package org.osivia.cas.adaptors.ldap;

import java.security.GeneralSecurityException;
import java.text.ParseException;
import java.util.Date;
import java.util.Map;
import javax.security.auth.login.FailedLoginException;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.time.DateUtils;
import org.jasig.cas.authentication.HandlerResult;
import org.jasig.cas.authentication.LdapAuthenticationHandler;
import org.jasig.cas.authentication.PreventedException;
import org.jasig.cas.authentication.UsernamePasswordCredential;
import org.ldaptive.auth.Authenticator;

/* loaded from: input_file:WEB-INF/classes/org/osivia/cas/adaptors/ldap/AccountValidityHandler.class */
public class AccountValidityHandler extends LdapAuthenticationHandler {
    public AccountValidityHandler(Authenticator authenticator) {
        super(authenticator);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.jasig.cas.authentication.LdapAuthenticationHandler, org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler
    public HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential usernamePasswordCredential) throws GeneralSecurityException, PreventedException {
        usernamePasswordCredential.setUsername(StringUtils.lowerCase(usernamePasswordCredential.getUsername()));
        HandlerResult authenticateUsernamePasswordInternal = super.authenticateUsernamePasswordInternal(usernamePasswordCredential);
        Map<String, Object> attributes = authenticateUsernamePasswordInternal.getPrincipal().getAttributes();
        Object obj = attributes.get("portalPersonExternal");
        if (obj != null) {
            checkValidity(BooleanUtils.toBooleanObject(obj.toString()), attributes.get("portalPersonValidity"));
        }
        return authenticateUsernamePasswordInternal;
    }

    public void checkValidity(Boolean bool, Object obj) throws FailedLoginException {
        if (bool.booleanValue()) {
            throw new FailedLoginException("Invalid account (external)");
        }
        if (obj != null) {
            try {
                if (DateUtils.parseDate(obj.toString().substring(0, 8), "yyyyMMdd").before(new Date())) {
                    throw new FailedLoginException("Account has expired");
                }
            } catch (ParseException e) {
                throw new FailedLoginException("Invalid expiration date");
            }
        }
    }
}
