package org.sonar.server.authentication;

import com.google.common.base.Strings;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.sonar.api.platform.Server;
import org.sonar.api.server.authentication.OAuth2IdentityProvider;
import org.sonar.api.server.authentication.UnauthorizedException;
import org.sonar.api.web.ServletFilter;
import org.sonar.server.issue.IssueUpdater;

/* loaded from: input_file:org/sonar/server/authentication/OAuth2CallbackFilter.class */
public class OAuth2CallbackFilter extends ServletFilter {
    public static final String CALLBACK_PATH = "/oauth2/callback/";
    private final IdentityProviderRepository identityProviderRepository;
    private final OAuth2ContextFactory oAuth2ContextFactory;
    private final Server server;

    public OAuth2CallbackFilter(IdentityProviderRepository identityProviderRepository, OAuth2ContextFactory oAuth2ContextFactory, Server server) {
        this.identityProviderRepository = identityProviderRepository;
        this.oAuth2ContextFactory = oAuth2ContextFactory;
        this.server = server;
    }

    public ServletFilter.UrlPattern doGetPattern() {
        return ServletFilter.UrlPattern.create("/oauth2/callback/*");
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        try {
            OAuth2IdentityProvider enabledByKey = this.identityProviderRepository.getEnabledByKey(extractKeyProvider(httpServletRequest.getRequestURI(), this.server.getContextPath() + CALLBACK_PATH));
            if (enabledByKey instanceof OAuth2IdentityProvider) {
                OAuth2IdentityProvider oAuth2IdentityProvider = enabledByKey;
                oAuth2IdentityProvider.callback(this.oAuth2ContextFactory.newCallback(httpServletRequest, (HttpServletResponse) servletResponse, oAuth2IdentityProvider));
            } else {
                AuthenticationError.handleError((HttpServletResponse) servletResponse, String.format("Not an OAuth2IdentityProvider: %s", enabledByKey.getClass()));
            }
        } catch (UnauthorizedException e) {
            AuthenticationError.handleUnauthorizedError(e, (HttpServletResponse) servletResponse);
        } catch (Exception e2) {
            AuthenticationError.handleError(e2, (HttpServletResponse) servletResponse, IssueUpdater.UNUSED.isEmpty() ? "Fail to callback authentication" : String.format("Fail to callback authentication with '%s'", IssueUpdater.UNUSED));
        }
    }

    public static String extractKeyProvider(String str, String str2) {
        if (str.contains(str2)) {
            String replace = str.replace(str2, IssueUpdater.UNUSED);
            if (!Strings.isNullOrEmpty(replace)) {
                return replace;
            }
        }
        throw new IllegalArgumentException(String.format("A valid identity provider key is required. Please check that property '%s' is valid.", "sonar.core.serverBaseURL"));
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }
}
