package com.auth0.web;

import com.auth0.Auth0Client;
import com.auth0.Auth0User;
import com.auth0.NonceUtils;
import com.auth0.SessionUtils;
import com.auth0.Tokens;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/auth0/web/Auth0CallbackHandler.class */
public class Auth0CallbackHandler {
    protected String redirectOnSuccess;
    protected String redirectOnFail;
    protected Auth0Config auth0Config;
    protected Auth0Client auth0Client;

    @Autowired
    protected void setAuth0Client(Auth0Client auth0Client) {
        this.auth0Client = auth0Client;
    }

    @Autowired
    protected void setAuth0Config(Auth0Config auth0Config) {
        this.auth0Config = auth0Config;
        this.redirectOnSuccess = auth0Config.getLoginRedirectOnSuccess();
        this.redirectOnFail = auth0Config.getLoginRedirectOnFail();
    }

    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (!isValidRequest(httpServletRequest)) {
            onFailure(httpServletRequest, httpServletResponse, new IllegalStateException("Invalid state or error"));
            return;
        }
        try {
            Tokens fetchTokens = fetchTokens(httpServletRequest);
            store(fetchTokens, this.auth0Client.getUserProfile(fetchTokens), httpServletRequest);
            NonceUtils.removeNonceFromStorage(httpServletRequest);
            onSuccess(httpServletRequest, httpServletResponse);
        } catch (RuntimeException e) {
            onFailure(httpServletRequest, httpServletResponse, e);
        }
    }

    protected void onSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + this.redirectOnSuccess);
    }

    protected void onFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Exception exc) throws ServletException, IOException {
        exc.printStackTrace();
        httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + this.redirectOnFail);
    }

    protected void store(Tokens tokens, Auth0User auth0User, HttpServletRequest httpServletRequest) {
        SessionUtils.setTokens(httpServletRequest, tokens);
        SessionUtils.setAuth0User(httpServletRequest, auth0User);
    }

    protected Tokens fetchTokens(HttpServletRequest httpServletRequest) {
        return this.auth0Client.getTokens(httpServletRequest.getParameter("code"), httpServletRequest.getRequestURL().toString());
    }

    protected boolean isValidRequest(HttpServletRequest httpServletRequest) throws IOException {
        return !hasError(httpServletRequest) && isValidState(httpServletRequest);
    }

    protected boolean hasError(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter("error") != null;
    }

    protected boolean isValidState(HttpServletRequest httpServletRequest) {
        return NonceUtils.matchesNonceInStorage(httpServletRequest, httpServletRequest.getParameter("state"));
    }
}
