package org.apereo.cas.mgmt.authentication;

import java.util.List;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.pac4j.core.config.Config;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.engine.DefaultSecurityLogic;
import org.pac4j.core.engine.decision.AlwaysUseSessionProfileStorageDecision;
import org.pac4j.core.exception.HttpAction;
import org.pac4j.springframework.web.SecurityInterceptor;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.view.RedirectView;

/* loaded from: input_file:WEB-INF/lib/cas-management-webapp-support-5.3.5.jar:org/apereo/cas/mgmt/authentication/CasManagementSecurityInterceptor.class */
public class CasManagementSecurityInterceptor extends SecurityInterceptor {

    /* loaded from: input_file:WEB-INF/lib/cas-management-webapp-support-5.3.5.jar:org/apereo/cas/mgmt/authentication/CasManagementSecurityInterceptor$CasManagementSecurityLogic.class */
    public static class CasManagementSecurityLogic extends DefaultSecurityLogic {
        public CasManagementSecurityLogic() {
            setProfileStorageDecision(new AlwaysUseSessionProfileStorageDecision());
        }

        @Override // org.pac4j.core.engine.DefaultSecurityLogic
        protected HttpAction forbidden(WebContext webContext, List list, List list2, String str) {
            return HttpAction.redirect(webContext, "authorizationFailure");
        }
    }

    public CasManagementSecurityInterceptor(Config config) {
        super(config, getClientNames(config), getAuthorizerNames(config));
        setSecurityLogic(new CasManagementSecurityLogic());
    }

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) {
        if (StringUtils.isEmpty(httpServletRequest.getQueryString()) || !httpServletRequest.getQueryString().contains("ticket")) {
            return;
        }
        RedirectView redirectView = new RedirectView(httpServletRequest.getRequestURL().toString());
        redirectView.setExposeModelAttributes(false);
        redirectView.setExposePathVariables(false);
        modelAndView.setView(redirectView);
    }

    private static String getClientNames(Config config) {
        return (String) config.getClients().getClients().stream().map((v0) -> {
            return v0.getName();
        }).collect(Collectors.joining(","));
    }

    private static String getAuthorizerNames(Config config) {
        return (String) config.getAuthorizers().keySet().stream().collect(Collectors.joining(","));
    }
}
