package org.sonar.server.authentication;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.sonar.api.platform.Server;
import org.sonar.api.server.ServerSide;
import org.sonar.api.server.authentication.OAuth2IdentityProvider;
import org.sonar.api.server.authentication.UserIdentity;
import org.sonar.db.user.UserDto;
import org.sonar.server.authentication.event.AuthenticationEvent;
import org.sonar.server.user.ThreadLocalUserSession;
import org.sonar.server.user.UserSessionFactory;

@ServerSide
/* loaded from: input_file:org/sonar/server/authentication/OAuth2ContextFactory.class */
public class OAuth2ContextFactory {
    private final ThreadLocalUserSession threadLocalUserSession;
    private final UserIdentityAuthenticator userIdentityAuthenticator;
    private final Server server;
    private final OAuthCsrfVerifier csrfVerifier;
    private final JwtHttpHandler jwtHttpHandler;
    private final UserSessionFactory userSessionFactory;
    private final OAuth2Redirection oAuthRedirection;

    /* loaded from: input_file:org/sonar/server/authentication/OAuth2ContextFactory$OAuthContextImpl.class */
    private class OAuthContextImpl implements OAuth2IdentityProvider.InitContext, OAuth2IdentityProvider.CallbackContext {
        private final HttpServletRequest request;
        private final HttpServletResponse response;
        private final OAuth2IdentityProvider identityProvider;

        public OAuthContextImpl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuth2IdentityProvider oAuth2IdentityProvider) {
            this.request = httpServletRequest;
            this.response = httpServletResponse;
            this.identityProvider = oAuth2IdentityProvider;
        }

        public String getCallbackUrl() {
            return OAuth2ContextFactory.this.server.getPublicRootUrl() + "/oauth2/callback/" + this.identityProvider.getKey();
        }

        public String generateCsrfState() {
            return OAuth2ContextFactory.this.csrfVerifier.generateState(this.request, this.response);
        }

        public HttpServletRequest getRequest() {
            return this.request;
        }

        public HttpServletResponse getResponse() {
            return this.response;
        }

        public void redirectTo(String str) {
            try {
                this.response.sendRedirect(str);
            } catch (IOException e) {
                throw new IllegalStateException(String.format("Fail to redirect to %s", str), e);
            }
        }

        public void verifyCsrfState() {
            OAuth2ContextFactory.this.csrfVerifier.verifyState(this.request, this.response, this.identityProvider);
        }

        public void redirectToRequestedPage() {
            try {
                getResponse().sendRedirect(OAuth2ContextFactory.this.oAuthRedirection.getAndDelete(this.request, this.response).orElse(OAuth2ContextFactory.this.server.getContextPath() + "/"));
            } catch (IOException e) {
                throw new IllegalStateException("Fail to redirect to home", e);
            }
        }

        public void authenticate(UserIdentity userIdentity) {
            UserDto authenticate = OAuth2ContextFactory.this.userIdentityAuthenticator.authenticate(userIdentity, this.identityProvider, AuthenticationEvent.Source.oauth2(this.identityProvider));
            OAuth2ContextFactory.this.jwtHttpHandler.generateToken(authenticate, this.request, this.response);
            OAuth2ContextFactory.this.threadLocalUserSession.set(OAuth2ContextFactory.this.userSessionFactory.create(authenticate));
        }
    }

    public OAuth2ContextFactory(ThreadLocalUserSession threadLocalUserSession, UserIdentityAuthenticator userIdentityAuthenticator, Server server, OAuthCsrfVerifier oAuthCsrfVerifier, JwtHttpHandler jwtHttpHandler, UserSessionFactory userSessionFactory, OAuth2Redirection oAuth2Redirection) {
        this.threadLocalUserSession = threadLocalUserSession;
        this.userIdentityAuthenticator = userIdentityAuthenticator;
        this.server = server;
        this.csrfVerifier = oAuthCsrfVerifier;
        this.jwtHttpHandler = jwtHttpHandler;
        this.userSessionFactory = userSessionFactory;
        this.oAuthRedirection = oAuth2Redirection;
    }

    public OAuth2IdentityProvider.InitContext newContext(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuth2IdentityProvider oAuth2IdentityProvider) {
        return new OAuthContextImpl(httpServletRequest, httpServletResponse, oAuth2IdentityProvider);
    }

    public OAuth2IdentityProvider.CallbackContext newCallback(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuth2IdentityProvider oAuth2IdentityProvider) {
        return new OAuthContextImpl(httpServletRequest, httpServletResponse, oAuth2IdentityProvider);
    }
}
