package org.eclipse.orion.server.authentication.oauth;

import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.oltu.oauth2.client.OAuthClient;
import org.apache.oltu.oauth2.client.URLConnectionClient;
import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.utils.OAuthUtils;
import org.eclipse.core.runtime.CoreException;
import org.eclipse.orion.server.authentication.form.FormAuthHelper;
import org.eclipse.orion.server.core.LogHelper;
import org.eclipse.orion.server.core.OrionConfiguration;
import org.eclipse.orion.server.core.PreferenceHelper;
import org.eclipse.orion.server.core.metastore.UserInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/orion/server/authentication/oauth/OAuthHelper.class */
public class OAuthHelper {
    public static final String OAUTH = "oauth";
    public static final String REDIRECT_TYPE = "redirect_type";
    static final String OAUTH_IDENTIFIER = "oauth_identifier";
    static final String OAUTH_DISC = "oauth-disc";

    public static void redirectToOAuthProvider(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuthParams oAuthParams) throws OAuthException {
        try {
            OAuthClientRequest.AuthenticationRequestBuilder state = OAuthClientRequest.authorizationProvider(oAuthParams.getProviderType()).setClientId(oAuthParams.getClientKey()).setRedirectURI(oAuthParams.getRedirectURI()).setResponseType(oAuthParams.getResponseType()).setScope(oAuthParams.getScope()).setState(oAuthParams.getState());
            oAuthParams.addAdditionsParams(state);
            httpServletResponse.sendRedirect(state.buildQueryMessage().getLocationUri());
        } catch (OAuthSystemException e) {
            throw new OAuthException((Throwable) e);
        } catch (IOException e2) {
            throw new OAuthException(e2);
        }
    }

    public static OAuthConsumer handleOAuthReturnAndTokenAccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuthParams oAuthParams) throws OAuthException {
        String parameter = httpServletRequest.getParameter("error");
        if (parameter != null) {
            throw new OAuthException(parameter);
        }
        String parameter2 = httpServletRequest.getParameter("state");
        if (parameter2 == null || !parameter2.equals(oAuthParams.getState())) {
            throw new OAuthException("The OAuth states do not match. Token provided by an unauthorized third party.");
        }
        String parameter3 = httpServletRequest.getParameter("code");
        if (parameter3 == null) {
            throw new OAuthException("No code provided");
        }
        try {
            return oAuthParams.getNewOAuthConsumer(new OAuthClient(new URLConnectionClient()).accessToken(OAuthClientRequest.tokenProvider(oAuthParams.getProviderType()).setGrantType(oAuthParams.getGrantType()).setClientId(oAuthParams.getClientKey()).setClientSecret(oAuthParams.getClientSecret()).setRedirectURI(oAuthParams.getRedirectURI()).setCode(parameter3).buildBodyMessage(), oAuthParams.getTokenResponseClass()));
        } catch (OAuthSystemException e) {
            throw new OAuthException((Throwable) e);
        } catch (OAuthProblemException e2) {
            throw new OAuthException((Throwable) e2);
        }
    }

    public static void handleLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuthConsumer oAuthConsumer) throws OAuthException, IOException {
        if (oAuthConsumer == null || OAuthUtils.isEmpty(oAuthConsumer.getIdentifier())) {
            throw new OAuthException("There is no Orion account associated with this Id. Please register or contact your system administrator for assistance.");
        }
        String redirect = oAuthConsumer.getRedirect();
        UserInfo user = getUser(oAuthConsumer);
        if (user == null) {
            if (!FormAuthHelper.canAddUsers()) {
                throw new OAuthException("There is no Orion account associated with this Id. Please register or contact your system administrator for assistance.");
            }
            String str = String.valueOf(String.valueOf(String.valueOf("/mixloginstatic/LoginWindow.html") + "?oauth=create&email=" + oAuthConsumer.getEmail()) + "&username=" + oAuthConsumer.getUsername()) + "&identifier=" + oAuthConsumer.getIdentifier();
            if (redirect != null) {
                str = String.valueOf(str) + "&redirect=" + redirect;
            }
            httpServletResponse.sendRedirect(str);
            return;
        }
        String uniqueId = user.getUniqueId();
        httpServletRequest.getSession().setAttribute("user", uniqueId);
        Logger logger = LoggerFactory.getLogger("org.eclipse.orion.server.login");
        if (logger.isInfoEnabled()) {
            logger.info("Login success: " + uniqueId + " oauth " + oAuthConsumer.getIdentifier());
        }
        try {
            user.setProperty("LastLoginTimestamp", new Long(System.currentTimeMillis()).toString());
            OrionConfiguration.getMetaStore().updateUser(user);
        } catch (CoreException e) {
            LogHelper.log(e);
        }
        if (redirect != null) {
            httpServletResponse.sendRedirect(redirect);
        } else {
            httpServletResponse.sendRedirect("/index.html");
        }
    }

