package org.everit.authentication.oauth2.ri.core;

import java.io.IOException;
import java.util.Objects;
import java.util.Optional;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.everit.authentication.http.session.AuthenticationSessionAttributeNames;
import org.everit.authentication.oauth2.AccessTokenResponse;
import org.everit.authentication.oauth2.OAuth2Communicator;
import org.everit.authentication.oauth2.ri.OAuth2SessionAttributeNames;
import org.everit.resource.resolver.ResourceIdResolver;
import org.everit.web.servlet.HttpServlet;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/everit/authentication/oauth2/ri/core/OAuth2AuthenticationServlet.class */
public class OAuth2AuthenticationServlet extends HttpServlet {
    private static final Logger LOGGER = LoggerFactory.getLogger(OAuth2AuthenticationServlet.class);
    private final AuthenticationSessionAttributeNames authenticationSessionAttributeNames;
    private final String failedUrl;
    private final OAuth2Communicator oauth2Communicator;
    private final OAuth2SessionAttributeNames oAuth2SessionAttributeNames;
    private final String processRequestTokenPathInfo;
    private final ResourceIdResolver resourceIdResolver;
    private final String successUrl;

    public OAuth2AuthenticationServlet(String str, String str2, String str3, OAuth2Communicator oAuth2Communicator, ResourceIdResolver resourceIdResolver, AuthenticationSessionAttributeNames authenticationSessionAttributeNames, OAuth2SessionAttributeNames oAuth2SessionAttributeNames) {
        this.successUrl = (String) Objects.requireNonNull(str, "successUrl cannot be null");
        this.failedUrl = (String) Objects.requireNonNull(str2, "failedUrl cannot be null");
        this.processRequestTokenPathInfo = (String) Objects.requireNonNull(str3, "processRequestTokenPathInfo cannot be null");
        this.oauth2Communicator = (OAuth2Communicator) Objects.requireNonNull(oAuth2Communicator, "oauth2Communicator cannot be null");
        this.resourceIdResolver = (ResourceIdResolver) Objects.requireNonNull(resourceIdResolver, "resourceIdResolver cannot be null");
        this.authenticationSessionAttributeNames = (AuthenticationSessionAttributeNames) Objects.requireNonNull(authenticationSessionAttributeNames, "authenticationSessionAttributeNames cannot be null");
        this.oAuth2SessionAttributeNames = (OAuth2SessionAttributeNames) Objects.requireNonNull(oAuth2SessionAttributeNames, "oAuth2SessionAttributeNames cannot be null");
    }

    private String buildRedirectURL(HttpServletRequest httpServletRequest) {
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo == null || !pathInfo.equals(this.processRequestTokenPathInfo)) {
            requestURL.append(this.processRequestTokenPathInfo);
        }
        return requestURL.toString();
    }

    private void processRequestToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Optional accessToken = this.oauth2Communicator.getAccessToken(httpServletRequest, buildRedirectURL(httpServletRequest));
        if (!accessToken.isPresent()) {
            redirectToFailedUrl(httpServletResponse, "Failed to retrieve access token.");
            return;
        }
        AccessTokenResponse accessTokenResponse = (AccessTokenResponse) accessToken.get();
        HttpSession session = httpServletRequest.getSession();
        storeSessionAttributes(session, accessTokenResponse);
        Optional uniqueUserId = this.oauth2Communicator.getUniqueUserId(accessTokenResponse);
        if (!uniqueUserId.isPresent()) {
            redirectToFailedUrl(httpServletResponse, "Failed to retrieve unique user ID.");
            return;
        }
        String str = (String) uniqueUserId.get();
        Optional resourceId = this.resourceIdResolver.getResourceId(str);
        if (!resourceId.isPresent()) {
            redirectToFailedUrl(httpServletResponse, "Unique user ID '" + str + "' cannot be mapped to Resource ID");
            return;
        }
        session.setAttribute(this.authenticationSessionAttributeNames.authenticatedResourceId(), Long.valueOf(((Long) resourceId.get()).longValue()));
        httpServletResponse.sendRedirect(this.successUrl);
    }

    private void redirectToFailedUrl(HttpServletResponse httpServletResponse, String str) throws IOException {
        LOGGER.info(str);
        httpServletResponse.setStatus(401);
        httpServletResponse.sendRedirect(this.failedUrl);
    }

    private void redirectToOAuthAuthorization(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.sendRedirect(this.oauth2Communicator.buildAuthorizationURL(buildRedirectURL(httpServletRequest)));
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo == null) {
            redirectToOAuthAuthorization(httpServletRequest, httpServletResponse);
        } else if (pathInfo.equals(this.processRequestTokenPathInfo)) {
            processRequestToken(httpServletRequest, httpServletResponse);
        }
    }

    private void storeSessionAttributes(HttpSession httpSession, AccessTokenResponse accessTokenResponse) {
        httpSession.setAttribute(this.oAuth2SessionAttributeNames.providerName(), this.oauth2Communicator.getProviderName());
        httpSession.setAttribute(this.oAuth2SessionAttributeNames.accessToken(), accessTokenResponse.getAccessToken());
        httpSession.setAttribute(this.oAuth2SessionAttributeNames.expiresIn(), accessTokenResponse.getExpiresIn());
        httpSession.setAttribute(this.oAuth2SessionAttributeNames.refreshToken(), accessTokenResponse.getRefreshToken());
        httpSession.setAttribute(this.oAuth2SessionAttributeNames.scope(), accessTokenResponse.getScope());
        httpSession.setAttribute(this.oAuth2SessionAttributeNames.accessTokenType(), accessTokenResponse.getAccessTokenType());
    }
}
