package org.jasig.cas.authentication.handler.support;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jasig.cas.authentication.handler.AuthenticationHandler;
import org.jasig.cas.authentication.principal.Credentials;
import org.jasig.cas.authentication.principal.HttpBasedServiceCredentials;
import org.jasig.cas.util.HttpClient;

/* loaded from: input_file:org/jasig/cas/authentication/handler/support/HttpBasedServiceCredentialsAuthenticationHandler.class */
public final class HttpBasedServiceCredentialsAuthenticationHandler implements AuthenticationHandler {
    private static final String PROTOCOL_HTTPS = "https";
    private boolean requireSecure = true;
    private final Log log = LogFactory.getLog(getClass());
    private HttpClient httpClient;

    @Override // org.jasig.cas.authentication.handler.AuthenticationHandler
    public boolean authenticate(Credentials credentials) {
        HttpBasedServiceCredentials httpBasedServiceCredentials = (HttpBasedServiceCredentials) credentials;
        if (!this.requireSecure || httpBasedServiceCredentials.getCallbackUrl().getProtocol().equals(PROTOCOL_HTTPS)) {
            this.log.debug("Attempting to resolve credentials for " + httpBasedServiceCredentials);
            return this.httpClient.isValidEndPoint(httpBasedServiceCredentials.getCallbackUrl());
        }
        if (!this.log.isDebugEnabled()) {
            return false;
        }
        this.log.debug("Authentication failed because url was not secure.");
        return false;
    }

    @Override // org.jasig.cas.authentication.handler.AuthenticationHandler
    public boolean supports(Credentials credentials) {
        return credentials != null && HttpBasedServiceCredentials.class.isAssignableFrom(credentials.getClass());
    }

    public void setHttpClient(HttpClient httpClient) {
        this.httpClient = httpClient;
    }

    public void setRequireSecure(boolean z) {
        this.requireSecure = z;
    }
}
