package org.tangram.components;

import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.annotation.PostConstruct;
import javax.annotation.Resource;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.pac4j.core.client.Client;
import org.pac4j.core.client.Clients;
import org.pac4j.core.context.J2EContext;
import org.pac4j.core.credentials.Credentials;
import org.pac4j.core.exception.RequiresHttpAction;
import org.pac4j.http.client.indirect.FormClient;
import org.pac4j.oauth.profile.google2.Google2Email;
import org.pac4j.oauth.profile.google2.Google2Profile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.tangram.Constants;
import org.tangram.annotate.LinkAction;
import org.tangram.annotate.LinkHandler;
import org.tangram.annotate.LinkPart;
import org.tangram.authentication.AuthenticationService;
import org.tangram.authentication.GenericUser;
import org.tangram.authentication.User;
import org.tangram.link.Link;
import org.tangram.link.LinkFactory;
import org.tangram.link.LinkFactoryAggregator;
import org.tangram.link.LinkHandlerRegistry;
import org.tangram.link.TargetDescriptor;
import org.tangram.protection.SimplePasswordProtection;
import org.tangram.util.SystemUtils;

@Singleton
@LinkHandler
@Named("authenticationService")
/* loaded from: input_file:org/tangram/components/PacAuthenticationService.class */
public class PacAuthenticationService implements AuthenticationService, LinkFactory {
    private static final Logger LOG = LoggerFactory.getLogger(PacAuthenticationService.class);

    @Inject
    @Resource(name = "loginProviders")
    @Named("loginProviders")
    private Set<String> loginProviders;

    @Inject
    @Resource(name = "userIdAttributes")
    @Named("userIdAttributes")
    private Map<String, String> userIdAttributes;

    @Inject
    private LinkHandlerRegistry registry;

    @Inject
    private LinkFactoryAggregator linkFactoryAggregator;

    @Inject
    private Set<Client> clientSet = new HashSet();
    private Clients clients = null;

    @Override // org.tangram.authentication.AuthenticationService
    public Set<String> getProviderNames() {
        HashSet hashSet = new HashSet();
        LOG.info("getProviderNames() login providers {}", this.loginProviders);
        LOG.debug("getProviderNames() client set {}", this.clientSet);
        for (Client client : this.clientSet) {
            if (this.loginProviders.contains(client.getName())) {
                hashSet.add(client.getName());
            }
        }
        LOG.info("getProviderNames() provider names {}", hashSet);
        return hashSet;
    }

    private String getLoginAction(Set<String> set) {
        LOG.debug("getLoginAction() {}", set);
        HashSet hashSet = new HashSet();
        for (String str : getProviderNames()) {
            if (set.contains(str)) {
                hashSet.add(str);
            }
        }
        LOG.debug("getLoginAction() {}", hashSet);
        return hashSet.size() == 1 ? (String) hashSet.iterator().next() : SimplePasswordProtection.PARAM_LOGIN;
    }

    @Override // org.tangram.authentication.AuthenticationService
    public TargetDescriptor getLoginTarget(Set<String> set) {
        return new TargetDescriptor(this, null, getLoginAction(set));
    }

    @Override // org.tangram.authentication.AuthenticationService
    public Link getLogoutLink(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return this.linkFactoryAggregator.createLink(httpServletRequest, httpServletResponse, this, "logout", null);
    }

    @Override // org.tangram.authentication.AuthenticationService
    public void redirectToLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Set<String> set) throws IOException {
        httpServletResponse.sendRedirect(this.linkFactoryAggregator.createLink(httpServletRequest, httpServletResponse, this, getLoginAction(set), null).getUrl());
    }

    private Clients getClients(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        synchronized (this) {
            if (this.clients == null) {
                ArrayList arrayList = new ArrayList(this.clientSet);
                String str = httpServletRequest.getScheme() + "://" + httpServletRequest.getServerName() + ":" + httpServletRequest.getServerPort() + this.linkFactoryAggregator.createLink(httpServletRequest, httpServletResponse, this, "callback", null).getUrl();
                LOG.info("getClients() callback url {}", str);
                this.clients = new Clients(str, arrayList);
                try {
                    FormClient findClient = this.clients.findClient(FormClient.class);
                    Link createLink = this.linkFactoryAggregator.createLink(httpServletRequest, httpServletResponse, this, "login-form", null);
                    LOG.debug("getClients() login link {}", createLink);
                    findClient.setLoginUrl(createLink.getUrl());
                } catch (Exception e) {
                    LOG.warn("getClients() {} :{}", e.getMessage(), e.getClass().getSimpleName());
                }
            }
        }
        return this.clients;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v13, types: [java.util.Set] */
    @Override // org.tangram.authentication.AuthenticationService
    public Set<User> getUsers(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HashSet hashSet = new HashSet();
        HttpSession session = httpServletRequest.getSession(false);
        LOG.debug("getUsers() session: {}", session);
        if (session != null) {
            LOG.debug("getUsers() session id: {}", session.getId());
            Object attribute = session.getAttribute(Constants.ATTRIBUTE_USERS);
            LOG.info("getUsers({}) users: {}", session.getId(), attribute);
            if (attribute != null) {
                hashSet = (Set) SystemUtils.convert(attribute);
            }
        }
        return hashSet;
    }

