package it.geosolutions.opensdi2.oauth2.impl;

import com.nimbusds.oauth2.sdk.AuthorizationCode;
import com.nimbusds.oauth2.sdk.AuthorizationCodeGrant;
import com.nimbusds.oauth2.sdk.AuthorizationRequest;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.ResponseType;
import com.nimbusds.oauth2.sdk.Scope;
import com.nimbusds.oauth2.sdk.SerializeException;
import com.nimbusds.oauth2.sdk.TokenRequest;
import com.nimbusds.oauth2.sdk.auth.ClientSecretPost;
import com.nimbusds.oauth2.sdk.auth.Secret;
import com.nimbusds.oauth2.sdk.id.ClientID;
import com.nimbusds.oauth2.sdk.id.State;
import com.nimbusds.oauth2.sdk.token.AccessToken;
import com.nimbusds.openid.connect.sdk.OIDCAccessTokenResponse;
import it.geosolutions.opensdi2.configurations.model.OSDIConfigurationKVP;
import it.geosolutions.opensdi2.oauth2.OAuth2LoginService;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:it/geosolutions/opensdi2/oauth2/impl/OpenIdConnectLoginService.class */
public class OpenIdConnectLoginService implements OAuth2LoginService {
    @Override // it.geosolutions.opensdi2.oauth2.OAuth2LoginService
    public void login(OSDIConfigurationKVP oSDIConfigurationKVP, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpSession httpSession) {
        State state = new State();
        httpSession.setAttribute("state", state.getValue());
        httpSession.setAttribute("returnPage", httpServletRequest.getParameter("returnUrl"));
        ResponseType responseType = new ResponseType();
        responseType.add(ResponseType.Value.CODE);
        try {
            String obj = oSDIConfigurationKVP.getValue("loginUrl", "").toString();
            String obj2 = oSDIConfigurationKVP.getValue("clientId", "").toString();
            String obj3 = oSDIConfigurationKVP.getValue("returnUrl", "").toString();
            String obj4 = oSDIConfigurationKVP.getValue("authorizations", "openid email profile").toString();
            if (obj.isEmpty() || obj2.isEmpty() || obj3.isEmpty()) {
                throw new IllegalArgumentException("Configuration is not valid. Either loginUrl, clientId or returnUrl are missing");
            }
            AuthorizationRequest authorizationRequest = new AuthorizationRequest(new URL(obj), responseType, new ClientID(obj2), new URL(obj3), Scope.parse(obj4), state);
            httpServletResponse.sendRedirect(authorizationRequest.toHTTPRequest().getURL().toExternalForm() + "?" + authorizationRequest.toHTTPRequest().getQuery());
        } catch (IOException e) {
            throw new IllegalArgumentException("Cannot redirect to OpenID Connect service.");
        } catch (SerializeException e2) {
            throw new IllegalArgumentException("Cannot redirect to OpenID Connect service.");
        }
    }

    @Override // it.geosolutions.opensdi2.oauth2.OAuth2LoginService
    public AccessToken getToken(OSDIConfigurationKVP oSDIConfigurationKVP, String str) {
        String obj = oSDIConfigurationKVP.getValue("clientId", "").toString();
        String obj2 = oSDIConfigurationKVP.getValue("clientSecret", "").toString();
        String obj3 = oSDIConfigurationKVP.getValue("returnUrl", "").toString();
        String obj4 = oSDIConfigurationKVP.getValue("tokenUrl", "").toString();
        try {
            if (obj4.isEmpty() || obj.isEmpty() || obj2.isEmpty() || obj3.isEmpty()) {
                throw new IllegalArgumentException("Configuration is not valid. Either tokenUrl, clientId, clientSecret or returnUrl are missing");
            }
            return OIDCAccessTokenResponse.parse(new TokenRequest(new URL(obj4), new ClientSecretPost(new ClientID(obj), new Secret(obj2)), new AuthorizationCodeGrant(new AuthorizationCode(str), new URL(obj3))).toHTTPRequest().send()).getAccessToken();
        } catch (MalformedURLException e) {
            throw new IllegalArgumentException("Malformed tokenUrl: " + obj4);
        } catch (ParseException e2) {
            throw new IllegalArgumentException("Error parsing token from OAuth2 service");
        } catch (IOException e3) {
            throw new IllegalArgumentException("Error getting token from OAuth2 service");
        } catch (SerializeException e4) {
            throw new IllegalArgumentException("Error getting token from OAuth2 service");
        }
    }

    @Override // it.geosolutions.opensdi2.oauth2.OAuth2LoginService
    public void returnToClient(OSDIConfigurationKVP oSDIConfigurationKVP, HttpServletResponse httpServletResponse, HttpSession httpSession, AccessToken accessToken) {
        try {
            httpServletResponse.sendRedirect(((String) httpSession.getAttribute("returnPage")) + "?token=" + accessToken.toJSONString());
        } catch (IOException e) {
            throw new IllegalArgumentException("Error calling application page");
        }
    }
}
