package it.geosolutions.geostore.services.rest.security.oauth2.openid_connect;

import it.geosolutions.geostore.services.rest.IdPLoginRest;
import it.geosolutions.geostore.services.rest.security.oauth2.OAuth2Utils;
import it.geosolutions.geostore.services.rest.security.oauth2.Oauth2LoginService;
import it.geosolutions.geostore.services.rest.security.oauth2.TokenDetails;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.core.Response;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
import org.springframework.web.context.request.RequestContextHolder;

/* loaded from: input_file:it/geosolutions/geostore/services/rest/security/oauth2/openid_connect/OpenIdConnectLoginService.class */
public class OpenIdConnectLoginService extends Oauth2LoginService {
    private static final Logger LOGGER = LogManager.getLogger(OpenIdConnectLoginService.class.getName());

    public OpenIdConnectLoginService(IdPLoginRest idPLoginRest) {
        idPLoginRest.registerService("oidc", this);
    }

    @Override // it.geosolutions.geostore.services.rest.security.oauth2.Oauth2LoginService
    public Response doInternalRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        Authentication authentication;
        String accessToken = OAuth2Utils.getAccessToken();
        String refreshAccessToken = OAuth2Utils.getRefreshAccessToken();
        if (accessToken == null && SecurityContextHolder.getContext() != null && (authentication = SecurityContextHolder.getContext().getAuthentication()) != null && authentication.getDetails() != null && (authentication.getDetails() instanceof TokenDetails)) {
            TokenDetails tokenDetails = (TokenDetails) authentication.getDetails();
            OAuth2AccessToken accessToken2 = tokenDetails.getAccessToken();
            if (accessToken2 != null) {
                accessToken = accessToken2.getValue();
                RequestContextHolder.getRequestAttributes().setAttribute(OAuth2Utils.ACCESS_TOKEN_PARAM, accessToken2, 0);
                RequestContextHolder.getRequestAttributes().setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_VALUE, accessToken, 0);
                if (accessToken2.getRefreshToken().getValue() != null) {
                    refreshAccessToken = accessToken2.getRefreshToken().getValue();
                    RequestContextHolder.getRequestAttributes().setAttribute(OAuth2Utils.REFRESH_TOKEN_PARAM, accessToken2.getRefreshToken().getValue(), 0);
                }
            }
            if (tokenDetails.getIdToken() != null) {
                RequestContextHolder.getRequestAttributes().setAttribute(OAuth2Utils.ID_TOKEN_PARAM, tokenDetails.getIdToken(), 0);
                RequestContextHolder.getRequestAttributes().setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_VALUE, tokenDetails.getIdToken(), 0);
            }
        }
        RequestContextHolder.getRequestAttributes().setAttribute("PROVIDER", str, 0);
        return buildCallbackResponse(accessToken, refreshAccessToken, str);
    }
}
