package org.springframework.social.connect.web;

import java.util.Arrays;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.craftercms.security.social.impl.ProviderLoginSupportImpl;
import org.springframework.social.connect.Connection;
import org.springframework.social.connect.ConnectionFactory;
import org.springframework.social.connect.support.OAuth1ConnectionFactory;
import org.springframework.social.connect.support.OAuth2ConnectionFactory;
import org.springframework.social.oauth1.AuthorizedRequestToken;
import org.springframework.social.oauth1.OAuth1Operations;
import org.springframework.social.oauth1.OAuth1Parameters;
import org.springframework.social.oauth1.OAuth1Version;
import org.springframework.social.oauth1.OAuthToken;
import org.springframework.social.oauth2.OAuth2Operations;
import org.springframework.social.oauth2.OAuth2Parameters;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.context.request.NativeWebRequest;
import org.springframework.web.context.request.WebRequest;

/* loaded from: input_file:WEB-INF/lib/spring-social-web-1.1.0.RELEASE.jar:org/springframework/social/connect/web/ConnectSupport.class */
public class ConnectSupport {
    private static final Log logger = LogFactory.getLog(ConnectSupport.class);
    private boolean useAuthenticateUrl;
    private String applicationUrl;
    private String callbackUrl;
    private SessionStrategy sessionStrategy;
    private static final String OAUTH_TOKEN_ATTRIBUTE = "oauthToken";
    private static final String OAUTH2_STATE_ATTRIBUTE = "oauth2State";

    public ConnectSupport() {
        this(new HttpSessionSessionStrategy());
    }

    public ConnectSupport(SessionStrategy sessionStrategy) {
        this.sessionStrategy = sessionStrategy;
    }

    public void setUseAuthenticateUrl(boolean z) {
        this.useAuthenticateUrl = z;
    }

    public void setApplicationUrl(String str) {
        this.applicationUrl = str;
    }

    public void setCallbackUrl(String str) {
        this.callbackUrl = str;
    }

    public String buildOAuthUrl(ConnectionFactory<?> connectionFactory, NativeWebRequest nativeWebRequest) {
        return buildOAuthUrl(connectionFactory, nativeWebRequest, null);
    }

    public String buildOAuthUrl(ConnectionFactory<?> connectionFactory, NativeWebRequest nativeWebRequest, MultiValueMap<String, String> multiValueMap) {
        if (connectionFactory instanceof OAuth1ConnectionFactory) {
            return buildOAuth1Url((OAuth1ConnectionFactory<?>) connectionFactory, nativeWebRequest, multiValueMap);
        }
        if (connectionFactory instanceof OAuth2ConnectionFactory) {
            return buildOAuth2Url((OAuth2ConnectionFactory) connectionFactory, nativeWebRequest, multiValueMap);
        }
        throw new IllegalArgumentException("ConnectionFactory not supported");
    }

    public Connection<?> completeConnection(OAuth1ConnectionFactory<?> oAuth1ConnectionFactory, NativeWebRequest nativeWebRequest) {
        return oAuth1ConnectionFactory.createConnection(oAuth1ConnectionFactory.getOAuthOperations().exchangeForAccessToken(new AuthorizedRequestToken(extractCachedRequestToken(nativeWebRequest), nativeWebRequest.getParameter("oauth_verifier")), null));
    }

    public Connection<?> completeConnection(OAuth2ConnectionFactory<?> oAuth2ConnectionFactory, NativeWebRequest nativeWebRequest) {
        if (oAuth2ConnectionFactory.supportsStateParameter()) {
            verifyStateParameter(nativeWebRequest);
        }
        try {
            return oAuth2ConnectionFactory.createConnection(oAuth2ConnectionFactory.getOAuthOperations().exchangeForAccess(nativeWebRequest.getParameter(ProviderLoginSupportImpl.PARAM_CODE), callbackUrl(nativeWebRequest), null));
        } catch (HttpClientErrorException e) {
            logger.warn("HttpClientErrorException while completing connection: " + e.getMessage());
            logger.warn("      Response body: " + e.getResponseBodyAsString());
            throw e;
        }
    }

    private void verifyStateParameter(NativeWebRequest nativeWebRequest) {
        String parameter = nativeWebRequest.getParameter("state");
        String extractCachedOAuth2State = extractCachedOAuth2State(nativeWebRequest);
        if (parameter != null && !parameter.equals(extractCachedOAuth2State)) {
            throw new IllegalStateException("The OAuth2 'state' parameter doesn't match.");
        }
    }

    protected String callbackUrl(NativeWebRequest nativeWebRequest) {
        if (this.callbackUrl != null) {
            return this.callbackUrl;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) nativeWebRequest.getNativeRequest(HttpServletRequest.class);
        return this.applicationUrl != null ? this.applicationUrl + connectPath(httpServletRequest) : httpServletRequest.getRequestURL().toString();
    }

