package de.adorsys.oauth2.pkce.endpoint;

import de.adorsys.oauth2.pkce.PkceProperties;
import de.adorsys.oauth2.pkce.basetypes.CodeVerifier;
import de.adorsys.oauth2.pkce.mapping.BearerTokenMapper;
import de.adorsys.oauth2.pkce.service.LoginRedirectService;
import de.adorsys.oauth2.pkce.service.PkceTokenRequestService;
import java.io.IOException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RestController("/oauth/pkce")
/* loaded from: input_file:de/adorsys/oauth2/pkce/endpoint/PkceRestController.class */
public class PkceRestController {
    private static final String CODE_REQUEST_PARAMETER_NAME = "code";
    private static final String CODE_VERIFIER_COOKIE_NAME = "code_verifier";
    private static final String REDIRECT_URI_REQUEST_PARAMETER_NAME = "redirect_uri";
    private final PkceTokenRequestService pkceTokenRequestService;
    private final LoginRedirectService loginRedirectService;
    private final BearerTokenMapper mapper;
    private final PkceProperties pkceProperties;

    @Autowired
    public PkceRestController(PkceTokenRequestService pkceTokenRequestService, LoginRedirectService loginRedirectService, BearerTokenMapper bearerTokenMapper, PkceProperties pkceProperties) {
        this.pkceTokenRequestService = pkceTokenRequestService;
        this.loginRedirectService = loginRedirectService;
        this.mapper = bearerTokenMapper;
        this.pkceProperties = pkceProperties;
    }

    @GetMapping(params = {REDIRECT_URI_REQUEST_PARAMETER_NAME})
    public void redirectToLoginPage(@RequestParam("redirect_uri") String str, HttpServletResponse httpServletResponse) throws IOException {
        LoginRedirectService.LoginRedirect redirect = this.loginRedirectService.getRedirect(str);
        httpServletResponse.addCookie(createCodeVerifierCookie(redirect.getCodeVerifier()));
        httpServletResponse.sendRedirect(redirect.getRedirectUrl());
    }

    @GetMapping(params = {CODE_REQUEST_PARAMETER_NAME, REDIRECT_URI_REQUEST_PARAMETER_NAME})
    public void getToken(@RequestParam("code") String str, @CookieValue("code_verifier") String str2, @RequestParam("redirect_uri") String str3, HttpServletResponse httpServletResponse) {
        httpServletResponse.addCookie(createBearerTokenCookie(this.pkceTokenRequestService.requestToken(str, str2, str3)));
        httpServletResponse.addCookie(createDeletionCookie(CODE_VERIFIER_COOKIE_NAME));
    }

    private Cookie createBearerTokenCookie(PkceTokenRequestService.TokenResponse tokenResponse) {
        Cookie cookie = new Cookie(this.pkceProperties.getCookieName(), this.mapper.mapToBase64(tokenResponse));
        cookie.setSecure(this.pkceProperties.getSecureCookie().booleanValue());
        cookie.setHttpOnly(true);
        cookie.setPath("/");
        cookie.setMaxAge(tokenResponse.getExpires_in().intValue());
        return cookie;
    }

    private Cookie createDeletionCookie(String str) {
        Cookie cookie = new Cookie(str, (String) null);
        cookie.setSecure(this.pkceProperties.getSecureCookie().booleanValue());
        cookie.setHttpOnly(true);
        cookie.setPath("/oauth/pkce");
        cookie.setMaxAge(0);
        return cookie;
    }

    private Cookie createCodeVerifierCookie(CodeVerifier codeVerifier) {
        Cookie cookie = new Cookie(CODE_VERIFIER_COOKIE_NAME, codeVerifier.getValue());
        cookie.setSecure(this.pkceProperties.getSecureCookie().booleanValue());
        cookie.setHttpOnly(true);
        cookie.setPath("/oauth/pkce");
        cookie.setMaxAge(3600);
        return cookie;
    }
}