    @LinkAction("/login")
    public TargetDescriptor login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        LOG.info("login()");
        httpServletResponse.setContentType(Constants.MIME_TYPE_HTML_UTF8);
        return new TargetDescriptor(this, null, null);
    }

    @LinkAction("/login-form")
    public TargetDescriptor form(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        LOG.info("form()");
        httpServletResponse.setContentType(Constants.MIME_TYPE_HTML_UTF8);
        return new TargetDescriptor(this, "form", null);
    }

    private TargetDescriptor getReturnTarget() {
        return new TargetDescriptor(this, null, "return");
    }

    @LinkAction("/logout")
    public TargetDescriptor logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        LOG.info("logout()");
        Object attribute = httpServletRequest.getSession(true).getAttribute(Constants.ATTRIBUTE_RETURN_URL);
        httpServletRequest.getSession(true).invalidate();
        httpServletRequest.getSession(true).setAttribute(Constants.ATTRIBUTE_RETURN_URL, attribute);
        return getReturnTarget();
    }

    @LinkAction("/redirect/(.*)")
    public TargetDescriptor redirect(@LinkPart(1) String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        LOG.info("redirect()");
        J2EContext j2EContext = new J2EContext(httpServletRequest, httpServletResponse);
        Client findClient = getClients(httpServletRequest, httpServletResponse).findClient(str);
        LOG.info("redirect() redirecting with {}", findClient.getName());
        findClient.redirect(j2EContext, true);
        return TargetDescriptor.DONE;
    }

    @LinkAction("/callback")
    public TargetDescriptor callback(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        LOG.info("callback()");
        HttpSession session = httpServletRequest.getSession(true);
        Set set = (Set) SystemUtils.convert(session.getAttribute(Constants.ATTRIBUTE_USERS));
        LOG.info("callback() logged in users {}", set);
        if (set == null) {
            set = new HashSet();
            session.setAttribute(Constants.ATTRIBUTE_USERS, set);
        }
        J2EContext j2EContext = new J2EContext(httpServletRequest, httpServletResponse);
        Client client = (Client) SystemUtils.convert(getClients(httpServletRequest, httpServletResponse).findClient(j2EContext));
        LOG.info("callback() client: {}", client);
        try {
            Credentials credentials = client.getCredentials(j2EContext);
            LOG.info("callback() credentials: {}", credentials);
            Google2Profile userProfile = client.getUserProfile(credentials, j2EContext);
            HashMap hashMap = new HashMap(userProfile.getAttributes());
            if (userProfile instanceof Google2Profile) {
                for (Google2Email google2Email : userProfile.getEmails()) {
                    LOG.debug("callback() google mail: {}", google2Email.getEmail());
                    hashMap.put("email", google2Email.getEmail());
                }
            }
            LOG.debug("callback() userProfile {}: {} ({})", new Object[]{userProfile.getId(), userProfile, httpServletRequest.getSession(false)});
            String str = this.userIdAttributes.get(client.getName());
            String id = StringUtils.isEmpty(str) ? userProfile.getId() : "" + hashMap.get(str);
            LOG.debug("callback() user id : {} ({})", id, str);
            GenericUser genericUser = new GenericUser(client.getName(), id, hashMap);
            if (!set.contains(genericUser)) {
                set.add(genericUser);
            }
            LOG.info("callback({}) logged in users after callback {}", session.getId(), set);
            return getReturnTarget();
        } catch (RequiresHttpAction | RuntimeException e) {
            LOG.warn("callback() {}", e.getLocalizedMessage(), e);
            session.setAttribute("tangram.login.error", e.getLocalizedMessage());
            return new TargetDescriptor(this, null, client.getName());
        }
    }

    @Override // org.tangram.link.LinkFactory
    public Link createLink(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, String str, String str2) {
        Link link;
        Link link2 = null;
        if (obj == this) {
            if ("form".equals(str2)) {
                link2 = new Link("/login-form");
            } else {
                Set<String> providerNames = getProviderNames();
                LOG.info("createLink() creating login handling url for action {} in {}", str, providerNames);
                if ("return".equals(str)) {
                    HttpSession session = httpServletRequest.getSession(true);
                    Object attribute = session.getAttribute(Constants.ATTRIBUTE_RETURN_URL);
                    if (attribute != null) {
                        LOG.info("createLink() creating return link to {}", attribute);
                        link2 = new Link(attribute.toString().substring(this.linkFactoryAggregator.getPrefix(httpServletRequest).length()));
                        session.removeAttribute("tangramURL");
                    } else {
                        link2 = new Link("/");
                    }
                } else {
                    if (providerNames.contains(str)) {
                        link = new Link("/redirect/" + str);
                    } else {
                        link = new Link("/" + (str == null ? SimplePasswordProtection.PARAM_LOGIN : str));
                    }
                    link2 = link;
                }
                LOG.info("createLink() creating login handling url for action {} in {}: {}", new Object[]{str, providerNames, link2});
            }
        }
        return link2;
    }

    @PostConstruct
    public void afterPropertiesSet() {
        LOG.debug("afterPropertiesSet() registering handler");
        this.registry.registerLinkHandler(this);
        this.linkFactoryAggregator.registerFactory(this);
        LOG.debug("afterPropertiesSet() collecting clients");
        Iterator<Client> it = this.clientSet.iterator();
        while (it.hasNext()) {
            LOG.info("afterPropertiesSet() client {}", it.next().getName());
        }
    }
}
