package at.gv.egovernment.moa.id.protocols.oauth20.protocol;

import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
import at.gv.egiz.eaaf.core.exceptions.EAAFException;
import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;
import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
import com.google.gson.JsonObject;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

@Controller
/* loaded from: input_file:at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.class */
public class OAuth20Protocol extends AbstractController implements IModulInfo {
    public static final String PATH = "id_oauth20";
    public static final String AUTH_ACTION = "AUTH";
    public static final String TOKEN_ACTION = "TOKEN";

    @Autowired(required = true)
    AuthConfiguration moaAuthConfig;
    public static final String NAME = OAuth20Protocol.class.getName();
    public static final List<String> DEFAULTREQUESTEDATTRFORINTERFEDERATION = Arrays.asList("urn:oid:1.2.40.0.10.2.1.1.261.34", "urn:oid:1.2.40.0.10.2.1.1.149");

    public String getName() {
        return NAME;
    }

    public String getAuthProtocolIdentifier() {
        return PATH;
    }

    public OAuth20Protocol() {
        Logger.debug("Registering servlet " + getClass().getName() + " with mappings '/oauth2/auth' and '/oauth2/token'.");
    }

    @RequestMapping(value = {"/oauth2/auth"}, method = {RequestMethod.POST, RequestMethod.GET})
    public void openIDConnectAuthRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws EAAFException, IOException {
        if (!this.moaAuthConfig.getAllowedProtocols().isOAUTHActive()) {
            Logger.info("OpenID-Connect is deaktivated!");
            throw new ProtocolNotActiveException("auth.22", new Object[]{NAME});
        }
        OAuth20AuthRequest oAuth20AuthRequest = (OAuth20AuthRequest) this.applicationContext.getBean(OAuth20AuthRequest.class);
        try {
            oAuth20AuthRequest.initialize(httpServletRequest, this.authConfig);
            oAuth20AuthRequest.setModule(NAME);
            oAuth20AuthRequest.populateParameters(httpServletRequest, this.authConfig);
            this.revisionsLogger.logEvent(1000, oAuth20AuthRequest.getUniqueSessionIdentifier());
            this.revisionsLogger.logEvent(1100, oAuth20AuthRequest.getUniqueTransactionIdentifier());
            this.revisionsLogger.logEvent(oAuth20AuthRequest.getUniqueSessionIdentifier(), oAuth20AuthRequest.getUniqueTransactionIdentifier(), 1102, httpServletRequest.getRemoteAddr());
            this.protAuthService.performAuthentication(httpServletRequest, httpServletResponse, oAuth20AuthRequest);
        } catch (EAAFException e) {
            Logger.info("OpenID-Connect request has a validation error: " + e.getMessage());
            throw new InvalidProtocolRequestException(e.getErrorId(), e.getParams(), e);
        }
    }

