package org.geoserver.security.cas;

import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.HashMap;
import java.util.List;

/* loaded from: input_file:org/geoserver/security/cas/CasFormAuthenticationHelper.class */
public class CasFormAuthenticationHelper extends CasAuthenticationHelper {
    public static final String CAS_4_0_USER = "casuser";
    public static final String CAS_4_0_PW = "Mellon";
    String username;
    String password;

    public CasFormAuthenticationHelper(URL url, String str, String str2) {
        super(url);
        this.username = str;
        this.password = str2;
    }

    public boolean ssoLogin() throws IOException {
        URL createURLFromCasURI = createURLFromCasURI("/login");
        HttpURLConnection httpURLConnection = (HttpURLConnection) createURLFromCasURI.openConnection();
        String readResponse = readResponse(httpURLConnection);
        String extractFormParameter = extractFormParameter(readResponse, "\"lt\"");
        if (extractFormParameter == null) {
            throw new IOException(" No login ticket for: " + createURLFromCasURI.toString());
        }
        String extractFormParameter2 = extractFormParameter(readResponse, "\"execution\"");
        if (extractFormParameter2 == null) {
            throw new IOException(" No hidden execution field for: " + createURLFromCasURI.toString());
        }
        String httpCookie = getCookieNamed(getCookies(httpURLConnection), "JSESSIONID").toString();
        HashMap hashMap = new HashMap();
        hashMap.put("username", this.username);
        hashMap.put("password", this.password);
        hashMap.put("lt", extractFormParameter);
        hashMap.put("_eventId", "submit");
        hashMap.put("submit", "LOGIN");
        hashMap.put("execution", extractFormParameter2);
        HttpURLConnection httpURLConnection2 = (HttpURLConnection) createURLFromCasURI.openConnection();
        httpURLConnection2.setRequestMethod("POST");
        httpURLConnection2.setDoOutput(true);
        httpURLConnection2.setDoInput(true);
        httpURLConnection2.setRequestProperty("Cookie", httpCookie);
        writeParamsForPostAndSend(httpURLConnection2, hashMap);
        List cookies = getCookies(httpURLConnection2);
        readResponse(httpURLConnection2);
        extractCASCookies(cookies, httpURLConnection2);
        return this.ticketGrantingCookie != null && this.ticketGrantingCookie.getValue().startsWith("TGT-");
    }

    protected String extractFormParameter(String str, String str2) {
        int indexOf = str.indexOf("\"", str.indexOf(str2) + str2.length());
        return str.substring(indexOf + 1, str.indexOf("\"", indexOf + 1));
    }
}