    private String buildOAuth1Url(OAuth1ConnectionFactory<?> oAuth1ConnectionFactory, NativeWebRequest nativeWebRequest, MultiValueMap<String, String> multiValueMap) {
        OAuth1Operations oAuthOperations = oAuth1ConnectionFactory.getOAuthOperations();
        MultiValueMap<String, String> requestParameters = getRequestParameters(nativeWebRequest, new String[0]);
        OAuth1Parameters oAuth1Parameters = getOAuth1Parameters(nativeWebRequest, multiValueMap);
        oAuth1Parameters.putAll(requestParameters);
        if (oAuthOperations.getVersion() == OAuth1Version.CORE_10) {
            oAuth1Parameters.setCallbackUrl(callbackUrl(nativeWebRequest));
        }
        OAuthToken fetchRequestToken = fetchRequestToken(nativeWebRequest, requestParameters, oAuthOperations);
        this.sessionStrategy.setAttribute(nativeWebRequest, OAUTH_TOKEN_ATTRIBUTE, fetchRequestToken);
        return buildOAuth1Url(oAuthOperations, fetchRequestToken.getValue(), oAuth1Parameters);
    }

    private OAuth1Parameters getOAuth1Parameters(NativeWebRequest nativeWebRequest, MultiValueMap<String, String> multiValueMap) {
        OAuth1Parameters oAuth1Parameters = new OAuth1Parameters(multiValueMap);
        oAuth1Parameters.putAll(getRequestParameters(nativeWebRequest, new String[0]));
        return oAuth1Parameters;
    }

    private OAuthToken fetchRequestToken(NativeWebRequest nativeWebRequest, MultiValueMap<String, String> multiValueMap, OAuth1Operations oAuth1Operations) {
        return oAuth1Operations.getVersion() == OAuth1Version.CORE_10_REVISION_A ? oAuth1Operations.fetchRequestToken(callbackUrl(nativeWebRequest), multiValueMap) : oAuth1Operations.fetchRequestToken(null, multiValueMap);
    }

    private String buildOAuth2Url(OAuth2ConnectionFactory<?> oAuth2ConnectionFactory, NativeWebRequest nativeWebRequest, MultiValueMap<String, String> multiValueMap) {
        OAuth2Operations oAuthOperations = oAuth2ConnectionFactory.getOAuthOperations();
        OAuth2Parameters oAuth2Parameters = getOAuth2Parameters(nativeWebRequest, oAuth2ConnectionFactory.getScope(), multiValueMap);
        String generateState = oAuth2ConnectionFactory.generateState();
        oAuth2Parameters.add("state", generateState);
        this.sessionStrategy.setAttribute(nativeWebRequest, OAUTH2_STATE_ATTRIBUTE, generateState);
        return this.useAuthenticateUrl ? oAuthOperations.buildAuthenticateUrl(oAuth2Parameters) : oAuthOperations.buildAuthorizeUrl(oAuth2Parameters);
    }

    private OAuth2Parameters getOAuth2Parameters(NativeWebRequest nativeWebRequest, String str, MultiValueMap<String, String> multiValueMap) {
        OAuth2Parameters oAuth2Parameters = new OAuth2Parameters(multiValueMap);
        oAuth2Parameters.putAll(getRequestParameters(nativeWebRequest, "scope"));
        oAuth2Parameters.setRedirectUri(callbackUrl(nativeWebRequest));
        String parameter = nativeWebRequest.getParameter("scope");
        if (parameter != null) {
            oAuth2Parameters.setScope(parameter);
        } else if (str != null) {
            oAuth2Parameters.setScope(str);
        }
        return oAuth2Parameters;
    }

    private String connectPath(HttpServletRequest httpServletRequest) {
        String pathInfo = httpServletRequest.getPathInfo();
        return httpServletRequest.getServletPath() + (pathInfo != null ? pathInfo : "");
    }

    private String buildOAuth1Url(OAuth1Operations oAuth1Operations, String str, OAuth1Parameters oAuth1Parameters) {
        return this.useAuthenticateUrl ? oAuth1Operations.buildAuthenticateUrl(str, oAuth1Parameters) : oAuth1Operations.buildAuthorizeUrl(str, oAuth1Parameters);
    }

    private OAuthToken extractCachedRequestToken(WebRequest webRequest) {
        OAuthToken oAuthToken = (OAuthToken) this.sessionStrategy.getAttribute(webRequest, OAUTH_TOKEN_ATTRIBUTE);
        this.sessionStrategy.removeAttribute(webRequest, OAUTH_TOKEN_ATTRIBUTE);
        return oAuthToken;
    }

    private String extractCachedOAuth2State(WebRequest webRequest) {
        String str = (String) this.sessionStrategy.getAttribute(webRequest, OAUTH2_STATE_ATTRIBUTE);
        this.sessionStrategy.removeAttribute(webRequest, OAUTH2_STATE_ATTRIBUTE);
        return str;
    }

    private MultiValueMap<String, String> getRequestParameters(NativeWebRequest nativeWebRequest, String... strArr) {
        List asList = Arrays.asList(strArr);
        LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
        for (Map.Entry<String, String[]> entry : nativeWebRequest.getParameterMap().entrySet()) {
            if (!asList.contains(entry.getKey())) {
                linkedMultiValueMap.put((LinkedMultiValueMap) entry.getKey(), (String) Arrays.asList(entry.getValue()));
            }
        }
        return linkedMultiValueMap;
    }
}
