package pl.edu.icm.unity.oauth.client;

import java.io.IOException;
import java.net.URISyntaxException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.http.client.utils.URIBuilder;
import org.apache.logging.log4j.Logger;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.authn.remote.RemoteAuthenticationContextManagement;
import pl.edu.icm.unity.engine.api.authn.remote.SharedRemoteAuthenticationContextStore;

/* loaded from: input_file:pl/edu/icm/unity/oauth/client/ResponseConsumerServlet.class */
public class ResponseConsumerServlet extends HttpServlet {
    private static final Logger log = Log.getLogger("unity.server.oauth", ResponseConsumerServlet.class);
    public static final String PATH = "/oauth2ResponseConsumer";
    private final OAuthContextsManagement contextManagement;
    private final SharedRemoteAuthenticationContextStore remoteAuthnContextStore;

    public ResponseConsumerServlet(OAuthContextsManagement oAuthContextsManagement, SharedRemoteAuthenticationContextStore sharedRemoteAuthenticationContextStore) {
        this.contextManagement = oAuthContextsManagement;
        this.remoteAuthnContextStore = sharedRemoteAuthenticationContextStore;
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String parameter = httpServletRequest.getParameter("state");
        if (parameter == null) {
            log.warn("Got a request to the OAuth response consumer endpoint without state parameter");
            httpServletResponse.sendError(400, "Wrong HTTP request - no state");
            return;
        }
        try {
            OAuthContext andRemoveAuthnContext = this.contextManagement.getAndRemoveAuthnContext(parameter);
            String parameter2 = httpServletRequest.getParameter("error");
            if (parameter2 != null) {
                String parameter3 = httpServletRequest.getParameter("error_description");
                log.warn("Got error OAuth response: " + parameter2);
                andRemoveAuthnContext.setErrorCode(parameter2);
                andRemoveAuthnContext.setErrorDescription(parameter3);
            } else {
                andRemoveAuthnContext.setAuthzCode(httpServletRequest.getParameter("code"));
            }
            this.remoteAuthnContextStore.addAuthnContext(andRemoveAuthnContext);
            log.debug("Received OAuth response for authenticator {} with valid state {}, redirecting to {}", andRemoveAuthnContext.getAuthenticationStepContext().authnOptionId, parameter, andRemoveAuthnContext.getReturnUrl());
            httpServletResponse.sendRedirect(getRedirectWithContextIdParam(andRemoveAuthnContext.getReturnUrl(), parameter));
        } catch (RemoteAuthenticationContextManagement.UnboundRelayStateException e) {
            log.warn("Got a request to the OAuth response consumer endpoint with invalid state parameter");
            httpServletResponse.sendError(400, "Wrong HTTP request - invalid state");
        }
    }

    private String getRedirectWithContextIdParam(String str, String str2) throws IOException {
        try {
            URIBuilder uRIBuilder = new URIBuilder(str);
            uRIBuilder.addParameter("__remote_authn_context_id", str2);
            return uRIBuilder.build().toString();
        } catch (URISyntaxException e) {
            throw new IOException("Can't build return URL", e);
        }
    }
}
