package net.jradius.handler.tlstunnel;

import java.util.HashMap;
import java.util.StringTokenizer;
import net.jradius.dictionary.Attr_EAPType;
import net.jradius.handler.RadiusSessionHandler;
import net.jradius.handler.chain.JRCommand;
import net.jradius.log.RadiusLog;
import net.jradius.packet.RadiusPacket;
import net.jradius.packet.attribute.AttributeList;
import net.jradius.server.JRadiusRequest;
import net.jradius.session.JRadiusSession;
import net.jradius.session.JRadiusSessionManager;
import net.jradius.session.RadiusSessionKeyProvider;
import net.sf.ehcache.Cache;
import net.sf.ehcache.Element;
import org.apache.commons.chain.Catalog;

/* loaded from: input_file:net/jradius/handler/tlstunnel/AuthorizeHandler.class */
public class AuthorizeHandler extends RadiusSessionHandler {
    private HashMap terminatedRealms = new HashMap();
    private Cache tlsTunnels;
    private String anonUserName;
    private String chainName;

    public boolean handle(JRadiusRequest jRadiusRequest) throws Exception {
        RadiusPacket requestPacket = jRadiusRequest.getRequestPacket();
        AttributeList configItems = jRadiusRequest.getConfigItems();
        JRadiusSession session = jRadiusRequest.getSession();
        String str = (String) requestPacket.getAttributeValue(1L);
        String realm = session.getRealm();
        Attr_EAPType findAttribute = requestPacket.findAttribute(1018L);
        if (findAttribute == null) {
            return false;
        }
        String valueString = findAttribute.getValue().getValueString();
        if (session.isSecured()) {
            Catalog catalog = getCatalog();
            if (catalog == null || this.chainName == null) {
                return false;
            }
            JRCommand jRCommand = (JRCommand) catalog.getCommand(this.chainName);
            if (jRCommand != null) {
                return execute(jRCommand, jRadiusRequest);
            }
            RadiusLog.error("There is no command '" + this.chainName + "' in catalog " + getCatalogName());
            return false;
        }
        if (!Attr_EAPType.Identity.equals(valueString) && !Attr_EAPType.NAK.equals(valueString) && !Attr_EAPType.EAPTTLS.equals(valueString) && !Attr_EAPType.PEAP.equals(valueString)) {
            return false;
        }
        if ((this.anonUserName == null || !this.anonUserName.equals(str)) && !this.terminatedRealms.containsKey(realm)) {
            return false;
        }
        RadiusSessionKeyProvider radiusSessionKeyProvider = (RadiusSessionKeyProvider) JRadiusSessionManager.getManager(jRadiusRequest.getSender()).getSessionKeyProvider(jRadiusRequest.getSender());
        session.getLogEntry(jRadiusRequest).setType("tls-tunnel");
        configItems.remove(1048L);
        this.tlsTunnels.put(new Element(radiusSessionKeyProvider.getTunneledRequestKey(jRadiusRequest), session.getSessionKey()));
        RadiusLog.info("EAP-TTLS Termination: username = " + str + ", session = " + session.getSessionKey());
        return true;
    }

    public String getAnonUserName() {
        return this.anonUserName;
    }

    public void setAnonUserName(String str) {
        this.anonUserName = str;
    }

    public void setTerminatedRealms(String str) {
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            this.terminatedRealms.put(nextToken.trim().toLowerCase(), nextToken);
        }
    }

    public String getChainName() {
        return this.chainName;
    }

    public void setChainName(String str) {
        this.chainName = str;
    }

    public void setTlsTunnels(Cache cache) {
        this.tlsTunnels = cache;
    }
}
