package pt.digitalis.dif.oauth.listeners;

import java.io.IOException;
import java.net.URLEncoder;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.json.util.JSONUtils;
import org.apache.batik.util.XMLConstants;
import org.apache.log4j.spi.LocationInfo;
import org.springframework.beans.factory.BeanFactory;
import pt.digitalis.dif.controller.http.HTTPControllerConfiguration;
import pt.digitalis.dif.controller.interfaces.IDIFSession;
import pt.digitalis.dif.controller.objects.RESTAction;
import pt.digitalis.dif.controller.security.managers.ISessionManager;
import pt.digitalis.dif.ioc.DIFIoCRegistry;
import pt.digitalis.dif.listeners.AbstractRESTfullHttpListener;
import pt.digitalis.dif.oauth.managers.AuthorizationManager;
import pt.digitalis.dif.oauth.managers.ClientManager;
import pt.digitalis.dif.oauth.remoteauth.AuthorizationData;
import pt.digitalis.dif.oauth.remoteauth.RemoteAuthParams;
import pt.digitalis.dif.oauth.remoteauth.utils.MD5Generator;
import pt.digitalis.dif.utils.http.HttpUtils;
import pt.digitalis.dif.utils.logging.DIFLogger;
import pt.digitalis.dif.utils.logging.IErrorLogManager;
import pt.digitalis.utils.common.StringUtils;

/* loaded from: input_file:WEB-INF/lib/dif-remote-auth-2.8.9-7.jar:pt/digitalis/dif/oauth/listeners/ProviderAuthorizationListener.class */
public class ProviderAuthorizationListener extends AbstractRESTfullHttpListener {
    private static final long serialVersionUID = 1;
    private static ISessionManager sessionManager = null;
    private IErrorLogManager errorLog = (IErrorLogManager) DIFIoCRegistry.getRegistry().getImplementation(IErrorLogManager.class);

    private ISessionManager getSession() {
        if (sessionManager == null) {
            sessionManager = (ISessionManager) DIFIoCRegistry.getRegistry().getImplementation(ISessionManager.class);
        }
        return sessionManager;
    }

    @Override // pt.digitalis.dif.listeners.AbstractRESTfullHttpListener
    protected void processRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, RESTAction rESTAction) throws ServletException, IOException {
        try {
            String method = httpServletRequest.getMethod();
            String parameter = httpServletRequest.getParameter("client_id");
            String parameter2 = httpServletRequest.getParameter(RemoteAuthParams.RESPONSE_TYPE);
            String parameter3 = httpServletRequest.getParameter("redirect_uri");
            DIFLogger.getLogger().debug("ProviderAuthorizationListener params:");
            DIFLogger.getLogger().debug("   - clientId :'" + parameter + JSONUtils.SINGLE_QUOTE);
            DIFLogger.getLogger().debug("   - responseType :'" + parameter2 + JSONUtils.SINGLE_QUOTE);
            DIFLogger.getLogger().debug("   - redirectUri :'" + parameter3 + JSONUtils.SINGLE_QUOTE);
            if (!"GET".equals(method) && !"POST".equals(method)) {
                throw new ServletException("Method not correct.");
            }
            if (StringUtils.isBlank(parameter)) {
                throw new ServletException("Client Id must be defined!");
            }
            if (!ClientManager.clientExists(parameter)) {
                throw new ServletException("Client '" + parameter + "' not found!");
            }
            if (StringUtils.isBlank(parameter2)) {
                throw new ServletException("Response Type must be defined!");
            }
            if (!"code".equalsIgnoreCase(parameter2)) {
                throw new ServletException("Response Type only supports 'code'!");
            }
            if (StringUtils.isBlank(parameter3)) {
                throw new ServletException("Redirect URI must be defined!");
            }
            if (parameter3.toLowerCase().equalsIgnoreCase(ClientManager.getConf(parameter).getCallbackURL())) {
                throw new ServletException("Invalid Redirect URI !");
            }
            IDIFSession session = getSession().getSession(HttpUtils.buildSessionId(httpServletRequest.getSession()));
            if (session == null || !session.isLogged()) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("popup_mode=true&");
                stringBuffer.append("remoteauth=true&");
                stringBuffer.append("client_id=" + parameter + BeanFactory.FACTORY_BEAN_PREFIX);
                stringBuffer.append("response_type=" + parameter2 + BeanFactory.FACTORY_BEAN_PREFIX);
                stringBuffer.append("redirect_uri=" + URLEncoder.encode(parameter3, "UTF-8"));
                httpServletResponse.sendRedirect(HTTPControllerConfiguration.getInstance().getListenerName() + LocationInfo.NA + "stage=LoginStage&" + ((Object) stringBuffer));
            } else {
                String generateValue = new MD5Generator().generateValue();
                AuthorizationManager.register(generateValue, new AuthorizationData(parameter, session.getUser().getID()));
                httpServletResponse.sendRedirect(parameter3 + BeanFactory.FACTORY_BEAN_PREFIX + RemoteAuthParams.REMOTE_CALLBACK_PARAM + "=true&code" + XMLConstants.XML_EQUAL_SIGN + generateValue);
            }
        } catch (Exception e) {
            this.errorLog.logError("Provider Authorization Listener", "Process Request", e);
            httpServletResponse.sendRedirect("internal/generalServletError.jsp?errorText=" + e.getLocalizedMessage());
        }
    }
}
