package org.apereo.cas.mgmt.web;

import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.pac4j.core.config.Config;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.engine.DefaultSecurityLogic;
import org.pac4j.core.exception.HttpAction;
import org.pac4j.springframework.web.SecurityInterceptor;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.view.RedirectView;

/* loaded from: input_file:WEB-INF/lib/cas-management-webapp-support-5.1.6.jar:org/apereo/cas/mgmt/web/CasManagementSecurityInterceptor.class */
public class CasManagementSecurityInterceptor extends SecurityInterceptor {

    /* loaded from: input_file:WEB-INF/lib/cas-management-webapp-support-5.1.6.jar:org/apereo/cas/mgmt/web/CasManagementSecurityInterceptor$CasManagementSecurityLogic.class */
    public class CasManagementSecurityLogic extends DefaultSecurityLogic {
        public CasManagementSecurityLogic() {
        }

        @Override // org.pac4j.core.engine.DefaultSecurityLogic
        protected HttpAction forbidden(WebContext webContext, List list, List list2, String str) {
            return HttpAction.redirect("Authorization failed", webContext, "authorizationFailure");
        }

        @Override // org.pac4j.core.engine.DefaultSecurityLogic
        protected boolean loadProfilesFromSession(WebContext webContext, List list) {
            return true;
        }
    }

    public CasManagementSecurityInterceptor(Config config) {
        super(config, "CasClient", "securityHeaders,csrfToken,RequireAnyRoleAuthorizer");
        CasManagementSecurityLogic casManagementSecurityLogic = new CasManagementSecurityLogic();
        casManagementSecurityLogic.setSaveProfileInSession(true);
        setSecurityLogic(casManagementSecurityLogic);
    }

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
        if (StringUtils.isEmpty(httpServletRequest.getQueryString()) || !httpServletRequest.getQueryString().contains("ticket")) {
            return;
        }
        RedirectView redirectView = new RedirectView(httpServletRequest.getRequestURL().toString());
        redirectView.setExposeModelAttributes(false);
        redirectView.setExposePathVariables(false);
        modelAndView.setView(redirectView);
    }
}
