                return TraceLogAspect.aspectOf().traceMethod(new C0003AjcClosure1(new Object[]{this, objArr, Factory.makeJP(ajc$tjp_0, this, this, objArr)}).linkClosureAndJoinPoint(69648));
            }

            static {
                ajc$preClinit();
            }

            static final /* synthetic */ Object run_aroundBody0(C0002AjcClosure1 c0002AjcClosure1, Object[] objArr, JoinPoint joinPoint) {
                Object[] objArr2 = ((AroundClosure) c0002AjcClosure1).state;
                return AjcClosure1.run_aroundBody0((AjcClosure1) objArr2[0], (Object[]) objArr2[1], (JoinPoint) objArr2[2]);
            }

            private static /* synthetic */ void ajc$preClinit() {
                Factory factory = new Factory("JCIFSSpnegoAuthenticationHandler.java", Class.forName("org.jasig.cas.support.spnego.authentication.handler.support.JCIFSSpnegoAuthenticationHandler$AjcClosure1$AjcClosure1"));
                ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "run", "org.jasig.cas.support.spnego.authentication.handler.support.JCIFSSpnegoAuthenticationHandler$AjcClosure1$AjcClosure1", "[Ljava.lang.Object;", "arg0", "", "java.lang.Object"), 1);
            }
        }

        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(JCIFSSpnegoAuthenticationHandler.supports_aroundBody0((JCIFSSpnegoAuthenticationHandler) objArr2[0], (Credential) objArr2[1], (JoinPoint) objArr2[2]));
        }
    }

    protected HandlerResult doAuthentication(Credential credential) throws GeneralSecurityException, PreventedException {
        Principal principal;
        byte[] nextToken;
        SpnegoCredential spnegoCredential = (SpnegoCredential) credential;
        if (!this.isNTLMallowed && spnegoCredential.isNtlm()) {
            throw new FailedLoginException("NTLM not allowed");
        }
        try {
            synchronized (this) {
                this.authentication.reset();
                this.authentication.process(spnegoCredential.getInitToken());
                principal = this.authentication.getPrincipal();
                nextToken = this.authentication.getNextToken();
            }
            if (nextToken != null) {
                this.logger.debug("Setting nextToken in credential");
                spnegoCredential.setNextToken(nextToken);
            } else {
                this.logger.debug("nextToken is null");
            }
            boolean z = false;
            if (principal != null) {
                if (spnegoCredential.isNtlm()) {
                    this.logger.debug("NTLM Credential is valid for user [{}]", principal.getName());
                } else {
                    this.logger.debug("Kerberos Credential is valid for user [{}]", principal.getName());
                }
                spnegoCredential.setPrincipal(getPrincipal(principal.getName(), spnegoCredential.isNtlm()));
                z = true;
            }
            if (z) {
                return new DefaultHandlerResult(this, new BasicCredentialMetaData(credential), spnegoCredential.getPrincipal());
            }
            throw new FailedLoginException("Principal is null, the processing of the SPNEGO Token failed");
        } catch (AuthenticationException e) {
            throw new FailedLoginException(e.getMessage());
        }
    }

    public boolean supports(Credential credential) {
        return Conversions.booleanValue(TraceLogAspect.aspectOf().traceMethod(new AjcClosure1(new Object[]{this, credential, Factory.makeJP(ajc$tjp_0, this, this, credential)}).linkClosureAndJoinPoint(69648)));
    }

    public void setAuthentication(Authentication authentication) {
        this.authentication = authentication;
    }

    public void setPrincipalWithDomainName(boolean z) {
        this.principalWithDomainName = z;
    }

    public void setNTLMallowed(boolean z) {
        this.isNTLMallowed = z;
    }

    @Deprecated
    protected SimplePrincipal getSimplePrincipal(String str, boolean z) {
        this.logger.warn("getSimplePrincipal() is deprecated and will be removed. Consider getPrincipal() instead.");
        return this.principalWithDomainName ? new DefaultPrincipalFactory().createPrincipal(str) : z ? Pattern.matches("\\S+\\\\\\S+", str) ? new DefaultPrincipalFactory().createPrincipal(str.split("\\\\")[1]) : new DefaultPrincipalFactory().createPrincipal(str) : new DefaultPrincipalFactory().createPrincipal(str.split("@")[0]);
    }

    protected org.jasig.cas.authentication.principal.Principal getPrincipal(String str, boolean z) {
        return this.principalWithDomainName ? this.principalFactory.createPrincipal(str) : z ? Pattern.matches("\\S+\\\\\\S+", str) ? this.principalFactory.createPrincipal(str.split("\\\\")[1]) : this.principalFactory.createPrincipal(str) : this.principalFactory.createPrincipal(str.split("@")[0]);
    }

    static {
        ajc$preClinit();
    }

    static final boolean supports_aroundBody0(JCIFSSpnegoAuthenticationHandler jCIFSSpnegoAuthenticationHandler, Credential credential, JoinPoint joinPoint) {
        return credential instanceof SpnegoCredential;
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("JCIFSSpnegoAuthenticationHandler.java", JCIFSSpnegoAuthenticationHandler.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "supports", "org.jasig.cas.support.spnego.authentication.handler.support.JCIFSSpnegoAuthenticationHandler", "org.jasig.cas.authentication.Credential", "credential", "", "boolean"), 110);
    }
}
