package org.riversun.oauth2.google;

import com.google.api.client.http.HttpResponseException;
import java.io.IOException;
import java.util.List;
import java.util.logging.Logger;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:org/riversun/oauth2/google/OAuthFilter.class */
public abstract class OAuthFilter implements Filter {
    private static final Logger LOGGER = Logger.getLogger(OAuthFilter.class.getName());
    private static final String OAUTH2_SCOPE_OPENID = "openid";

    public final void init(FilterConfig filterConfig) throws ServletException {
        LOGGER.fine("");
        OAuthCommon.SCOPES.clear();
        OAuthCommon.SCOPES.add(OAUTH2_SCOPE_OPENID);
        OAuthCommon.SCOPES.addAll(getScopes());
    }

    protected abstract String getAuthRedirectUrl();

    protected abstract List<String> getScopes();

    protected boolean isAutoHandleRefreshTokenRevocation() {
        return true;
    }

    protected boolean isAuthenticateEverytime() {
        return true;
    }

    protected boolean isForceHttps() {
        return false;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {
        LOGGER.fine("");
        OAuthHandler forceUseHttps = new OAuthHandler(getAuthRedirectUrl()).setForceUseHttps(isForceHttps());
        if (!isOAuth2Done(servletRequest, servletResponse)) {
            forceUseHttps.doOAuth2Flow(servletRequest, servletResponse, false);
            return;
        }
        LOGGER.fine("OAuth2 already passed");
        try {
            filterChain.doFilter(servletRequest, servletResponse);
        } catch (HttpResponseException e) {
            if (forceUseHttps.isRevocationRelatedException(e)) {
                LOGGER.warning("Refresh token not found or revoked.Force show authorization page.");
                forceUseHttps.doOAuth2Flow(servletRequest, servletResponse, true);
            }
        }
    }

    private boolean isOAuth2Done(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
        HttpSession session = ((HttpServletRequest) servletRequest).getSession();
        boolean z = session.getAttribute("org.riversun.goauth.session_key_oauth2_done") != null;
        LOGGER.fine("isOAuth2Done=" + z);
        if (!z) {
            return false;
        }
        if (!isAuthenticateEverytime()) {
            return true;
        }
        session.setAttribute("org.riversun.goauth.session_key_oauth2_done", (Object) null);
        return true;
    }

    public void destroy() {
    }
}
