package org.ametys.plugins.proxiedcontent;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Map;
import org.ametys.core.authentication.CredentialProvider;
import org.ametys.core.user.population.UserPopulation;
import org.ametys.core.user.population.UserPopulationDAO;
import org.ametys.plugins.core.impl.authentication.CASCredentialProvider;
import org.ametys.web.repository.page.ZoneItem;
import org.apache.avalon.framework.parameters.Parameters;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.cocoon.acting.ServiceableAction;
import org.apache.cocoon.environment.ObjectModelHelper;
import org.apache.cocoon.environment.Redirector;
import org.apache.cocoon.environment.Request;
import org.apache.cocoon.environment.Session;
import org.apache.cocoon.environment.SourceResolver;
import org.jasig.cas.client.proxy.Cas20ProxyRetriever;
import org.jasig.cas.client.ssl.HttpURLConnectionFactory;
import org.jasig.cas.client.validation.Assertion;

/* loaded from: input_file:org/ametys/plugins/proxiedcontent/GetUrlAction.class */
public class GetUrlAction extends ServiceableAction {
    protected UserPopulationDAO _userPopulationDAO;

    public void service(ServiceManager serviceManager) throws ServiceException {
        super.service(this.manager);
        this._userPopulationDAO = (UserPopulationDAO) serviceManager.lookup(UserPopulationDAO.ROLE);
    }

    public Map act(Redirector redirector, SourceResolver sourceResolver, Map map, String str, Parameters parameters) throws Exception {
        HashMap hashMap = new HashMap();
        Request request = ObjectModelHelper.getRequest(map);
        String parameter = request.getParameter("url");
        String parameter2 = request.getParameter("server");
        String parameter3 = request.getParameter("isForm");
        String remoteHostFromUrl = Utils.getRemoteHostFromUrl(Utils.normalizeUrl(str));
        if (parameter == null) {
            parameter = str;
        }
        if (parameter2 == null) {
            parameter2 = str;
        }
        String normalizeUrl = Utils.normalizeUrl(parameter);
        String normalizeUrl2 = Utils.normalizeUrl(parameter2);
        String remoteHostFromUrl2 = Utils.getRemoteHostFromUrl(normalizeUrl);
        if (!remoteHostFromUrl.equals(remoteHostFromUrl2)) {
            getLogger().error("The specified page '" + normalizeUrl + "' is not on the same host than the base page, and therefore could not be proxified.");
            return null;
        }
        if (parameter3 != null) {
            hashMap.put("queryString", "?" + request.getQueryString());
        }
        String substring = normalizeUrl.substring(0, normalizeUrl.lastIndexOf("/") + 1);
        hashMap.put("url", normalizeUrl);
        hashMap.put("server", normalizeUrl2);
        hashMap.put("remote-server", remoteHostFromUrl2);
        hashMap.put("complete-url", substring);
        ZoneItem zoneItem = (ZoneItem) request.getAttribute(ZoneItem.class.getName());
        hashMap.put("zoneitemid", zoneItem.getId());
        if (((Boolean) zoneItem.getServiceParameters().getValue("cas", false, false)).booleanValue()) {
            _addCasProxyTicketInUrl(request, normalizeUrl, hashMap);
        }
        return hashMap;
    }

    private void _addCasProxyTicketInUrl(Request request, String str, Map<String, String> map) throws UnsupportedEncodingException {
        UserPopulation userPopulation;
        Assertion assertion;
        String str2 = null;
        Session session = request.getSession(false);
        if (session != null && (assertion = (Assertion) session.getAttribute("_const_cas_assertion_")) != null) {
            str2 = assertion.getPrincipal().getProxyTicketFor(str);
        }
        if ("true".equals(request.getHeader("X-Ametys-FO")) && request.getHeader("X-Ametys-FO-PGT") != null && (userPopulation = this._userPopulationDAO.getUserPopulation(request.getHeader("X-Ametys-FO-Population"))) != null) {
            CredentialProvider credentialProvider = userPopulation.getCredentialProvider(request.getHeader("X-Ametys-FO-Credential-Provider"));
            if (credentialProvider instanceof CASCredentialProvider) {
                str2 = new Cas20ProxyRetriever((String) credentialProvider.getParameterValues().get("runtime.authentication.cas.serverUrl"), "UTF-8", (HttpURLConnectionFactory) null).getProxyTicketIdFor(request.getHeader("X-Ametys-FO-PGT"), str);
            }
        }
        if (str2 == null) {
            getLogger().warn(String.format("The application was unable to retrieve a proxy ticket from CAS for target service '%s'", str));
            return;
        }
        StringBuilder sb = new StringBuilder(str);
        sb.append(!str.contains("?") ? "?" : "&").append("ticket=").append(URLEncoder.encode(str2, "UTF-8"));
        map.put("url", sb.toString());
    }
}
