package edu.uiuc.ncsa.myproxy.oa4mp.oauth2.servlet;

import edu.uiuc.ncsa.myproxy.MPSingleConnectionProvider;
import edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2ServiceTransaction;
import edu.uiuc.ncsa.myproxy.oa4mp.oauth2.claims.OA2ClaimsUtil;
import edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.AbstractAuthorizationServlet;
import edu.uiuc.ncsa.security.core.exceptions.NotImplementedException;
import edu.uiuc.ncsa.security.delegation.server.ServiceTransaction;
import edu.uiuc.ncsa.security.delegation.token.AccessToken;
import edu.uiuc.ncsa.security.oauth_2_0.OA2GeneralError;
import edu.uiuc.ncsa.security.servlet.PresentableState;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.GeneralSecurityException;
import java.util.Date;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import net.sf.json.JSONObject;
import org.apache.commons.lang.StringEscapeUtils;

/* loaded from: input_file:edu/uiuc/ncsa/myproxy/oa4mp/oauth2/servlet/OA2AuthorizationServer.class */
public class OA2AuthorizationServer extends AbstractAuthorizationServlet {
    public String AUTHORIZATION_REFRESH_TOKEN_LIFETIME_KEY = "AuthRTL";
    public String AUTHORIZED_ENDPOINT = "/authorized";
    public String AUTHORIZATION_REFRESH_TOKEN_LIFETIME_VALUE = OA2RegistrationServlet.REFRESH_TOKEN_LIFETIME;

    /* loaded from: input_file:edu/uiuc/ncsa/myproxy/oa4mp/oauth2/servlet/OA2AuthorizationServer$MyHttpServletResponseWrapper.class */
    static class MyHttpServletResponseWrapper extends HttpServletResponseWrapper {
        private StringWriter sw;
        int internalStatus;
        boolean exceptionEncountered;

        public MyHttpServletResponseWrapper(HttpServletResponse httpServletResponse) {
            super(httpServletResponse);
            this.sw = new StringWriter();
            this.internalStatus = 0;
            this.exceptionEncountered = false;
        }

        public void setStatus(int i) {
            this.internalStatus = i;
            super.setStatus(i);
            if (200 > i || i >= 300) {
                setExceptionEncountered(true);
            }
        }

        public int getStatus() {
            return this.internalStatus;
        }

        public PrintWriter getWriter() throws IOException {
            return new PrintWriter(this.sw);
        }

        public ServletOutputStream getOutputStream() throws IOException {
            throw new UnsupportedOperationException();
        }

        public String toString() {
            return this.sw.toString();
        }

        boolean isExceptionEncountered() {
            return this.exceptionEncountered;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public void setExceptionEncountered(boolean z) {
            this.exceptionEncountered = z;
        }
    }

    protected AccessToken getAccessToken(HttpServletRequest httpServletRequest) {
        throw new NotImplementedException("No access token is available");
    }

    protected String scopesToString(OA2ServiceTransaction oA2ServiceTransaction) {
        String str = "";
        Iterator<String> it = oA2ServiceTransaction.getScopes().iterator();
        while (it.hasNext()) {
            str = str + it.next() + " ";
        }
        return str;
    }

    protected void setClientRequestAttributes(AbstractAuthorizationServlet.AuthorizedState authorizedState) {
        super.setClientRequestAttributes(authorizedState);
        authorizedState.getRequest().setAttribute("clientScopes", StringEscapeUtils.escapeHtml(scopesToString((OA2ServiceTransaction) authorizedState.getTransaction())));
    }

    protected OA2AuthorizedServletUtil getInitUtil() {
        return new OA2AuthorizedServletUtil(this);
    }

