package pl.psnc.dl.wf4ever.portal.pages.users;

import com.hp.hpl.jena.ontology.OntDocumentManager;
import com.hp.hpl.jena.sparql.sse.Tags;
import com.sun.jersey.api.client.UniformInterfaceException;
import java.util.UUID;
import org.apache.log4j.Logger;
import org.apache.solr.common.cloud.ZkStateReader;
import org.apache.wicket.MarkupContainer;
import org.apache.wicket.extensions.wizard.Wizard;
import org.apache.wicket.markup.html.basic.Label;
import org.apache.wicket.markup.html.form.Button;
import org.apache.wicket.markup.html.form.Form;
import org.apache.wicket.markup.html.panel.Fragment;
import org.apache.wicket.request.http.handler.RedirectRequestHandler;
import org.apache.wicket.request.mapper.parameter.PageParameters;
import org.apache.xerces.impl.xs.SchemaSymbols;
import org.purl.wf4ever.rosrs.client.users.OAuthClient;
import org.purl.wf4ever.rosrs.client.users.User;
import org.scribe.model.OAuthConstants;
import pl.psnc.dl.wf4ever.portal.MySession;
import pl.psnc.dl.wf4ever.portal.model.users.AuthCodeData;
import pl.psnc.dl.wf4ever.portal.pages.BasePage;
import pl.psnc.dl.wf4ever.portal.services.HibernateService;

/* loaded from: input_file:WEB-INF/classes/pl/psnc/dl/wf4ever/portal/pages/users/OAuthAuthorizationEndpointPage.class */
public class OAuthAuthorizationEndpointPage extends BasePage {
    private static final long serialVersionUID = 3793214124123802219L;
    private static final Logger LOG = Logger.getLogger(OAuthAuthorizationEndpointPage.class);
    private OAuthClient client;
    private String state;
    private String providedRedirectURI;

    /* loaded from: input_file:WEB-INF/classes/pl/psnc/dl/wf4ever/portal/pages/users/OAuthAuthorizationEndpointPage$AuthorizeFragment.class */
    private class AuthorizeFragment extends Fragment {
        private static final long serialVersionUID = -3040124186474465047L;

        public AuthorizeFragment(String str, String str2, MarkupContainer markupContainer, final OAuthClient oAuthClient, final String str3) {
            super(str, str2, markupContainer);
            Form form = new Form(Wizard.FORM_ID);
            add(form);
            form.add(new Label("name", oAuthClient.getName()));
            form.add(new Button("authorize") { // from class: pl.psnc.dl.wf4ever.portal.pages.users.OAuthAuthorizationEndpointPage.AuthorizeFragment.1
                @Override // org.apache.wicket.markup.html.form.Button, org.apache.wicket.markup.html.form.IFormSubmitter
                public void onSubmit() {
                    super.onSubmit();
                    try {
                        getRequestCycle().scheduleRequestHandlerAfterCurrent(new RedirectRequestHandler(str3.equals(SchemaSymbols.ATTVAL_TOKEN) ? OAuthAuthorizationEndpointPage.this.prepareTokenResponse(oAuthClient) : OAuthAuthorizationEndpointPage.this.prepareAuthCodeResponse(oAuthClient)));
                    } catch (Exception e) {
                        error(e);
                        OAuthAuthorizationEndpointPage.LOG.error(e);
                    }
                }
            });
            form.add(new Button("reject") { // from class: pl.psnc.dl.wf4ever.portal.pages.users.OAuthAuthorizationEndpointPage.AuthorizeFragment.2
                @Override // org.apache.wicket.markup.html.form.Button, org.apache.wicket.markup.html.form.IFormSubmitter
                public void onSubmit() {
                    super.onSubmit();
                    getRequestCycle().scheduleRequestHandlerAfterCurrent(new RedirectRequestHandler(OAuthAuthorizationEndpointPage.this.prepareDeniedResponse(oAuthClient)));
                }
            });
        }
    }

    public OAuthAuthorizationEndpointPage(PageParameters pageParameters) {
        super(pageParameters);
        if (pageParameters.get("response_type").isNull()) {
            error("Missing response type.");
            return;
        }
        String stringValue = pageParameters.get("response_type").toString();
        if (!stringValue.equals(SchemaSymbols.ATTVAL_TOKEN) && !stringValue.equals(OAuthConstants.CODE)) {
            error(String.format("Unknown response type: %s.", stringValue));
            add(new Fragment("entry", "invalidRequest", this));
            return;
        }
        this.client = processImplicitGrantOrAuthCodeFlow(pageParameters);
        if (this.client == null || OAuthClient.OOB.equals(this.client.getRedirectionURI())) {
            add(new Fragment("entry", "invalidRequest", this));
        } else {
            add(new AuthorizeFragment("entry", "validRequest", this, this.client, stringValue));
        }
    }

    private OAuthClient processImplicitGrantOrAuthCodeFlow(PageParameters pageParameters) {
        if (pageParameters.get(OAuthConstants.CLIENT_ID).isNull()) {
            error("Missing client id.");
            return null;
        }
        try {
            OAuthClient client = ((MySession) getSession()).getUms().getClient(pageParameters.get(OAuthConstants.CLIENT_ID).toString());
            if (pageParameters.get(OAuthConstants.REDIRECT_URI).isNull()) {
                LOG.warn("Missing redirect URI.");
            } else {
                this.providedRedirectURI = pageParameters.get(OAuthConstants.REDIRECT_URI).toString();
                if (!client.getRedirectionURI().equals(this.providedRedirectURI)) {
                    error("Redirect URI does not match client redirect URI.");
                    return null;
                }
            }
            if (!pageParameters.get(ZkStateReader.STATE_PROP).isNull()) {
                this.state = pageParameters.get(ZkStateReader.STATE_PROP).toString();
            }
            return client;
        } catch (Exception e) {
            error("Invalid client id: " + e.getMessage() + ".");
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String prepareTokenResponse(OAuthClient oAuthClient) throws UniformInterfaceException {
        String str = ((oAuthClient.getRedirectionURI() + OntDocumentManager.ANCHOR) + "access_token=" + ((MySession) getSession()).getUms().createAccessToken(((MySession) getSession()).getUser().getURI().toString(), oAuthClient.getClientId())) + "&token_type=bearer";
        if (this.state != null) {
            str = str + "&state=" + this.state;
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String prepareAuthCodeResponse(OAuthClient oAuthClient) {
        User user = ((MySession) getSession()).getUser();
        String substring = UUID.randomUUID().toString().replaceAll(Tags.symMinus, "").substring(0, 20);
        HibernateService.storeCode(new AuthCodeData(substring, this.providedRedirectURI, user.getURI().toString(), oAuthClient.getClientId()));
        String str = (oAuthClient.getRedirectionURI() + "?") + "code=" + substring;
        if (this.state != null) {
            str = str + "&state=" + this.state;
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String prepareDeniedResponse(OAuthClient oAuthClient) {
        String str = (oAuthClient.getRedirectionURI() + OntDocumentManager.ANCHOR) + "error=access_denied";
        if (this.state != null) {
            str = str + "&state=" + this.state;
        }
        return str;
    }
}
