package org.mitre.openid.connect.web;

import com.google.common.collect.ImmutableMap;
import java.security.Principal;
import java.util.Map;
import org.mitre.openid.connect.model.UserInfo;
import org.mitre.openid.connect.service.UserInfoService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;

@Controller
/* loaded from: input_file:WEB-INF/classes/org/mitre/openid/connect/web/UserInfoEndpoint.class */
public class UserInfoEndpoint {

    @Autowired
    private UserInfoService userInfoService;
    private static Logger logger = LoggerFactory.getLogger(UserInfoEndpoint.class);
    private Map<String, String> schemaToViewNameMap = ImmutableMap.of(openIdSchema, jsonUserInfoViewName, pocoSchema, pocoUserInfoViewName);
    private static final String openIdSchema = "openid";
    private static final String pocoSchema = "poco";
    private static final String jsonUserInfoViewName = "jsonUserInfoView";
    private static final String pocoUserInfoViewName = "pocoUserInfoView";

    @RequestMapping(value = {"/userinfo"}, method = {RequestMethod.GET, RequestMethod.POST}, produces = {"application/json"})
    @PreAuthorize("hasRole('ROLE_USER') and #oauth2.hasScope('openid')")
    public String getInfo(Principal principal, @RequestParam("schema") String str, Model model) {
        if (principal == null) {
            logger.error("getInfo failed; no principal. Requester is not authorized.");
            model.addAttribute("code", HttpStatus.FORBIDDEN);
            return "httpCodeView";
        }
        String str2 = this.schemaToViewNameMap.get(str);
        if (str2 == null) {
            logger.error("getInfo failed; unknown User Info schema " + str);
            model.addAttribute("code", HttpStatus.BAD_REQUEST);
            return "httpCodeView";
        }
        String name = principal.getName();
        UserInfo bySubject = this.userInfoService.getBySubject(name);
        if (bySubject == null) {
            logger.error("getInfo failed; user not found: " + name);
            model.addAttribute("code", HttpStatus.NOT_FOUND);
            return "httpCodeView";
        }
        if (principal instanceof OAuth2Authentication) {
            OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) principal;
            model.addAttribute("scope", oAuth2Authentication.getAuthorizationRequest().getScope());
            model.addAttribute("requestObject", oAuth2Authentication.getAuthorizationRequest().getAuthorizationParameters().get("request"));
        }
        model.addAttribute("userInfo", bySubject);
        return str2;
    }

    public Map<String, String> getSchemaToViewNameMap() {
        return this.schemaToViewNameMap;
    }

    public void setSchemaToViewNameMap(Map<String, String> map) {
        this.schemaToViewNameMap = map;
    }
}