    protected void doIt(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        printAllParameters(httpServletRequest);
        if (getFirstParameters(httpServletRequest).containsKey("response_type")) {
            MyHttpServletResponseWrapper myHttpServletResponseWrapper = new MyHttpServletResponseWrapper(httpServletResponse);
            getInitUtil().doDelegation(httpServletRequest, myHttpServletResponseWrapper);
            if (myHttpServletResponseWrapper.isExceptionEncountered()) {
                throw new OA2GeneralError("invalid_request", myHttpServletResponseWrapper.toString(), myHttpServletResponseWrapper.getStatus());
            }
            JSONObject fromObject = JSONObject.fromObject(myHttpServletResponseWrapper.toString());
            String obj = fromObject.get("code").toString();
            String obj2 = fromObject.get("state").toString();
            httpServletRequest.setAttribute("code", obj);
            httpServletRequest.setAttribute("state", obj2);
        }
        super.doIt(httpServletRequest, httpServletResponse);
    }

    public void prepare(PresentableState presentableState) throws Throwable {
        super.prepare(presentableState);
        if (presentableState.getState() == 0) {
            presentableState.getRequest().setAttribute(this.AUTHORIZATION_REFRESH_TOKEN_LIFETIME_KEY, this.AUTHORIZATION_REFRESH_TOKEN_LIFETIME_KEY);
        }
        if (presentableState.getState() == 1) {
            ((AbstractAuthorizationServlet.AuthorizedState) presentableState).getTransaction().setAuthTime(new Date());
        }
    }

    public void present(PresentableState presentableState) throws Throwable {
        super.present(presentableState);
    }

    protected void createRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServiceTransaction serviceTransaction) throws Throwable {
        String parameter = httpServletRequest.getParameter(this.AUTHORIZATION_REFRESH_TOKEN_LIFETIME_KEY);
        OA2ServiceTransaction oA2ServiceTransaction = (OA2ServiceTransaction) serviceTransaction;
        if (parameter != null) {
            try {
                oA2ServiceTransaction.setRefreshTokenLifetime(Long.parseLong(parameter) * 1000);
            } catch (Throwable th) {
                oA2ServiceTransaction.setRefreshTokenLifetime(0L);
            }
        }
        super.createRedirect(httpServletRequest, httpServletResponse, serviceTransaction);
        new OA2ClaimsUtil(getServiceEnvironment(), oA2ServiceTransaction).processAuthorizationClaims(httpServletRequest, (OA2ServiceTransaction) serviceTransaction);
    }

    public String createCallback(ServiceTransaction serviceTransaction, Map<String, String> map) {
        String uri = serviceTransaction.getCallback().toString();
        try {
            uri = uri + (uri.indexOf("?") == -1 ? "?" : "&") + "code=" + URLEncoder.encode(serviceTransaction.getIdentifierString(), "UTF-8");
            if (map.containsKey("state")) {
                uri = uri + "&state=" + URLEncoder.encode(map.get("state"), "UTF-8");
            }
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }
        return uri;
    }

    protected void doRealCertRequest(ServiceTransaction serviceTransaction, String str) throws Throwable {
    }

    protected void setupMPConnection(ServiceTransaction serviceTransaction, String str, String str2) throws GeneralSecurityException {
        if (!getServiceEnvironment().isTwoFactorSupportEnabled()) {
            createMPConnection(serviceTransaction.getIdentifier(), str, str2, serviceTransaction.getLifetime());
            if (hasMPConnection(serviceTransaction.getIdentifier())) {
                getMPConnection(serviceTransaction.getIdentifier()).close();
                return;
            }
            return;
        }
        AbstractAuthorizationServlet.MyMyProxyLogon myMyProxyLogon = new AbstractAuthorizationServlet.MyMyProxyLogon();
        myMyProxyLogon.setUsername(str);
        myMyProxyLogon.setPassphrase(str2);
        MPSingleConnectionProvider.MyProxyLogonConnection myProxyLogonConnection = new MPSingleConnectionProvider.MyProxyLogonConnection(myMyProxyLogon);
        myProxyLogonConnection.setIdentifier(serviceTransaction.getIdentifier());
        getMyproxyConnectionCache().add(myProxyLogonConnection);
    }
}
