package ca.nrc.cadc.ac.server.oidc;

import ca.nrc.cadc.ac.server.ldap.LdapUserPersistence;
import ca.nrc.cadc.rest.InlineContentHandler;
import ca.nrc.cadc.rest.RestAction;
import java.net.URI;
import java.security.AccessControlException;
import org.apache.log4j.Logger;

/* loaded from: input_file:ca/nrc/cadc/ac/server/oidc/LoginAction.class */
public class LoginAction extends RestAction {
    private static final Logger log = Logger.getLogger(LoginAction.class);

    public void doAction() throws Exception {
        String parameter = this.syncInput.getParameter("redirect_uri");
        String parameter2 = this.syncInput.getParameter("state");
        String parameter3 = this.syncInput.getParameter("username");
        String parameter4 = this.syncInput.getParameter("password");
        log.debug("redirect_uri: " + parameter);
        log.debug("state: " + parameter2);
        log.debug("username: " + parameter3);
        if (parameter == null) {
            throw new IllegalArgumentException("missing required param 'redirect_uri'");
        }
        if (parameter3 == null) {
            throw new IllegalArgumentException("missing required param 'username'");
        }
        if (parameter4 == null) {
            throw new IllegalArgumentException("missing required param 'password'");
        }
        try {
            Boolean doLogin = new LdapUserPersistence().doLogin(parameter3, parameter4);
            if (doLogin == null || !doLogin.booleanValue()) {
                throw new AccessControlException("login failed");
            }
            StringBuilder sb = new StringBuilder(parameter);
            String token = OIDCUtil.getToken(parameter3, URI.create(OIDCUtil.AUTHORIZE_TOKEN_SCOPE), OIDCUtil.AUTHORIZE_CODE_EXPIRY_MINUTES.intValue());
            sb.append("?code=");
            sb.append(token);
            if (parameter2 != null) {
                sb.append("&state=");
                sb.append(parameter2);
            }
            this.syncOutput.setCode(302);
            this.syncOutput.setHeader("Location", sb);
        } catch (AccessControlException e) {
            throw new AccessControlException("login failed");
        }
    }

    protected InlineContentHandler getInlineContentHandler() {
        return null;
    }
}
