package org.eclipse.dirigible.oauth;

import io.swagger.annotations.Api;
import java.io.IOException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.client.methods.HttpUriRequest;
import org.eclipse.dirigible.api.v3.http.HttpClientFacade;
import org.eclipse.dirigible.api.v3.http.client.HttpClientHeader;
import org.eclipse.dirigible.api.v3.http.client.HttpClientParam;
import org.eclipse.dirigible.api.v3.http.client.HttpClientProxyUtils;
import org.eclipse.dirigible.api.v3.http.client.HttpClientRequestOptions;
import org.eclipse.dirigible.commons.api.helpers.GsonHelper;
import org.eclipse.dirigible.commons.api.service.AbstractRestService;
import org.eclipse.dirigible.commons.api.service.IRestService;
import org.eclipse.dirigible.commons.config.Configuration;
import org.eclipse.dirigible.oauth.filters.AbstractOAuthFilter;
import org.eclipse.dirigible.oauth.utils.JwtUtils;
import org.eclipse.dirigible.oauth.utils.OAuthUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Api("OAuth")
@Path("/oauth")
/* loaded from: input_file:WEB-INF/lib/dirigible-security-oauth-7.2.0.jar:org/eclipse/dirigible/oauth/OAuthService.class */
public class OAuthService extends AbstractRestService implements IRestService {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) OAuthService.class);
    private static final String AUTHORIZATION_HEADER = "Authorization";

    @Context
    private HttpServletRequest request;

    @Context
    private HttpServletResponse response;
    public static final String DIRIGIBLE_OAUTH_ENABLED = "DIRIGIBLE_OAUTH_ENABLED";
    public static final String DIRIGIBLE_OAUTH_PREFIX = "DIRIGIBLE_OAUTH_PREFIX";
    public static final String DIRIGIBLE_OAUTH_AUTHORIZE_URL = "DIRIGIBLE_OAUTH_AUTHORIZE_URL";
    public static final String DIRIGIBLE_OAUTH_TOKEN_URL = "DIRIGIBLE_OAUTH_TOKEN_URL";
    public static final String DIRIGIBLE_OAUTH_CLIENT_ID = "DIRIGIBLE_OAUTH_CLIENT_ID";
    public static final String DIRIGIBLE_OAUTH_CLIENT_SECRET = "DIRIGIBLE_OAUTH_CLIENT_SECRET";
    public static final String DIRIGIBLE_OAUTH_VERIFICATION_KEY = "DIRIGIBLE_OAUTH_VERIFICATION_KEY";
    public static final String DIRIGIBLE_OAUTH_VERIFICATION_KEY_EXPONENT = "DIRIGIBLE_OAUTH_VERIFICATION_KEY_EXPONENT";
    public static final String DIRIGIBLE_OAUTH_APPLICATION_NAME = "DIRIGIBLE_OAUTH_APPLICATION_NAME";
    public static final String DIRIGIBLE_OAUTH_APPLICATION_HOST = "DIRIGIBLE_OAUTH_APPLICATION_HOST";
    public static final String DIRIGIBLE_OAUTH_ISSUER = "DIRIGIBLE_OAUTH_ISSUER";
    public static final String DIRIGIBLE_OAUTH_CHECK_ISSUER_ENABLED = "DIRIGIBLE_OAUTH_CHECK_ISSUER_ENABLED";
    public static final String DIRIGIBLE_OAUTH_CHECK_AUDIENCE_ENABLED = "DIRIGIBLE_OAUTH_CHECK_AUDIENCE_ENABLED";
    public static final String DIRIGIBLE_OAUTH_TOKEN_REQUEST_METHOD = "DIRIGIBLE_OAUTH_TOKEN_REQUEST_METHOD";

    @GET
    @Path("/callback")
    public void callback(@QueryParam("code") String str) throws ClientProtocolException, IOException {
        JwtUtils.setJwt(this.response, getAccessToken(str).getAccessToken());
        this.response.sendRedirect(getRedirectPath());
    }

    private AccessToken getAccessToken(String str) throws IOException, ClientProtocolException {
        HttpRequestBase createPostRequest;
        HttpClientRequestOptions httpClientRequestOptions = new HttpClientRequestOptions();
        httpClientRequestOptions.getHeaders().add(new HttpClientHeader("Authorization", OAuthUtils.getOAuthAuthorizationHeader()));
        String upperCase = Configuration.get(DIRIGIBLE_OAUTH_TOKEN_REQUEST_METHOD, "GET").toUpperCase();
        boolean z = -1;
        switch (upperCase.hashCode()) {
            case 70454:
                if (upperCase.equals("GET")) {
                    z = false;
                    break;
                }
                break;
            case 2461856:
                if (upperCase.equals("POST")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                createPostRequest = HttpClientFacade.createGetRequest(OAuthUtils.getTokenUrl(str), httpClientRequestOptions);
                break;
            case true:
                httpClientRequestOptions.getParams().add(new HttpClientParam(OAuthUtils.PARAM_GRANT_TYPE, OAuthUtils.VALUE_GRANT_TYPE_AUTHORIZATION_CODE));
                httpClientRequestOptions.getParams().add(new HttpClientParam("code", str));
                httpClientRequestOptions.getParams().add(new HttpClientParam(OAuthUtils.PARAM_REDIRECT_URI, OAuthUtils.getRedirectUri()));
                createPostRequest = HttpClientFacade.createPostRequest(OAuthUtils.getOAuthTokenUrl(), httpClientRequestOptions);
                break;
            default:
                throw new IllegalArgumentException("Unsupported OAuth Token Request Method");
        }
        return (AccessToken) GsonHelper.fromJson(HttpClientFacade.processHttpClientResponse(HttpClientProxyUtils.getHttpClient(false).execute((HttpUriRequest) createPostRequest), false).getText(), AccessToken.class);
    }

    private String getRedirectPath() {
        String str = "/";
        Cookie[] cookies = this.request.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (cookie.getName().equals(AbstractOAuthFilter.INITIAL_REQUEST_PATH_COOKIE) && cookie.getValue() != null && !cookie.getValue().equals("")) {
                    str = cookie.getValue();
                    cookie.setValue("");
                    cookie.setPath("/");
                    cookie.setMaxAge(0);
                    this.response.addCookie(cookie);
                }
            }
        }
        return str;
    }

    @Override // org.eclipse.dirigible.commons.api.service.IRestService
    public Class<? extends IRestService> getType() {
        return OAuthService.class;
    }

    @Override // org.eclipse.dirigible.commons.api.service.AbstractRestService
    protected Logger getLogger() {
        return logger;
    }
}
