package org.rapidoid.oauth;

import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.rapidoid.RapidoidThing;
import org.rapidoid.config.Conf;
import org.rapidoid.config.Config;
import org.rapidoid.gui.GUI;
import org.rapidoid.http.HttpUtils;
import org.rapidoid.http.Req;
import org.rapidoid.http.ReqHandler;
import org.rapidoid.log.Log;
import org.rapidoid.setup.Setup;
import org.rapidoid.u.U;
import org.rapidoid.value.Value;

/* loaded from: input_file:org/rapidoid/oauth/OAuth.class */
public class OAuth extends RapidoidThing {
    static final String NO_ID = "NO-CLIENT-ID-CONFIGURED";
    static final String NO_SECRET = "NO-CLIENT-SECRET-CONFIGURED";
    private static final String LOGIN_BTN = "<div class=\"row-fluid\"><div class=\"col-md-3\"><a href=\"/_%sLogin\" class=\"btn btn-default btn-block\">Login with %s</a></div></div>";
    private static OAuthStateCheck STATE_CHECK;
    private static final Config OAUTH = Conf.OAUTH;
    private static final Value<String> DOMAIN = Conf.APP.entry("domain").str();

    public static void register(Setup setup, OAuthProvider... oAuthProviderArr) {
        register(setup, new DefaultOAuthStateCheck(), oAuthProviderArr);
    }

    public static void register(Setup setup, OAuthStateCheck oAuthStateCheck, OAuthProvider... oAuthProviderArr) {
        if (OAUTH.isEmpty()) {
            Log.warn("OAuth is not configured!");
        }
        STATE_CHECK = oAuthStateCheck;
        if (oAuthProviderArr == null || oAuthProviderArr.length == 0) {
            oAuthProviderArr = OAuthProvider.PROVIDERS;
        }
        StringBuilder sb = new StringBuilder();
        sb.append("<div class=\"container-fluid text-center\">");
        for (OAuthProvider oAuthProvider : oAuthProviderArr) {
            String lowerCase = oAuthProvider.getName().toLowerCase();
            String str = "/_" + lowerCase + "Login";
            String str2 = "/_" + lowerCase + "OauthCallback";
            Config sub = OAUTH.sub(new String[]{lowerCase});
            Value str3 = sub.entry("id").str();
            Value str4 = sub.entry("secret").str();
            setup.get(str).html(new OAuthLoginHandler(oAuthProvider, DOMAIN));
            setup.get(str2).html(new OAuthTokenHandler(oAuthProvider, setup.custom(), DOMAIN, oAuthStateCheck, str3, str4, str2));
            sb.append(U.frmt(LOGIN_BTN, new Object[]{lowerCase, oAuthProvider.getName()}));
        }
        sb.append("</div>");
        final String sb2 = sb.toString();
        setup.get("/_oauth").html(new ReqHandler() { // from class: org.rapidoid.oauth.OAuth.1
            public Object execute(Req req) throws Exception {
                return GUI.page(new Object[]{GUI.hardcoded(sb2)}).title("Login with OAuth");
            }
        });
    }

    public static String getLoginURL(Req req, OAuthProvider oAuthProvider, String str) {
        if (OAUTH.isEmpty()) {
            Log.warn("OAuth is not configured!");
        }
        String lowerCase = oAuthProvider.getName().toLowerCase();
        Config sub = OAUTH.sub(new String[]{lowerCase});
        Value str2 = sub.entry("id").str();
        Value<String> str3 = sub.entry("secret").str();
        String str4 = "/_" + lowerCase + "OauthCallback";
        try {
            return OAuthClientRequest.authorizationLocation(oAuthProvider.getAuthEndpoint()).setClientId((String) str2.or(NO_ID)).setRedirectURI(U.notEmpty(str) ? str + str4 : HttpUtils.constructUrl(req, str4)).setScope(oAuthProvider.getEmailScope()).setState((req.param("popup", (String) null) != null ? "P" : "N") + STATE_CHECK.generateState(str3, req.sessionId())).setResponseType("code").buildQueryMessage().getLocationUri();
        } catch (OAuthSystemException e) {
            throw U.rte(e);
        }
    }
}
