package org.rapidoid.oauth;

import java.util.Map;
import org.apache.oltu.oauth2.client.OAuthClient;
import org.apache.oltu.oauth2.client.URLConnectionClient;
import org.apache.oltu.oauth2.client.request.OAuthBearerClientRequest;
import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
import org.apache.oltu.oauth2.client.response.GitHubTokenResponse;
import org.apache.oltu.oauth2.client.response.OAuthJSONAccessTokenResponse;
import org.apache.oltu.oauth2.client.response.OAuthResourceResponse;
import org.apache.oltu.oauth2.common.message.types.GrantType;
import org.rapidoid.http.Handler;
import org.rapidoid.http.HttpExchange;
import org.rapidoid.http.UserInfo;
import org.rapidoid.json.JSON;
import org.rapidoid.util.U;

/* loaded from: input_file:org/rapidoid/oauth/OAuthTokenHandler.class */
public class OAuthTokenHandler implements Handler {
    private final OAuthProvider provider;
    private final String oauthDomain;
    private final OAuthStateCheck stateCheck;
    private final String clientId;
    private final String clientSecret;
    private final String callbackPath;

    public OAuthTokenHandler(OAuthProvider oAuthProvider, String str, OAuthStateCheck oAuthStateCheck, String str2, String str3, String str4) {
        this.provider = oAuthProvider;
        this.oauthDomain = str;
        this.stateCheck = oAuthStateCheck;
        this.clientId = str2;
        this.clientSecret = str3;
        this.callbackPath = str4;
    }

    public Object handle(HttpExchange httpExchange) throws Exception {
        String param = httpExchange.param("code");
        String param2 = httpExchange.param("state");
        U.debug("Received OAuth code", "code", param, "state", param2);
        if (param == null || param2 == null) {
            String param3 = httpExchange.param("error");
            if (param3 == null) {
                throw U.rte("OAuth error!");
            }
            U.warn("OAuth error", "error", param3);
            throw U.rte("OAuth error!");
        }
        U.must(this.stateCheck.isValidState(param2, this.clientSecret, httpExchange.sessionId()), "Invalid OAuth state!");
        OAuthClientRequest.TokenRequestBuilder code = OAuthClientRequest.tokenLocation(this.provider.getTokenEndpoint()).setGrantType(GrantType.AUTHORIZATION_CODE).setClientId(this.clientId).setClientSecret(this.clientSecret).setRedirectURI(this.oauthDomain != null ? this.oauthDomain + this.callbackPath : httpExchange.constructUrl(this.callbackPath)).setCode(param);
        OAuthClientRequest buildBodyMessage = paramsInBody() ? code.buildBodyMessage() : code.buildBodyMessage();
        OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
        String str = token(buildBodyMessage, oAuthClient);
        OAuthResourceResponse resource = oAuthClient.resource(new OAuthBearerClientRequest(U.fillIn(this.provider.getProfileEndpoint(), "token", str)).setAccessToken(str).buildQueryMessage(), "GET", OAuthResourceResponse.class);
        U.must(resource.getResponseCode() == 200, "OAuth response error!");
        Map parseMap = JSON.parseMap(resource.getBody());
        String str2 = (String) U.or(parseMap.get("firstName"), U.or(parseMap.get("first_name"), parseMap.get("given_name")));
        String str3 = (String) U.or(parseMap.get("lastName"), U.or(parseMap.get("last_name"), parseMap.get("family_name")));
        UserInfo userInfo = new UserInfo();
        userInfo.name = (String) U.or((String) parseMap.get("name"), str2 + " " + str3);
        userInfo.oauthProvider = this.provider.getName();
        userInfo.email = (String) U.or(parseMap.get("email"), parseMap.get("emailAddress"));
        userInfo.username = userInfo.email;
        userInfo.oauthId = String.valueOf(parseMap.get("id"));
        userInfo.display = userInfo.email.substring(0, userInfo.email.indexOf(64));
        httpExchange.sessionSet("_user", userInfo);
        U.must(httpExchange.user() == userInfo);
        return httpExchange.redirect("/");
    }

    private String token(OAuthClientRequest oAuthClientRequest, OAuthClient oAuthClient) throws Exception {
        String name = this.provider.getName();
        return (name.equalsIgnoreCase("facebook") || name.equalsIgnoreCase("github")) ? oAuthClient.accessToken(oAuthClientRequest, GitHubTokenResponse.class).getAccessToken() : oAuthClient.accessToken(oAuthClientRequest, OAuthJSONAccessTokenResponse.class).getAccessToken();
    }

    private boolean paramsInBody() {
        return this.provider.getName().equalsIgnoreCase("google");
    }
}
