package org.hspconsortium.client.controller;

import java.io.IOException;
import java.util.Map;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.Validate;
import org.hspconsortium.client.auth.authorizationcode.AuthorizationCodeRequest;
import org.hspconsortium.client.auth.authorizationcode.AuthorizationCodeRequestBuilder;
import org.hspconsortium.client.auth.credentials.Credentials;
import org.hspconsortium.client.session.authorizationcode.AuthorizationCodeSessionFactory;
import org.springframework.security.oauth2.common.util.OAuth2Utils;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

@Controller
/* loaded from: input_file:WEB-INF/lib/hsp-java-client-0.8.jar:org/hspconsortium/client/controller/AuthorizationController.class */
public class AuthorizationController<C extends Credentials> {
    private final AuthorizationCodeSessionFactory<C> authorizationCodeSessionFactory;
    private final String appEntryPoint;
    private final String clientId;
    private final String redirectUri;
    private final String scope;
    private AuthorizationCodeRequestBuilder authorizationCodeRequestBuilder;

    @Inject
    public AuthorizationController(AuthorizationCodeSessionFactory<C> authorizationCodeSessionFactory, String str, String str2, String str3, String str4, AuthorizationCodeRequestBuilder authorizationCodeRequestBuilder) {
        Validate.notNull(authorizationCodeSessionFactory, "AuthorizationCodeSessionFactory is required");
        Validate.notNull(str, "AppEntryPoint is required");
        Validate.notNull(str2, "ClientId is required");
        Validate.notNull(str3, "RedirectUri is required");
        Validate.notNull(str4, "Scope is required");
        Validate.notNull(authorizationCodeRequestBuilder, "AuthorizationCodeAuthorizer is required");
        this.authorizationCodeSessionFactory = authorizationCodeSessionFactory;
        this.appEntryPoint = str;
        this.clientId = str2;
        this.redirectUri = str3;
        this.scope = str4;
        this.authorizationCodeRequestBuilder = authorizationCodeRequestBuilder;
    }

    @RequestMapping(value = {"/launch"}, method = {RequestMethod.GET})
    public void handleLaunchRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        AuthorizationCodeRequest buildAuthorizationCodeRequest = this.authorizationCodeRequestBuilder.buildAuthorizationCodeRequest(httpServletRequest, this.clientId, this.scope, this.redirectUri);
        this.authorizationCodeSessionFactory.registerInContext(buildAuthorizationCodeRequest.getOauthState(), buildAuthorizationCodeRequest);
        httpServletResponse.setStatus(307);
        httpServletResponse.setHeader("Location", buildAuthorizationCodeRequest.getFhirEndpoints().getAuthorizationEndpoint() + "?client_id=" + buildAuthorizationCodeRequest.getClientId() + "&response_type=" + buildAuthorizationCodeRequest.getResponseType() + "&scope=" + buildAuthorizationCodeRequest.getScopes().asParamValue() + "&launch=" + buildAuthorizationCodeRequest.getLaunchId() + "&redirect_uri=" + buildAuthorizationCodeRequest.getRedirectUri() + "&aud=" + buildAuthorizationCodeRequest.getFhirEndpoints().getFhirServiceApi() + "&state=" + buildAuthorizationCodeRequest.getOauthState());
    }

    @RequestMapping(value = {"/redirect"}, method = {RequestMethod.GET})
    public void handleRedirectResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Map<String, String[]> parameterMap = httpServletRequest.getParameterMap();
        httpServletRequest.getSession().setAttribute(this.authorizationCodeSessionFactory.getSessionKey(), this.authorizationCodeSessionFactory.createSession(parameterMap.get(OAuth2Utils.STATE)[0], parameterMap.get("code")[0]));
        try {
            httpServletResponse.sendRedirect(this.appEntryPoint);
        } catch (IOException e) {
            throw new RuntimeException("Error sending handling redirect response", e);
        }
    }
}
