package org.fcrepo.auth.oauth.api;

import java.net.URI;
import java.net.URISyntaxException;
import java.util.Set;
import javax.annotation.PostConstruct;
import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.oltu.oauth2.as.issuer.MD5Generator;
import org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl;
import org.apache.oltu.oauth2.as.request.OAuthAuthzRequest;
import org.apache.oltu.oauth2.as.response.OAuthASResponse;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.OAuthResponse;
import org.apache.oltu.oauth2.common.message.types.ResponseType;
import org.apache.oltu.oauth2.common.utils.OAuthUtils;
import org.fcrepo.AbstractResource;
import org.fcrepo.auth.oauth.Constants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;

@Path("/authorization")
@Component
/* loaded from: input_file:org/fcrepo/auth/oauth/api/AuthzEndpoint.class */
public class AuthzEndpoint extends AbstractResource {
    private static final Logger LOGGER = LoggerFactory.getLogger(AuthzEndpoint.class);

    @GET
    public Response getAuthorization(@Context HttpServletRequest httpServletRequest) throws URISyntaxException, OAuthSystemException, RepositoryException {
        OAuthIssuerImpl oAuthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
        try {
            OAuthAuthzRequest oAuthAuthzRequest = new OAuthAuthzRequest(httpServletRequest);
            String param = oAuthAuthzRequest.getParam("response_type");
            OAuthASResponse.OAuthAuthorizationResponseBuilder authorizationResponse = OAuthASResponse.authorizationResponse(httpServletRequest, 302);
            if (param.equals(ResponseType.CODE.toString())) {
                String authorizationCode = oAuthIssuerImpl.authorizationCode();
                LOGGER.debug("Created authorization code: {}", authorizationCode);
                saveAuthCode(authorizationCode, oAuthAuthzRequest.getScopes(), oAuthAuthzRequest.getClientId());
                authorizationResponse.setCode(authorizationCode);
            }
            if (param.equals(ResponseType.TOKEN.toString())) {
                authorizationResponse.setAccessToken(oAuthIssuerImpl.accessToken());
                authorizationResponse.setExpiresIn(Constants.EXPIRATION_TIMEOUT);
            }
            OAuthResponse buildQueryMessage = authorizationResponse.location(oAuthAuthzRequest.getParam("redirect_uri")).buildQueryMessage();
            return Response.status(buildQueryMessage.getResponseStatus()).location(new URI(buildQueryMessage.getLocationUri())).build();
        } catch (OAuthProblemException e) {
            Response.ResponseBuilder status = Response.status(302);
            String redirectUri = e.getRedirectUri();
            if (OAuthUtils.isEmpty(redirectUri)) {
                throw new WebApplicationException(status.entity("OAuth callback url needs to be provided by client!").build());
            }
            return status.location(new URI(OAuthResponse.errorResponse(302).error(e).location(redirectUri).buildQueryMessage().getLocationUri())).build();
        }
    }

    private void saveAuthCode(String str, Set<String> set, String str2) throws RepositoryException {
        Session session = this.sessions.getSession(Constants.OAUTH_WORKSPACE);
        try {
            Node findOrCreateNode = jcrTools.findOrCreateNode(session, "/authorization-codes/" + str);
            findOrCreateNode.setProperty(Constants.CLIENT_PROPERTY, str2);
            findOrCreateNode.setProperty(Constants.SCOPES_PROPERTY, (String[]) set.toArray(new String[0]));
            session.save();
            session.logout();
        } catch (Throwable th) {
            session.logout();
            throw th;
        }
    }

    @PostConstruct
    public void init() throws RepositoryException {
        Util.createOauthWorkspace(this.sessions);
    }
}
