package net.zileo.ninja.auth0.controllers;

import com.auth0.client.auth.AuthAPI;
import com.auth0.exception.Auth0Exception;
import com.auth0.json.auth.TokenHolder;
import com.auth0.jwt.algorithms.Algorithm;
import com.google.common.collect.Maps;
import com.google.inject.Inject;
import java.io.UnsupportedEncodingException;
import java.lang.invoke.SerializedLambda;
import javax.inject.Named;
import net.zileo.ninja.auth0.handlers.Auth0TokenHandler;
import net.zileo.ninja.auth0.subject.Subject;
import ninja.Context;
import ninja.Result;
import ninja.Results;
import ninja.ReverseRouter;
import ninja.exceptions.ForbiddenRequestException;
import ninja.exceptions.InternalServerErrorException;
import ninja.params.Param;
import ninja.params.PathParam;
import ninja.session.Session;
import ninja.utils.NinjaProperties;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/zileo/ninja/auth0/controllers/Auth0Controller.class */
public class Auth0Controller {
    private static final Logger logger = LoggerFactory.getLogger(Auth0Controller.class);
    public static final String SESSION_ID_TOKEN = "id_token";
    public static final String SESSION_TARGET_URL = "target_url";

    @Inject
    protected ReverseRouter reverseRouter;
    private boolean forceHttps;
    private String loggedOutPage;

    @Inject
    private Auth0TokenHandler<? extends Subject> tokenHandler;
    private AuthAPI auth;
    private Algorithm algorithm;

    @Inject
    public void init(NinjaProperties ninjaProperties, @Named("auth0.domain") String str, @Named("auth0.clientId") String str2, @Named("auth0.clientSecret") String str3) throws IllegalArgumentException, UnsupportedEncodingException {
        this.auth = new AuthAPI(str, str2, str3);
        this.algorithm = Algorithm.HMAC256(str3);
        this.loggedOutPage = ninjaProperties.getWithDefault("auth0.loggedOut", "/");
        this.forceHttps = ninjaProperties.getBooleanWithDefault("auth0.forceHttps", false).booleanValue();
    }

    protected String getCallbackUrl(Context context) {
        return ((ReverseRouter.Builder) this.reverseRouter.with((v0, v1, v2) -> {
            return v0.callback(v1, v2);
        })).absolute(this.forceHttps ? "https" : context.getScheme(), context.getHostname()).build();
    }

    protected String getLoggedOutUrl(Context context) {
        return ((ReverseRouter.Builder) this.reverseRouter.with((v0, v1) -> {
            return v0.loggedOut(v1);
        })).absolute(this.forceHttps ? "https" : context.getScheme(), context.getHostname()).build();
    }

    public Result login(Context context, Session session) {
        return Results.redirect(this.auth.authorizeUrl(getCallbackUrl(context)).withResponseType("code").withScope(this.tokenHandler.getScope()).build());
    }

    public Result callback(Context context, Session session) {
        if (context.getParameter("error") != null) {
            throw new ForbiddenRequestException(context.getParameter("error_description"));
        }
        if (context.getParameter("code") == null) {
            throw new ForbiddenRequestException("No authorization code received");
        }
        try {
            TokenHolder tokenHolder = (TokenHolder) this.auth.exchangeCode(context.getParameter("code"), getCallbackUrl(context)).execute();
            try {
                this.tokenHandler.buildSubject(tokenHolder.getIdToken());
                session.put(SESSION_ID_TOKEN, tokenHolder.getIdToken());
                session.setExpiryTime(Long.valueOf(tokenHolder.getExpiresIn() * 1000));
                String remove = session.remove(SESSION_TARGET_URL);
                logger.debug("ID token set, redirecting to requested path ({})", remove);
                return Results.redirect(remove == null ? "/" : remove);
            } catch (IllegalArgumentException e) {
                throw new ForbiddenRequestException(e.getMessage(), e);
            }
        } catch (Auth0Exception e2) {
            throw new InternalServerErrorException(e2.getMessage());
        }
    }

    public Result logout(Context context, Session session) {
        if (session.get(SESSION_ID_TOKEN) != null) {
            session.clear();
            return Results.redirect(this.auth.logoutUrl(getLoggedOutUrl(context), true).useFederated(true).build());
        }
        session.clear();
        return Results.redirect(getLoggedOutUrl(context));
    }

    public Result loggedOut(Context context) {
        return this.loggedOutPage != null ? Results.redirect(this.loggedOutPage) : Results.text().render("Logged Out");
    }

    public Result simulate(Context context, Session session, @PathParam("value") String str) {
        session.put(SESSION_ID_TOKEN, this.tokenHandler.buildSimulatedJWT(str, Maps.newHashMap()).sign(this.algorithm));
        String remove = session.remove(SESSION_TARGET_URL);
        return Results.redirect(remove == null ? "/" : remove);
    }

    public Result simulateLogin() {
        return Results.html();
    }

    public Result doSimulate(Context context, Session session, @Param("value") String str) {
        return simulate(context, session, str);
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -1784399252:
                if (implMethodName.equals("loggedOut")) {
                    z = false;
                    break;
                }
                break;
            case -172220347:
                if (implMethodName.equals("callback")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("ninja/ControllerMethods$ControllerMethod2") && serializedLambda.getFunctionalInterfaceMethodName().equals("apply") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Ljava/lang/Object;Ljava/lang/Object;)Lninja/Result;") && serializedLambda.getImplClass().equals("net/zileo/ninja/auth0/controllers/Auth0Controller") && serializedLambda.getImplMethodSignature().equals("(Lninja/Context;)Lninja/Result;")) {
                    return (v0, v1) -> {
                        return v0.loggedOut(v1);
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("ninja/ControllerMethods$ControllerMethod3") && serializedLambda.getFunctionalInterfaceMethodName().equals("apply") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Ljava/lang/Object;Ljava/lang/Object;Ljava/lang/Object;)Lninja/Result;") && serializedLambda.getImplClass().equals("net/zileo/ninja/auth0/controllers/Auth0Controller") && serializedLambda.getImplMethodSignature().equals("(Lninja/Context;Lninja/session/Session;)Lninja/Result;")) {
                    return (v0, v1, v2) -> {
                        return v0.callback(v1, v2);
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