    private static UserInfo getUser(OAuthConsumer oAuthConsumer) {
        UserInfo readUserByProperty;
        try {
            UserInfo readUserByProperty2 = OrionConfiguration.getMetaStore().readUserByProperty("OAuth", ".*\\Q" + oAuthConsumer.getIdentifier() + "\\E.*", true, false);
            if (readUserByProperty2 != null) {
                return readUserByProperty2;
            }
            String openidIdentifier = oAuthConsumer.getOpenidIdentifier();
            if (openidIdentifier == null || openidIdentifier.length() == 0 || (readUserByProperty = OrionConfiguration.getMetaStore().readUserByProperty("OpenId", ".*\\Q" + openidIdentifier + "\\E.*", true, false)) == null) {
                return null;
            }
            String[] split = readUserByProperty.getProperty("OpenId").split("\n");
            if (split.length == 1) {
                readUserByProperty.setProperty("OpenId", (String) null);
            } else {
                String str = "";
                for (String str2 : split) {
                    if (!str2.equals(oAuthConsumer.getOpenidIdentifier())) {
                        str = String.valueOf(str) + str2 + "\n";
                    }
                }
                readUserByProperty.setProperty("OpenId", str.substring(0, str.length() - 1));
            }
            String property = readUserByProperty.getProperty("OAuth");
            readUserByProperty.setProperty("OAuth", String.valueOf((property == null || property.equals("")) ? "" : String.valueOf(property) + '\n') + oAuthConsumer.getIdentifier());
            OrionConfiguration.getMetaStore().updateUser(readUserByProperty);
            return readUserByProperty;
        } catch (CoreException e) {
            LogHelper.log(e);
            return null;
        }
    }

    public static void handleReturnAndLinkAccount(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuthConsumer oAuthConsumer) throws IOException, OAuthException {
        if (oAuthConsumer != null) {
            String identifier = oAuthConsumer.getIdentifier();
            if (OAuthUtils.isEmpty(identifier)) {
                throw new OAuthException("Authentication response is not sufficient");
            }
            PrintWriter writer = httpServletResponse.getWriter();
            httpServletResponse.setHeader("Cache-Control", "no-cache");
            httpServletResponse.setContentType("text/html; charset=UTF-8");
            writer.println("<html><head></head>");
            writer.println("<body onload=\"window.opener.handleOAuthResponse('" + identifier + "');window.close();\">");
            writer.println("</body>");
            writer.println("</html>");
            writer.close();
        }
    }

    public static String getAuthType() {
        return OAUTH;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static StringBuffer getAuthServerRequest(HttpServletRequest httpServletRequest) {
        String string = PreferenceHelper.getString("orion.auth.host", (String) null);
        if (string == null) {
            return httpServletRequest.getRequestURL();
        }
        StringBuffer stringBuffer = new StringBuffer(string);
        stringBuffer.append(httpServletRequest.getServletPath());
        if (httpServletRequest.getPathInfo() != null) {
            stringBuffer.append(httpServletRequest.getPathInfo());
        }
        Logger logger = LoggerFactory.getLogger("org.eclipse.orion.server.oauth");
        if (logger.isInfoEnabled()) {
            logger.info("Auth server redirect: " + stringBuffer.toString());
        }
        return stringBuffer;
    }
}