    @RequestMapping(value = {"/oauth2/token"}, method = {RequestMethod.POST, RequestMethod.GET})
    public void OpenIDConnectTokkenRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws EAAFException, IOException, InvalidProtocolRequestException {
        if (!this.moaAuthConfig.getAllowedProtocols().isOAUTHActive()) {
            Logger.info("OpenID-Connect is deaktivated!");
            throw new ProtocolNotActiveException("auth.22", new Object[]{NAME});
        }
        OAuth20TokenRequest oAuth20TokenRequest = (OAuth20TokenRequest) this.applicationContext.getBean(OAuth20TokenRequest.class);
        try {
            oAuth20TokenRequest.initialize(httpServletRequest, this.authConfig);
            oAuth20TokenRequest.setModule(NAME);
            oAuth20TokenRequest.populateParameters(httpServletRequest, this.authConfig);
            this.revisionsLogger.logEvent(1000, oAuth20TokenRequest.getUniqueSessionIdentifier());
            this.revisionsLogger.logEvent(1100, oAuth20TokenRequest.getUniqueTransactionIdentifier());
            this.revisionsLogger.logEvent(oAuth20TokenRequest.getUniqueSessionIdentifier(), oAuth20TokenRequest.getUniqueTransactionIdentifier(), 1102, httpServletRequest.getRemoteAddr());
            this.protAuthService.performAuthentication(httpServletRequest, httpServletResponse, oAuth20TokenRequest);
        } catch (EAAFException e) {
            Logger.info("OpenID-Connect request has a validation error: " + e.getMessage());
            throw new InvalidProtocolRequestException(e.getErrorId(), e.getParams(), e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public boolean generateErrorMessage(Throwable th, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, IRequest iRequest) throws Throwable {
        String str;
        String encode;
        String responseErrorCode;
        String str2 = iRequest.getAuthURL() + "/" + OAuth20Constants.ERRORPAGE;
        if (th instanceof OAuth20Exception) {
            str = ((OAuth20Exception) th).getErrorCode();
            encode = URLEncoder.encode(((OAuth20Exception) th).getMessageId() + ": " + th.getMessage(), "UTF-8");
            responseErrorCode = this.statusMessager.mapInternalErrorToExternalError(((OAuth20Exception) th).getMessageId());
        } else {
            str = OAuth20Constants.ERROR_SERVER_ERROR;
            encode = URLEncoder.encode(th.getMessage(), "UTF-8");
            responseErrorCode = this.statusMessager.getResponseErrorCode(th);
        }
        String str3 = null;
        String str4 = null;
        boolean z = false;
        if (iRequest == null) {
            String parameter = httpServletRequest.getParameter(OAuth20Constants.PARAM_MOA_ACTION);
            if (!MiscUtil.isNotEmpty(parameter)) {
                throw new MOAIDException("oauth20.01", new Object[0]);
            }
            if (parameter.equals(AUTH_ACTION)) {
                str3 = httpServletRequest.getParameter(OAuth20Constants.PARAM_REDIRECT_URI);
                str4 = httpServletRequest.getParameter(OAuth20Constants.PARAM_STATE);
                z = true;
            }
        } else if (iRequest instanceof OAuth20AuthRequest) {
            z = true;
            str3 = ((OAuth20AuthRequest) iRequest).getRedirectUri();
            str4 = ((OAuth20AuthRequest) iRequest).getState();
        } else {
            z = false;
        }
        if (!z) {
            Logger.debug("Going to throw O OAuth20Exception for token request");
            HashMap hashMap = new HashMap();
            hashMap.put(OAuth20Constants.PARAM_ERROR, str);
            hashMap.put(OAuth20Constants.PARAM_ERROR_DESCRIPTION, encode);
            hashMap.put(OAuth20Constants.PARAM_ERROR_URI, URLEncoder.encode(str2 + "#" + responseErrorCode, "UTF-8"));
            JsonObject jsonObject = new JsonObject();
            OAuth20Util.addProperytiesToJsonObject(jsonObject, hashMap);
            byte[] bytes = jsonObject.toString().getBytes("UTF-8");
            Logger.debug("JSON Response: " + new String(bytes));
            httpServletResponse.setContentType("application/json");
            httpServletResponse.setContentLength(bytes.length);
            httpServletResponse.setStatus(400);
            httpServletResponse.getOutputStream().write(bytes);
            return true;
        }
        Logger.debug("Going to throw O OAuth20Exception for auth request");
        StringBuilder sb = new StringBuilder();
        if (!StringUtils.isNotEmpty(str3) || !OAuth20Util.isUrl(str3)) {
            throw new MOAIDException("oauth20.01", new Object[0]);
        }
        sb.append(str3);
        OAuth20Util.addParameterToURL(sb, OAuth20Constants.PARAM_ERROR, str);
        OAuth20Util.addParameterToURL(sb, OAuth20Constants.PARAM_ERROR_DESCRIPTION, encode);
        OAuth20Util.addParameterToURL(sb, OAuth20Constants.PARAM_STATE, str4);
        if (MiscUtil.isNotEmpty(responseErrorCode)) {
            OAuth20Util.addParameterToURL(sb, OAuth20Constants.PARAM_ERROR_URI, URLEncoder.encode(str2 + "#" + responseErrorCode, "UTF-8"));
        }
        String addURLParameter = addURLParameter(iRequest.getAuthURL() + "/RedirectServlet", "redirecturl", URLEncoder.encode(sb.toString(), "UTF-8"));
        httpServletResponse.setContentType("text/html");
        httpServletResponse.setStatus(302);
        httpServletResponse.addHeader("Location", addURLParameter);
        Logger.debug("REDIRECT TO: " + addURLParameter);
        return true;
    }

    public boolean validate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, IRequest iRequest) {
        return true;
    }

    protected static String addURLParameter(String str, String str2, String str3) {
        String str4 = str2 + "=" + str3;
        return str.indexOf("?") < 0 ? str + "?" + str4 : str + "&" + str4;
    }
}
