package com.ibm.sbt.security.authentication.oauth.consumer.servlet;

import com.ibm.commons.runtime.Context;
import com.ibm.commons.util.profiler.Profiler;
import com.ibm.commons.util.profiler.ProfilerAggregator;
import com.ibm.commons.util.profiler.ProfilerType;
import com.ibm.sbt.core.configuration.Configuration;
import com.ibm.sbt.security.authentication.oauth.consumer.AccessToken;
import com.ibm.sbt.security.authentication.oauth.consumer.OAuth2Handler;
import com.ibm.sbt.security.credential.store.CredentialStore;
import com.ibm.sbt.security.credential.store.CredentialStoreFactory;
import com.ibm.sbt.service.core.handlers.AbstractServiceHandler;
import com.ibm.sbt.services.util.AnonymousCredentialStore;
import java.io.IOException;
import java.text.MessageFormat;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:WEB-INF/lib/com.ibm.sbt.core-1.1.7.20150908-1400.jar:com/ibm/sbt/security/authentication/oauth/consumer/servlet/OA2Callback.class */
public class OA2Callback extends AbstractServiceHandler {
    public static final String URL_PATH = "oauth20_cb";
    OAuth2Handler oAuthHandler;
    private static final ProfilerType profilerAcquireToken = new ProfilerType("OAuth2.0: Acquire a token from the service");
    private static final String sourceClass = OA2Callback.class.getName();
    private static final Logger logger = Logger.getLogger(sourceClass);

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        Context context = Context.get();
        OAuth2Handler oAuth2Handler = (OAuth2Handler) context.getSessionMap().get(Configuration.OAUTH2_HANDLER);
        if (oAuth2Handler == null) {
            logger.info(MessageFormat.format("Unable to retrieve OAuth2.0 handler for redirect request to {0}. Please check you are accessing the application using the same hostname used in the OAuth 2.0 redirect URI.", httpServletRequest.getRequestURL()));
            return;
        }
        oAuth2Handler.setAuthorization_code(extractAuthorizationToken(httpServletRequest));
        try {
            oAuth2Handler.getAccessTokenForAuthorizedUser();
            AccessToken createToken = oAuth2Handler.createToken(oAuth2Handler.getAppId(), oAuth2Handler.getServiceName());
            oAuth2Handler.setAccessTokenObject(createToken);
            if (context.isCurrentUserAnonymous()) {
                AnonymousCredentialStore.storeCredentials(context, createToken, oAuth2Handler.getAppId(), oAuth2Handler.getServiceName());
            } else {
                CredentialStore credentialStore = CredentialStoreFactory.getCredentialStore(oAuth2Handler.getCredentialStore());
                if (credentialStore != null) {
                    credentialStore.store(oAuth2Handler.getServiceName(), OAuth2Handler.ACCESS_TOKEN_STORE_TYPE, context.getCurrentUserId(), createToken);
                }
            }
            Context.get().sendRedirect(oAuth2Handler.getApplicationPage());
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private String extractAuthorizationToken(HttpServletRequest httpServletRequest) {
        if (!Profiler.isEnabled()) {
            return _extractAuthorizationToken(httpServletRequest);
        }
        ProfilerAggregator startProfileBlock = Profiler.startProfileBlock(profilerAcquireToken, "");
        long currentTime = Profiler.getCurrentTime();
        try {
            return _extractAuthorizationToken(httpServletRequest);
        } finally {
            Profiler.endProfileBlock(startProfileBlock, currentTime);
        }
    }

    private String _extractAuthorizationToken(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(Configuration.OAUTH2_CODE);
    }
}
