package org.jasig.cas.authentication.handler.support;

import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jasig.cas.authentication.handler.AuthenticationHandler;
import org.jasig.cas.authentication.principal.Credentials;
import org.jasig.cas.authentication.principal.HttpBasedServiceCredentials;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;

/* loaded from: input_file:org/jasig/cas/authentication/handler/support/HttpBasedServiceCredentialsAuthenticationHandler.class */
public final class HttpBasedServiceCredentialsAuthenticationHandler implements AuthenticationHandler, InitializingBean {
    private static final String PROTOCOL_HTTPS = "https";
    private static final int[] DEFAULT_ACCEPTABLE_CODES = {200, 304, 302, 301, 202};
    private int[] acceptableCodes;
    private boolean requireSecure = true;
    private final Log log = LogFactory.getLog(getClass());
    private HttpClient httpClient;
    static Class class$org$jasig$cas$authentication$principal$HttpBasedServiceCredentials;

    @Override // org.jasig.cas.authentication.handler.AuthenticationHandler
    public boolean authenticate(Credentials credentials) {
        HttpBasedServiceCredentials httpBasedServiceCredentials = (HttpBasedServiceCredentials) credentials;
        if (this.requireSecure && !httpBasedServiceCredentials.getCallbackUrl().getProtocol().equals(PROTOCOL_HTTPS)) {
            if (!this.log.isDebugEnabled()) {
                return false;
            }
            this.log.debug("Authentication failed because url was not secure.");
            return false;
        }
        this.log.debug(new StringBuffer().append("Attempting to resolve credentials for ").append(httpBasedServiceCredentials).toString());
        GetMethod getMethod = new GetMethod(httpBasedServiceCredentials.getCallbackUrl().toExternalForm());
        int i = 500;
        try {
            try {
                this.httpClient.executeMethod(getMethod);
                i = getMethod.getStatusCode();
                for (int i2 = 0; i2 < this.acceptableCodes.length; i2++) {
                    if (i == this.acceptableCodes[i2]) {
                        getMethod.releaseConnection();
                        return true;
                    }
                }
                getMethod.releaseConnection();
            } catch (Exception e) {
                this.log.error(e, e);
                getMethod.releaseConnection();
            }
            if (!this.log.isDebugEnabled()) {
                return false;
            }
            this.log.debug(new StringBuffer().append("Authentication failed because returned status code was [").append(i).append("]").toString());
            return false;
        } catch (Throwable th) {
            getMethod.releaseConnection();
            throw th;
        }
    }

    @Override // org.jasig.cas.authentication.handler.AuthenticationHandler
    public boolean supports(Credentials credentials) {
        Class cls;
        if (credentials != null) {
            if (class$org$jasig$cas$authentication$principal$HttpBasedServiceCredentials == null) {
                cls = class$("org.jasig.cas.authentication.principal.HttpBasedServiceCredentials");
                class$org$jasig$cas$authentication$principal$HttpBasedServiceCredentials = cls;
            } else {
                cls = class$org$jasig$cas$authentication$principal$HttpBasedServiceCredentials;
            }
            if (cls.isAssignableFrom(credentials.getClass())) {
                return true;
            }
        }
        return false;
    }

    public void setAcceptableCodes(int[] iArr) {
        this.acceptableCodes = iArr;
    }

    public void setHttpClient(HttpClient httpClient) {
        this.httpClient = httpClient;
    }

    public void setRequireSecure(boolean z) {
        this.requireSecure = z;
    }

    public void afterPropertiesSet() throws Exception {
        if (this.acceptableCodes == null) {
            this.acceptableCodes = DEFAULT_ACCEPTABLE_CODES;
        }
        Assert.notNull(this.httpClient, "Note, this behavior has changed from the CAS 3.0.6 behavior.  You now MUST specify an instance of HttpClient.  Before it would create an instance for you.");
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
