package com.naturalprogrammer.spring.lemon.security;

import com.naturalprogrammer.spring.lemon.commons.LemonProperties;
import com.naturalprogrammer.spring.lemon.commons.util.LecUtils;
import com.naturalprogrammer.spring.lemon.commonsweb.util.LecwUtils;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
import org.springframework.util.Assert;

/* loaded from: input_file:com/naturalprogrammer/spring/lemon/security/HttpCookieOAuth2AuthorizationRequestRepository.class */
public class HttpCookieOAuth2AuthorizationRequestRepository implements AuthorizationRequestRepository<OAuth2AuthorizationRequest> {
    private int cookieExpirySecs;

    public HttpCookieOAuth2AuthorizationRequestRepository(LemonProperties lemonProperties) {
        this.cookieExpirySecs = lemonProperties.getJwt().getShortLivedMillis() / 1000;
    }

    public OAuth2AuthorizationRequest loadAuthorizationRequest(HttpServletRequest httpServletRequest) {
        Assert.notNull(httpServletRequest, "request cannot be null");
        return (OAuth2AuthorizationRequest) LecwUtils.fetchCookie(httpServletRequest, "lemon_oauth2_authorization_request").map(this::deserialize).orElse(null);
    }

    public void saveAuthorizationRequest(OAuth2AuthorizationRequest oAuth2AuthorizationRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Assert.notNull(httpServletRequest, "request cannot be null");
        Assert.notNull(httpServletResponse, "response cannot be null");
        if (oAuth2AuthorizationRequest == null) {
            deleteCookies(httpServletRequest, httpServletResponse, "lemon_oauth2_authorization_request", "lemon_redirect_uri");
            return;
        }
        Cookie cookie = new Cookie("lemon_oauth2_authorization_request", LecUtils.serialize(oAuth2AuthorizationRequest));
        cookie.setPath("/");
        cookie.setHttpOnly(true);
        cookie.setMaxAge(this.cookieExpirySecs);
        httpServletResponse.addCookie(cookie);
        String parameter = httpServletRequest.getParameter("lemon_redirect_uri");
        if (StringUtils.isNotBlank(parameter)) {
            Cookie cookie2 = new Cookie("lemon_redirect_uri", parameter);
            cookie2.setPath("/");
            cookie2.setHttpOnly(true);
            cookie2.setMaxAge(this.cookieExpirySecs);
            httpServletResponse.addCookie(cookie2);
        }
    }

    public OAuth2AuthorizationRequest removeAuthorizationRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        OAuth2AuthorizationRequest loadAuthorizationRequest = loadAuthorizationRequest(httpServletRequest);
        deleteCookies(httpServletRequest, httpServletResponse, "lemon_oauth2_authorization_request");
        return loadAuthorizationRequest;
    }

    public static void deleteCookies(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String... strArr) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null || cookies.length <= 0) {
            return;
        }
        for (int i = 0; i < cookies.length; i++) {
            if (ArrayUtils.contains(strArr, cookies[i].getName())) {
                cookies[i].setValue("");
                cookies[i].setPath("/");
                cookies[i].setMaxAge(0);
                httpServletResponse.addCookie(cookies[i]);
            }
        }
    }

    private OAuth2AuthorizationRequest deserialize(Cookie cookie) {
        return (OAuth2AuthorizationRequest) LecUtils.deserialize(cookie.getValue());
    }

    @Deprecated
    public OAuth2AuthorizationRequest removeAuthorizationRequest(HttpServletRequest httpServletRequest) {
        throw new UnsupportedOperationException("Spring Security shouldn't have called the deprecated removeAuthorizationRequest(request)");
    }
}
