package org.intermine.webservice.server.oauth2;

import ch.qos.logback.classic.ClassicConstants;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.apache.oltu.oauth2.client.OAuthClient;
import org.apache.oltu.oauth2.client.URLConnectionClient;
import org.apache.oltu.oauth2.client.request.OAuthBearerClientRequest;
import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
import org.apache.oltu.oauth2.client.response.GitHubTokenResponse;
import org.apache.oltu.oauth2.client.response.OAuthAuthzResponse;
import org.apache.oltu.oauth2.client.response.OAuthJSONAccessTokenResponse;
import org.apache.oltu.oauth2.client.response.OAuthResourceResponse;
import org.apache.oltu.oauth2.common.OAuth;
import org.apache.oltu.oauth2.common.OAuthProviderType;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.types.GrantType;
import org.forester.io.parsers.phyloxml.PhyloXmlMapping;
import org.intermine.api.InterMineAPI;
import org.intermine.api.profile.DuplicateMappingException;
import org.intermine.api.profile.Profile;
import org.intermine.web.context.InterMineContext;
import org.intermine.web.logic.profile.LoginHandler;
import org.intermine.web.struts.oauth2.CustomOAuthProvider;
import org.intermine.web.struts.oauth2.DefaultOAuthProvider;
import org.intermine.web.struts.oauth2.DelegatedIdentity;
import org.intermine.web.struts.oauth2.ForseenProblem;
import org.intermine.web.struts.oauth2.OAuthProvider;
import org.intermine.webservice.server.core.JSONService;
import org.intermine.webservice.server.exceptions.BadRequestException;
import org.intermine.webservice.server.user.JSONUserFormatter;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:WEB-INF/classes/org/intermine/webservice/server/oauth2/CallbackService.class */
public class CallbackService extends JSONService {
    private static final Logger LOG = Logger.getLogger(CallbackService.class);

    public CallbackService(InterMineAPI interMineAPI) {
        super(interMineAPI);
    }

    @Override // org.intermine.webservice.server.core.JSONService
    protected String getResultsKey() {
        return "output";
    }

    @Override // org.intermine.webservice.server.WebService
    protected void execute() throws Exception {
        String requiredParameter = getRequiredParameter(PhyloXmlMapping.IDENTIFIER_PROVIDER_ATTR);
        String requiredParameter2 = getRequiredParameter(OAuth.OAUTH_REDIRECT_URI);
        try {
            Profile profile = getProfile(getDelegatedIdentity(requiredParameter, getAccessToken(requiredParameter2, getAuthResponse(this.request), getOAuthProvider(this.webProperties, requiredParameter))));
            HashMap hashMap = new HashMap();
            hashMap.put(ClassicConstants.USER_MDC_KEY, new JSONObject(new JSONUserFormatter(profile).format()));
            hashMap.put("token", this.im.getProfileManager().generate24hrKey(profile));
            Profile profile2 = getPermission().getProfile();
            if (profile2 == null || !StringUtils.isEmpty(profile2.getUsername())) {
                hashMap.put("renamedLists", new JSONObject(Collections.emptyMap()));
            } else {
                hashMap.put("renamedLists", new JSONObject(LoginHandler.mergeProfiles(profile2, profile).getRenamedBags()));
            }
            addResultItem((Map<String, ? extends Object>) hashMap, false);
        } catch (Exception e) {
            LOG.error("Error granting access", e);
        }
    }

    private OAuthProvider getOAuthProvider(Properties properties, String str) throws ForseenProblem {
        try {
            return getProvider(properties, str);
        } catch (IllegalArgumentException e) {
            throw new ForseenProblem("oauth2.error.unknown-provider", str);
        }
    }

    private OAuthProvider getProvider(Properties properties, String str) {
        return properties.containsKey(new StringBuilder().append("oauth2.").append(str).append(".url.token").toString()) ? new CustomOAuthProvider(properties, str) : new DefaultOAuthProvider(properties, OAuthProviderType.valueOf(str));
    }

    private OAuthAuthzResponse getAuthResponse(HttpServletRequest httpServletRequest) throws ForseenProblem {
        try {
            return OAuthAuthzResponse.oauthCodeAuthzResponse(httpServletRequest);
        } catch (OAuthProblemException e) {
            throw new ForseenProblem("oauth2.error.getting-code", e.getMessage());
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v25, types: [org.apache.oltu.oauth2.client.response.OAuthAccessTokenResponse] */
    private String getAccessToken(String str, OAuthAuthzResponse oAuthAuthzResponse, OAuthProvider oAuthProvider) throws OAuthSystemException, OAuthProblemException {
        OAuthClientRequest buildQueryMessage;
        OAuthJSONAccessTokenResponse accessToken;
        OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
        OAuthClientRequest.TokenRequestBuilder code = OAuthClientRequest.tokenLocation(oAuthProvider.getTokenUrl()).setGrantType(GrantType.AUTHORIZATION_CODE).setClientId(oAuthProvider.getClientId()).setClientSecret(oAuthProvider.getClientSecret()).setRedirectURI(str).setCode(oAuthAuthzResponse.getCode());
        switch (oAuthProvider.getMessageFormat()) {
            case BODY:
                buildQueryMessage = code.buildBodyMessage();
                break;
            case QUERY:
                buildQueryMessage = code.buildQueryMessage();
                break;
            default:
                throw new RuntimeException("Unknown message format");
        }
        LOG.info("Requesting access token: URI = " + buildQueryMessage.getLocationUri() + " BODY = " + buildQueryMessage.getBody());
        try {
            switch (oAuthProvider.getResponseType()) {
                case FORM:
                    accessToken = oAuthClient.accessToken(buildQueryMessage, (Class<OAuthJSONAccessTokenResponse>) GitHubTokenResponse.class);
                    break;
                case JSON:
                    accessToken = oAuthClient.accessToken(buildQueryMessage);
                    break;
                default:
                    throw new RuntimeException("Unknown response type");
            }
            return accessToken.getAccessToken();
        } catch (OAuthProblemException e) {
            throw new BadRequestException(e.getMessage());
        }
    }

