package org.riversun.oauth2.google;

import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
import com.google.api.client.googleapis.auth.oauth2.GoogleTokenResponse;
import java.io.IOException;
import java.io.Serializable;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:org/riversun/oauth2/google/OAuthCallbackServlet.class */
public abstract class OAuthCallbackServlet extends OAuthBaseServlet {
    private static final Logger LOGGER = Logger.getLogger(OAuthCallbackServlet.class.getName());
    static final String DUMMY_REFRESH_TOKEN = "org.riversun.dummy_refresh_token";
    private final Map<String, String> mTempRefreshTokenMap = new ConcurrentHashMap();

    protected abstract String getAuthRedirectUrl();

    protected void saveRefreshTokenFor(String str, String str2) {
        LOGGER.fine("userId=" + str + " refreshToken=" + str2);
        this.mTempRefreshTokenMap.put(str, str2);
    }

    protected String loadRefreshTokenFor(String str) {
        String str2 = this.mTempRefreshTokenMap.get(str);
        String str3 = str2 == null ? DUMMY_REFRESH_TOKEN : str2;
        LOGGER.fine("userId=" + str + " refreshToken=" + str3);
        return str3;
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        LOGGER.fine("");
        String asString = asString(httpServletRequest, "code");
        String asString2 = asString(httpServletRequest, "state");
        if (asString == null || asString2 == null) {
            LOGGER.warning("The parameter 'code' or 'state' not found!");
            httpServletResponse.sendError(403, "Invalid parameters code=" + asString + " state=" + asString2);
            return;
        }
        LOGGER.fine("code=" + asString);
        String str = (String) sessionScope(httpServletRequest, "org.riversun.goauth.session_key_oauth2_state_token");
        if (str == null || !asString2.equals(str)) {
            LOGGER.warning("stateToken not matched!");
            httpServletResponse.sendError(403, "OAuth2 state token is invalid. stateToken=" + asString2 + " storedStateToken=" + str);
            return;
        }
        LOGGER.fine("stateToken matched state=" + asString2);
        sessionScope(httpServletRequest, "org.riversun.goauth.session_key_oauth2_state_token", null);
        OAuthHandler oAuthHandler = new OAuthHandler(getAuthRedirectUrl());
        GoogleTokenResponse tokenResponseFromCode = oAuthHandler.getTokenResponseFromCode(asString);
        LOGGER.fine("Received tokenResponse=" + tokenResponseFromCode);
        LOGGER.fine("Received refresh_token=" + tokenResponseFromCode.getRefreshToken());
        GoogleIdToken idToken = oAuthHandler.getIdToken(tokenResponseFromCode);
        if (idToken == null) {
            throw new ServletException(new Exception("IdToken verification error"));
        }
        String subject = idToken.getPayload().getSubject();
        sessionScope(httpServletRequest, "org.riversun.goauth.session_key_payload_sub", subject);
        LOGGER.fine("TOKEN_INFO subject(unique userId)=" + subject);
        String refreshToken = tokenResponseFromCode.getRefreshToken();
        if (refreshToken != null) {
            saveRefreshTokenFor(subject, refreshToken);
        }
        String loadRefreshTokenFor = loadRefreshTokenFor(subject);
        LOGGER.fine("use refresh token refreshToken=" + refreshToken);
        Serializable accessToken = tokenResponseFromCode.getAccessToken();
        LOGGER.fine("Since it is necessary to create a new credential, delete the existing credential in the session");
        sessionScope(httpServletRequest, "org.riversun.goauth.session_key_credential", null);
        sessionScope(httpServletRequest, "org.riversun.goauth.session_key_access_token", accessToken);
        if (loadRefreshTokenFor == null || DUMMY_REFRESH_TOKEN.equals(loadRefreshTokenFor)) {
            sessionScope(httpServletRequest, "org.riversun.goauth.session_key_refresh_token", null);
        } else {
            sessionScope(httpServletRequest, "org.riversun.goauth.session_key_refresh_token", loadRefreshTokenFor);
        }
        sessionScope(httpServletRequest, "org.riversun.goauth.session_key_oauth2_done", Boolean.TRUE);
        String str2 = (String) sessionScope(httpServletRequest, "org.riversun.goauth.session_key_redirect_url_after_oauth");
        sessionScope(httpServletRequest, "org.riversun.goauth.session_key_redirect_url_after_oauth", null);
        if (str2 == null || str2.isEmpty()) {
            str2 = httpServletRequest.getContextPath() + "/";
        }
        LOGGER.fine("redirectPath=" + str2);
        httpServletResponse.sendRedirect(str2);
    }

    protected final void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        sendNotSupportedError(httpServletRequest, httpServletResponse);
    }

    protected final void doPut(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        sendNotSupportedError(httpServletRequest, httpServletResponse);
    }

    protected final void doDelete(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        sendNotSupportedError(httpServletRequest, httpServletResponse);
    }

    private final void sendNotSupportedError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.sendError(403, "Not supported");
    }
}
