package io.sgr.oauth.server.authserver.j2ee;

import io.sgr.oauth.core.exceptions.InvalidClientException;
import io.sgr.oauth.core.exceptions.InvalidRequestException;
import io.sgr.oauth.core.exceptions.InvalidScopeException;
import io.sgr.oauth.core.exceptions.ServerErrorException;
import io.sgr.oauth.core.exceptions.UnsupportedResponseTypeException;
import io.sgr.oauth.core.utils.Preconditions;
import io.sgr.oauth.core.v20.OAuthError;
import io.sgr.oauth.server.authserver.core.AuthorizationDetail;
import io.sgr.oauth.server.authserver.core.AuthorizationServer;
import io.sgr.oauth.server.authserver.j2ee.utils.OAuthV2WebConstants;
import io.sgr.oauth.server.authserver.j2ee.utils.ServletBasedAuthorizationRequestParser;
import java.io.IOException;
import java.util.Locale;
import java.util.UUID;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:io/sgr/oauth/server/authserver/j2ee/GenericOAuthV2AuthServlet.class */
public abstract class GenericOAuthV2AuthServlet extends HttpServlet {
    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String currentUserId = getCurrentUserId(httpServletRequest, httpServletResponse);
        if (Preconditions.isEmptyString(currentUserId)) {
            onUserNotSignedIn(httpServletRequest, httpServletResponse);
            return;
        }
        try {
            AuthorizationDetail preAuthorization = getAuthorizationServer().preAuthorization(httpServletRequest, ServletBasedAuthorizationRequestParser.instance(), currentUserId, getUserLocale(httpServletRequest, httpServletResponse));
            if (preAuthorization == null) {
                throw new ServerErrorException("Unable to check authorization request");
            }
            if (preAuthorization.isAlreadyAuthorized()) {
                afterAuthorized(true, preAuthorization, httpServletRequest, httpServletResponse);
                return;
            }
            HttpSession session = httpServletRequest.getSession(true);
            session.setAttribute(OAuthV2WebConstants.SESSION_ATTRS_KEY_AUTH_DETAIL, preAuthorization);
            session.setAttribute("csrf_token", UUID.randomUUID().toString().replaceAll("-", ""));
            displayUserAuthorizePage(preAuthorization, httpServletRequest, httpServletResponse);
        } catch (InvalidClientException e) {
            onInvalidClient(e.getError(), httpServletRequest, httpServletResponse);
        } catch (ServerErrorException e2) {
            onServerError(e2.getError(), httpServletRequest, httpServletResponse);
        } catch (InvalidRequestException | InvalidScopeException | UnsupportedResponseTypeException e3) {
            onBadOAuthRequest(e3.getError(), httpServletRequest, httpServletResponse);
        }
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        if (Preconditions.isEmptyString(getCurrentUserId(httpServletRequest, httpServletResponse))) {
            onUserNotSignedIn(httpServletRequest, httpServletResponse);
            return;
        }
        HttpSession session = httpServletRequest.getSession(true);
        String parameter = httpServletRequest.getParameter("csrf_token");
        if (Preconditions.isEmptyString(parameter) || !parameter.equals(session.getAttribute("csrf_token"))) {
            session.removeAttribute("csrf_token");
            onBadOAuthRequest(new OAuthError("csrf_token_mismatch", "CSRF token mismatch!"), httpServletRequest, httpServletResponse);
            return;
        }
        session.removeAttribute("csrf_token");
        Object attribute = session.getAttribute(OAuthV2WebConstants.SESSION_ATTRS_KEY_AUTH_DETAIL);
        if (!(attribute instanceof AuthorizationDetail)) {
            session.removeAttribute(OAuthV2WebConstants.SESSION_ATTRS_KEY_AUTH_DETAIL);
            onBadOAuthRequest(new OAuthError("bad_oauth_request", "Bad OAuth request"), httpServletRequest, httpServletResponse);
        } else {
            session.removeAttribute(OAuthV2WebConstants.SESSION_ATTRS_KEY_AUTH_DETAIL);
            String parameter2 = httpServletRequest.getParameter(OAuthV2WebConstants.REQ_PARAMS_KEY_APPROVED);
            afterAuthorized(!Preconditions.isEmptyString(parameter2) && Boolean.parseBoolean(parameter2), (AuthorizationDetail) attribute, httpServletRequest, httpServletResponse);
        }
    }

    private void afterAuthorized(boolean z, AuthorizationDetail authorizationDetail, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            String postAuthorization = getAuthorizationServer().postAuthorization(z, authorizationDetail);
            if (Preconditions.isEmptyString(postAuthorization)) {
                throw new ServerErrorException("Unable to authorize");
            }
            httpServletResponse.setHeader("Location", postAuthorization);
            httpServletResponse.sendError(302);
        } catch (UnsupportedResponseTypeException e) {
            onBadOAuthRequest(e.getError(), httpServletRequest, httpServletResponse);
        } catch (ServerErrorException e2) {
            onServerError(e2.getError(), httpServletRequest, httpServletResponse);
        }
    }

    protected abstract void displayUserAuthorizePage(AuthorizationDetail authorizationDetail, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException;

    protected abstract String getCurrentUserId(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException;

    protected abstract Locale getUserLocale(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse);

    protected abstract void onUserNotSignedIn(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException;

    protected abstract void onBadOAuthRequest(OAuthError oAuthError, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException;

    protected abstract void onInvalidClient(OAuthError oAuthError, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException;

    protected abstract void onServerError(OAuthError oAuthError, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException;

    protected abstract AuthorizationServer getAuthorizationServer();
}
