package org.sonar.server.authentication;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.sonar.api.platform.Server;
import org.sonar.api.server.authentication.OAuth2IdentityProvider;
import org.sonar.api.server.authentication.UserIdentity;
import org.sonar.api.utils.MessageException;

/* loaded from: input_file:org/sonar/server/authentication/OAuth2ContextFactory.class */
public class OAuth2ContextFactory {
    private final UserIdentityAuthenticator userIdentityAuthenticator;
    private final Server server;
    private final CsrfVerifier csrfVerifier;

    /* loaded from: input_file:org/sonar/server/authentication/OAuth2ContextFactory$OAuthContextImpl.class */
    private class OAuthContextImpl implements OAuth2IdentityProvider.InitContext, OAuth2IdentityProvider.CallbackContext {
        private final HttpServletRequest request;
        private final HttpServletResponse response;
        private final OAuth2IdentityProvider identityProvider;

        public OAuthContextImpl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuth2IdentityProvider oAuth2IdentityProvider) {
            this.request = httpServletRequest;
            this.response = httpServletResponse;
            this.identityProvider = oAuth2IdentityProvider;
        }

        public String getCallbackUrl() {
            String publicRootUrl = OAuth2ContextFactory.this.server.getPublicRootUrl();
            if (!publicRootUrl.startsWith("http:") || OAuth2ContextFactory.this.server.isDev()) {
                return publicRootUrl + OAuth2CallbackFilter.CALLBACK_PATH + "/" + this.identityProvider.getKey();
            }
            throw MessageException.of(String.format("The server url should be configured in https, please update the property '%s'", "sonar.core.serverBaseURL"));
        }

        public String generateCsrfState() {
            return OAuth2ContextFactory.this.csrfVerifier.generateState(this.response);
        }

        public HttpServletRequest getRequest() {
            return this.request;
        }

        public HttpServletResponse getResponse() {
            return this.response;
        }

        public void redirectTo(String str) {
            try {
                this.response.sendRedirect(str);
            } catch (IOException e) {
                throw new IllegalStateException(String.format("Fail to redirect to %s", str), e);
            }
        }

        public void verifyCsrfState() {
            OAuth2ContextFactory.this.csrfVerifier.verifyState(this.request, this.response);
        }

        public void redirectToRequestedPage() {
            try {
                getResponse().sendRedirect("/");
            } catch (IOException e) {
                throw new IllegalStateException("Fail to redirect to home", e);
            }
        }

        public void authenticate(UserIdentity userIdentity) {
            OAuth2ContextFactory.this.userIdentityAuthenticator.authenticate(userIdentity, this.identityProvider, this.request.getSession());
        }
    }

    public OAuth2ContextFactory(UserIdentityAuthenticator userIdentityAuthenticator, Server server, CsrfVerifier csrfVerifier) {
        this.userIdentityAuthenticator = userIdentityAuthenticator;
        this.server = server;
        this.csrfVerifier = csrfVerifier;
    }

    public OAuth2IdentityProvider.InitContext newContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuth2IdentityProvider oAuth2IdentityProvider) {
        return new OAuthContextImpl(httpServletRequest, httpServletResponse, oAuth2IdentityProvider);
    }

    public OAuth2IdentityProvider.CallbackContext newCallback(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuth2IdentityProvider oAuth2IdentityProvider) {
        return new OAuthContextImpl(httpServletRequest, httpServletResponse, oAuth2IdentityProvider);
    }
}
