package com.diboot.iam.sso.impl;

import com.diboot.core.exception.BusinessException;
import com.diboot.core.util.V;
import com.diboot.iam.auth.AuthServiceFactory;
import com.diboot.iam.config.Cons;
import com.diboot.iam.dto.SsoAuthorizeInfo;
import com.diboot.iam.entity.IamUser;
import com.diboot.iam.sso.SSOManager;
import com.diboot.iam.sso.credential.CasCredential;
import java.net.URLEncoder;
import java.util.Map;
import lombok.Generated;
import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
import org.jasig.cas.client.validation.TicketValidationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Service;

@ConditionalOnProperty(prefix = "diboot.iam.cas-server", name = {"auth-center-url", "login-url", "callback"})
@Service
/* loaded from: input_file:com/diboot/iam/sso/impl/CasSSOManager.class */
public class CasSSOManager implements SSOManager {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(CasSSOManager.class);
    private static final String TICKET_KEY = "ticket";

    @Value("${diboot.iam.cas-server.auth-center-url}")
    private String authCenterUrl;

    @Value("${diboot.iam.cas-server.login-url}")
    private String loginUrl;

    @Value("${diboot.iam.cas-server.logout-url}")
    private String logoutUrl;

    @Value("${diboot.iam.cas-server.callback}")
    private String callback;

    @Override // com.diboot.iam.sso.SSOManager
    public String getAuthType() {
        return Cons.DICTCODE_AUTH_TYPE.CAS_SERVER.name();
    }

    @Override // com.diboot.iam.sso.SSOManager
    public SsoAuthorizeInfo getAuthorizeInfo(String str) {
        if (V.isEmpty(str)) {
            str = this.callback;
        }
        if (V.isEmpty(str)) {
            throw new BusinessException("exception.business.SSOManager.nullCallback", new Object[0]);
        }
        try {
            str = URLEncoder.encode(str, "UTF-8");
        } catch (Exception e) {
            log.error("URL编码出错", e);
        }
        return new SsoAuthorizeInfo(this.loginUrl + "?service=" + str);
    }

    @Override // com.diboot.iam.sso.SSOManager
    public String getToken(Map<String, Object> map) {
        if (V.isEmpty(map) || map.get(TICKET_KEY) == null) {
            return null;
        }
        String valueOf = String.valueOf(map.get(TICKET_KEY));
        try {
            String name = new Cas20ServiceTicketValidator(this.authCenterUrl).validate(valueOf, this.callback).getPrincipal().getName();
            System.out.println("User logged in: " + name);
            CasCredential casCredential = new CasCredential();
            casCredential.setAuthAccount(name).setUserType(IamUser.class.getSimpleName()).setAuthType(Cons.DICTCODE_AUTH_TYPE.CAS_SERVER.name());
            return AuthServiceFactory.getAuthService(Cons.DICTCODE_AUTH_TYPE.CAS_SERVER.name()).applyToken(casCredential);
        } catch (TicketValidationException e) {
            log.error("CAS Ticket 验证失败", e);
            throw new BusinessException("exception.business.casSSOManager.validTicketFailed", new Object[0]);
        }
    }
}