    private DelegatedIdentity getDelegatedIdentity(String str, String str2) throws OAuthSystemException, OAuthProblemException, JSONException {
        if (providerIsSane(str)) {
            return getSaneProviderUserInfo(str, str2);
        }
        throw new RuntimeException("Missing config: oauth2." + str + ".identity-resource");
    }

    private boolean providerIsSane(String str) {
        return InterMineContext.getWebProperties().containsKey("oauth2." + str + ".identity-resource");
    }

    private DelegatedIdentity getSaneProviderUserInfo(String str, String str2) throws OAuthSystemException, OAuthProblemException, JSONException {
        OAuthClientRequest buildBodyMessage;
        Properties webProperties = InterMineContext.getWebProperties();
        String str3 = "oauth2." + str;
        String property = webProperties.getProperty(str3 + ".identity-resource");
        String property2 = webProperties.getProperty(str3 + ".identity-envelope");
        String property3 = webProperties.getProperty(str3 + ".id-key", "id");
        String property4 = webProperties.getProperty(str3 + ".name-key", "name");
        String property5 = webProperties.getProperty(str3 + ".email-key", "email");
        String property6 = webProperties.getProperty(str3 + ".resource-auth-mechanism", "queryparam");
        OAuthBearerClientRequest accessToken = new OAuthBearerClientRequest(property).setAccessToken(str2);
        if ("queryparam".equals(property6)) {
            buildBodyMessage = accessToken.buildQueryMessage();
        } else if ("header".equals(property6)) {
            buildBodyMessage = accessToken.buildHeaderMessage();
        } else {
            if (!"body".equals(property6)) {
                throw new OAuthSystemException("Unknown authorisation mechanism: " + property6);
            }
            buildBodyMessage = accessToken.buildBodyMessage();
        }
        LOG.debug("Requesting identity information: URI = " + buildBodyMessage.getLocationUri() + " HEADERS = " + buildBodyMessage.getHeaders() + " BODY = " + buildBodyMessage.getBody());
        buildBodyMessage.setHeader("Accept", "application/json");
        return parseIdentity(str, property2, property3, property4, property5, ((OAuthResourceResponse) new OAuthClient(new URLConnectionClient()).resource(buildBodyMessage, "GET", OAuthResourceResponse.class)).getBody());
    }

    private DelegatedIdentity parseIdentity(String str, String str2, String str3, String str4, String str5, String str6) throws JSONException {
        String optString;
        JSONObject jSONObject = new JSONObject(str6);
        if (StringUtils.isNotBlank(str2)) {
            jSONObject = jSONObject.getJSONObject(str2);
        }
        String obj = jSONObject.get(str3).toString();
        String[] split = str4.split(",");
        String[] strArr = new String[split.length];
        for (int i = 0; i < split.length; i++) {
            strArr[i] = jSONObject.getString(split[i]);
        }
        String join = StringUtils.join(strArr, " ");
        JSONObject optJSONObject = jSONObject.optJSONObject("emails");
        if (optJSONObject == null) {
            optString = jSONObject.optString(str5);
        } else {
            optString = optJSONObject.optString("preferred");
            if (optString == null) {
                optString = optJSONObject.optString("account");
            }
        }
        return new DelegatedIdentity(str, obj, optString, join);
    }

    private Profile getProfile(DelegatedIdentity delegatedIdentity) {
        Profile profile = this.im.getProfileManager().grantPermission(delegatedIdentity.getProvider(), delegatedIdentity.getId(), this.im.getClassKeys()).getProfile();
        Map preferences = profile.getPreferences();
        if (!preferences.containsKey("email")) {
            preferences.put("email", delegatedIdentity.getEmail());
        }
        preferences.put("email", delegatedIdentity.getEmail());
        String name = delegatedIdentity.getName();
        if (!"".equals(name)) {
            if ("".equals(preferences.containsKey("aka") ? (String) preferences.get("aka") : "")) {
                preferences.put("aka", name);
            }
            if ("".equals(preferences.containsKey("alias") ? (String) preferences.get("alias") : "")) {
                int i = 0;
                String str = name;
                do {
                    try {
                        preferences.put("alias", str);
                    } catch (DuplicateMappingException e) {
                        i++;
                        str = name + " " + i;
                    }
                } while (!preferences.containsKey("alias"));
            }
        }
        return profile;
    }
}
