package org.rapidoid.oauth;

import java.util.Map;
import org.apache.oltu.oauth2.client.OAuthClient;
import org.apache.oltu.oauth2.client.URLConnectionClient;
import org.apache.oltu.oauth2.client.request.OAuthBearerClientRequest;
import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
import org.apache.oltu.oauth2.client.response.GitHubTokenResponse;
import org.apache.oltu.oauth2.client.response.OAuthJSONAccessTokenResponse;
import org.apache.oltu.oauth2.client.response.OAuthResourceResponse;
import org.apache.oltu.oauth2.common.message.types.GrantType;
import org.rapidoid.config.ConfigEntry;
import org.rapidoid.ctx.Ctxs;
import org.rapidoid.ctx.UserInfo;
import org.rapidoid.http.Handler;
import org.rapidoid.http.HttpExchange;
import org.rapidoid.jackson.JSON;
import org.rapidoid.log.Log;
import org.rapidoid.util.U;
import org.rapidoid.util.UTILS;

/* loaded from: input_file:org/rapidoid/oauth/OAuthTokenHandler.class */
public class OAuthTokenHandler implements Handler {
    private final OAuthProvider provider;
    private final ConfigEntry oauthDomain;
    private final OAuthStateCheck stateCheck;
    private final ConfigEntry clientId;
    private final ConfigEntry clientSecret;
    private final String callbackPath;

    public OAuthTokenHandler(OAuthProvider oAuthProvider, ConfigEntry configEntry, OAuthStateCheck oAuthStateCheck, ConfigEntry configEntry2, ConfigEntry configEntry3, String str) {
        this.provider = oAuthProvider;
        this.oauthDomain = configEntry;
        this.stateCheck = oAuthStateCheck;
        this.clientId = configEntry2;
        this.clientSecret = configEntry3;
        this.callbackPath = str;
    }

    public Object handle(HttpExchange httpExchange) throws Exception {
        String param = httpExchange.param("code");
        String param2 = httpExchange.param("state");
        Log.debug("Received OAuth code", "code", param, "state", param2);
        if (param == null || U.isEmpty(param2)) {
            String param3 = httpExchange.param("error");
            if (param3 == null) {
                throw U.rte("Invalid OAuth request!");
            }
            Log.warn("OAuth error", "error", param3);
            throw U.rte("OAuth error!");
        }
        String str = (String) this.clientId.get();
        String str2 = (String) this.clientSecret.get();
        char charAt = param2.charAt(0);
        U.must(charAt == 'P' || charAt == 'N', "Invalid OAuth state prefix!");
        U.must(this.stateCheck.isValidState(param2.substring(1), str2, httpExchange.sessionId()), "Invalid OAuth state!");
        Log.debug("OAuth validated", "popup", Boolean.valueOf(charAt == 'P'));
        String str3 = (String) this.oauthDomain.get();
        OAuthClientRequest.TokenRequestBuilder code = OAuthClientRequest.tokenLocation(this.provider.getTokenEndpoint()).setGrantType(GrantType.AUTHORIZATION_CODE).setClientId(str).setClientSecret(str2).setRedirectURI(str3 != null ? str3 + this.callbackPath : httpExchange.constructUrl(this.callbackPath)).setCode(param);
        OAuthClientRequest buildBodyMessage = paramsInBody() ? code.buildBodyMessage() : code.buildBodyMessage();
        OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
        String str4 = token(buildBodyMessage, oAuthClient);
        OAuthResourceResponse resource = oAuthClient.resource(new OAuthBearerClientRequest(UTILS.fillIn(this.provider.getProfileEndpoint(), "token", str4)).setAccessToken(str4).buildQueryMessage(), "GET", OAuthResourceResponse.class);
        U.must(resource.getResponseCode() == 200, "OAuth response error!");
        Map parseMap = JSON.parseMap(resource.getBody());
        String str5 = (String) U.or(parseMap.get("firstName"), U.or(parseMap.get("first_name"), parseMap.get("given_name")));
        String str6 = (String) U.or(parseMap.get("lastName"), U.or(parseMap.get("last_name"), parseMap.get("family_name")));
        UserInfo userInfo = new UserInfo();
        userInfo.name = (String) U.or((String) parseMap.get("name"), str5 + " " + str6);
        userInfo.oauthProvider = this.provider.getName();
        userInfo.email = (String) U.or(parseMap.get("email"), parseMap.get("emailAddress"));
        userInfo.username = userInfo.email;
        userInfo.oauthId = String.valueOf(parseMap.get("id"));
        Ctxs.ctx().setUser(userInfo);
        userInfo.saveTo(httpExchange.cookiepack());
        return httpExchange.goBack(1);
    }

    private String token(OAuthClientRequest oAuthClientRequest, OAuthClient oAuthClient) throws Exception {
        String name = this.provider.getName();
        return (name.equalsIgnoreCase("facebook") || name.equalsIgnoreCase("github")) ? oAuthClient.accessToken(oAuthClientRequest, GitHubTokenResponse.class).getAccessToken() : oAuthClient.accessToken(oAuthClientRequest, OAuthJSONAccessTokenResponse.class).getAccessToken();
    }

    private boolean paramsInBody() {
        return this.provider.getName().equalsIgnoreCase("google");
    }
}
