package org.jasig.cas.support.openid.authentication.principal;

import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.binary.Base64;
import org.jasig.cas.authentication.handler.DefaultPasswordEncoder;
import org.jasig.cas.authentication.handler.PasswordEncoder;
import org.jasig.cas.authentication.principal.AbstractWebApplicationService;
import org.jasig.cas.authentication.principal.Response;
import org.jasig.cas.util.HttpClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/jasig/cas/support/openid/authentication/principal/OpenIdService.class */
public final class OpenIdService extends AbstractWebApplicationService {
    private static final long serialVersionUID = 5776500133123291301L;
    private static final String CONST_PARAM_SERVICE = "openid.return_to";
    private static final KeyGenerator keyGenerator;
    private String identity;
    private final SecretKey sharedSecret;
    private final String signature;
    protected static final Logger LOG = LoggerFactory.getLogger(OpenIdService.class);
    private static final PasswordEncoder ENCODER = new DefaultPasswordEncoder("SHA1");

    static {
        try {
            keyGenerator = KeyGenerator.getInstance("HmacSHA1");
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    protected OpenIdService(String str, String str2, String str3, String str4, String str5) {
        super(str, str2, str3, (HttpClient) null);
        this.identity = str4;
        this.signature = str5;
        this.sharedSecret = keyGenerator.generateKey();
    }

    protected String generateHash(String str) {
        try {
            Mac mac = Mac.getInstance("HmacSHA1");
            mac.init(this.sharedSecret);
            return Base64.encodeBase64String(mac.doFinal(str.getBytes()));
        } catch (Exception e) {
            LOG.error(e.getMessage(), e);
            return Base64.encodeBase64String(ENCODER.encode(str).getBytes());
        }
    }

    public Response getResponse(String str) {
        HashMap hashMap = new HashMap();
        if (str != null) {
            hashMap.put("openid.mode", "id_res");
            hashMap.put("openid.identity", this.identity);
            hashMap.put("openid.assoc_handle", str);
            hashMap.put(CONST_PARAM_SERVICE, getOriginalUrl());
            hashMap.put("openid.signed", "identity,return_to");
            hashMap.put("openid.sig", generateHash("identity=" + this.identity + ",return_to=" + getOriginalUrl()));
        } else {
            hashMap.put("openid.mode", "cancel");
        }
        return Response.getRedirectResponse(getOriginalUrl(), hashMap);
    }

    public boolean logOutOfService(String str) {
        return false;
    }

    public static OpenIdService createServiceFrom(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(CONST_PARAM_SERVICE);
        String parameter2 = httpServletRequest.getParameter("openid.identity");
        String parameter3 = httpServletRequest.getParameter("openid.sig");
        if (parameter2 == null || !StringUtils.hasText(parameter)) {
            return null;
        }
        return new OpenIdService(cleanupUrl(parameter), parameter, httpServletRequest.getParameter("openid.assoc_handle"), parameter2, parameter3);
    }

    public int hashCode() {
        return (31 * ((31 * 1) + (this.identity == null ? 0 : this.identity.hashCode()))) + (this.signature == null ? 0 : this.signature.hashCode());
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (!super.equals(obj) || getClass() != obj.getClass()) {
            return false;
        }
        OpenIdService openIdService = (OpenIdService) obj;
        return this.identity == null ? openIdService.identity == null : this.identity.equals(openIdService.identity);
    }

    public String getIdentity() {
        return this.identity;
    }

    public String getSignature() {
        return this.signature != null ? this.signature : generateHash("identity=" + this.identity + ",return_to=" + getOriginalUrl());
    }
}
