package com.wadpam.gaelic.oauth.web;

import com.wadpam.gaelic.appengine.DomainNamespaceFilter;
import com.wadpam.gaelic.exception.ForbiddenException;
import com.wadpam.gaelic.exception.NotFoundException;
import com.wadpam.gaelic.exception.RestException;
import com.wadpam.gaelic.json.RestResponse;
import com.wadpam.gaelic.oauth.dao.GeneratedDConnectionDao;
import com.wadpam.gaelic.oauth.domain.DConnection;
import com.wadpam.gaelic.oauth.service.ConnectionService;
import com.wadpam.gaelic.oauth.service.OAuth2Service;
import com.wadpam.gaelic.security.DomainSecurityInterceptor;
import com.wadpam.gaelic.security.SecurityDetails;
import com.wadpam.gaelic.security.SecurityDetailsService;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/wadpam/gaelic/oauth/web/OAuth2Interceptor.class */
public class OAuth2Interceptor extends DomainSecurityInterceptor implements SecurityDetailsService {
    private ConnectionService connectionService;
    private boolean autoRegister = true;
    private boolean verifyLocally = true;
    private boolean verifyRemotely = false;
    private String providerId = OAuth2Service.PROVIDER_ID_FACEBOOK;
    private OAuth2Service oauth2Service = null;

    public OAuth2Interceptor() {
        setAuthenticationMechanism("OAuth ");
        setSecurityDetailsService(this);
    }

    public String isAuthenticated(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, String str, String str2, String str3) {
        RestResponse<DConnection> registerFederated;
        String isAuthenticated = super.isAuthenticated(httpServletRequest, httpServletResponse, obj, str, str2, str3);
        if (null == isAuthenticated && this.autoRegister && null != this.oauth2Service && null != httpServletRequest) {
            String parameter = httpServletRequest.getParameter(GeneratedDConnectionDao.COLUMN_NAME_PROVIDERID);
            String parameter2 = httpServletRequest.getParameter(GeneratedDConnectionDao.COLUMN_NAME_PROVIDERUSERID);
            String parameter3 = httpServletRequest.getParameter(GeneratedDConnectionDao.COLUMN_NAME_SECRET);
            String parameter4 = httpServletRequest.getParameter("expires_in");
            Integer valueOf = Integer.valueOf(null != parameter4 ? Integer.parseInt(parameter4) : 3600);
            String parameter5 = httpServletRequest.getParameter(GeneratedDConnectionDao.COLUMN_NAME_APPARG0);
            String domain = DomainNamespaceFilter.getDomain();
            if (null != parameter && null != valueOf && null != (registerFederated = this.oauth2Service.registerFederated(str3, parameter, parameter2, parameter3, valueOf, parameter5, domain)) && null != registerFederated.getBody()) {
                isAuthenticated = super.isAuthenticated(httpServletRequest, httpServletResponse, obj, str, str2, str3);
                LOG.info("auto registered: {} for {}", str3, isAuthenticated);
            }
        }
        if (null == isAuthenticated) {
            throw new ForbiddenException(77403, str3, (String) null);
        }
        return isAuthenticated;
    }

    public SecurityDetails loadUserDetailsByUsername(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, Object obj) {
        try {
            if (null == verifyAccessToken(str2, httpServletRequest) || null == httpServletRequest) {
                return null;
            }
            return (DConnection) httpServletRequest.getAttribute("access_token");
        } catch (RestException e) {
            LOG.info("No token/user found for {}, reason {}", str2, e.getMessage());
            return null;
        }
    }

    protected Object verifyAccessToken(String str, HttpServletRequest httpServletRequest) {
        if (null == str) {
            throw new ForbiddenException(401, "No token found in request", (String) null);
        }
        if (!this.verifyLocally && !this.verifyRemotely) {
            return "[ANONYMOUS]";
        }
        DConnection dConnection = null;
        if (this.verifyLocally) {
            dConnection = this.connectionService.findByAccessToken(str);
            if (null == dConnection) {
                throw new NotFoundException(403, "No token found in realm", (String) null);
            }
            if (!this.verifyRemotely && null != dConnection.getExpireTime() && dConnection.getExpireTime().before(new Date())) {
                throw new RestException(410, null != dConnection.getExpireTime() ? dConnection.getExpireTime().toString() : "No expireTime", 403, "Authentication expired", (String) null);
            }
        }
        if (this.verifyRemotely) {
            throw new UnsupportedOperationException("Remote verification.");
        }
        if (null != httpServletRequest) {
            httpServletRequest.setAttribute("access_token", dConnection);
        }
        return dConnection.getUserKey();
    }

    public void setAutoRegister(boolean z) {
        this.autoRegister = z;
    }

    public void setVerifyLocally(boolean z) {
        this.verifyLocally = z;
    }

    public void setVerifyRemotely(boolean z) {
        this.verifyRemotely = z;
    }

    public void setProviderId(String str) {
        this.providerId = str;
    }

    public void setConnectionService(ConnectionService connectionService) {
        this.connectionService = connectionService;
    }

    public void setOauth2Service(OAuth2Service oAuth2Service) {
        this.oauth2Service = oAuth2Service;
    }
}
