package com.wordnik.swagger.auth.service;

import com.wordnik.swagger.auth.model.AnonymousTokenResponse;
import com.wordnik.swagger.auth.model.ApiResponseMessage;
import com.wordnik.swagger.auth.model.TokenResponse;
import com.wordnik.swagger.auth.model.TokenWrapper;
import com.wordnik.swagger.auth.model.UserTokenResponse;
import com.wordnik.swagger.auth.service.TokenStore;
import com.wordnik.swagger.core.SwaggerContext$;
import java.net.URI;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.core.Response;
import org.apache.oltu.oauth2.as.request.OAuthAuthzRequest;
import org.apache.oltu.oauth2.as.response.OAuthASResponse;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.message.types.ResponseType;
import org.apache.oltu.oauth2.common.utils.OAuthUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import scala.Function0;
import scala.Option;
import scala.Option$;
import scala.Predef$;
import scala.Predef$ArrowAssoc$;
import scala.Some;
import scala.Tuple2;
import scala.collection.immutable.Map;
import scala.collection.immutable.StringOps;
import scala.collection.mutable.StringBuilder;
import scala.reflect.ScalaSignature;
import scala.runtime.BoxedUnit;
import scala.runtime.BoxesRunTime;

/* compiled from: AuthService.scala */
@ScalaSignature(bytes = "\u0006\u0001q4A!\u0001\u0002\u0001\u001b\tY\u0011)\u001e;i'\u0016\u0014h/[2f\u0015\t\u0019A!A\u0004tKJ4\u0018nY3\u000b\u0005\u00151\u0011\u0001B1vi\"T!a\u0002\u0005\u0002\u000fM<\u0018mZ4fe*\u0011\u0011BC\u0001\bo>\u0014HM\\5l\u0015\u0005Y\u0011aA2p[\u000e\u00011c\u0001\u0001\u000f)A\u0011qBE\u0007\u0002!)\t\u0011#A\u0003tG\u0006d\u0017-\u0003\u0002\u0014!\t1\u0011I\\=SK\u001a\u0004\"!\u0006\f\u000e\u0003\tI!a\u0006\u0002\u0003\u0015Q{7.\u001a8Ti>\u0014X\rC\u0003\u001a\u0001\u0011\u0005!$\u0001\u0004=S:LGO\u0010\u000b\u00027A\u0011Q\u0003\u0001\u0005\b;\u0001\u0011\r\u0011\"\u0003\u001f\u0003\u0019aujR$F%V\tq\u0004\u0005\u0002!K5\t\u0011E\u0003\u0002#G\u0005)1\u000f\u001c45U*\tA%A\u0002pe\u001eL!AJ\u0011\u0003\r1{wmZ3s\u0011\u0019A\u0003\u0001)A\u0005?\u00059AjT$H\u000bJ\u0003\u0003b\u0002\u0016\u0001\u0005\u0004%\taK\u0001\nm\u0006d\u0017\u000eZ1u_J,\u0012\u0001\f\t\u0003+5J!A\f\u0002\u0003\u0013Y\u000bG.\u001b3bi>\u0014\bB\u0002\u0019\u0001A\u0003%A&\u0001\u0006wC2LG-\u0019;pe\u0002BQA\r\u0001\u0005\u0002M\n\u0001B^1mS\u0012\fG/Z\u000b\u0003i]\"2!\u000e!J!\t1t\u0007\u0004\u0001\u0005\u000ba\n$\u0019A\u001d\u0003\u0003Q\u000b\"AO\u001f\u0011\u0005=Y\u0014B\u0001\u001f\u0011\u0005\u001dqu\u000e\u001e5j]\u001e\u0004\"a\u0004 \n\u0005}\u0002\"aA!os\")\u0011)\ra\u0001\u0005\u0006Q\u0011mY2fgN\u001cu\u000eZ3\u0011\u0005\r3eBA\bE\u0013\t)\u0005#\u0001\u0004Qe\u0016$WMZ\u0005\u0003\u000f\"\u0013aa\u0015;sS:<'BA#\u0011\u0011\u0019Q\u0015\u0007\"a\u0001\u0017\u0006\ta\rE\u0002\u0010\u0019VJ!!\u0014\t\u0003\u0011q\u0012\u0017P\\1nKzBQa\u0014\u0001\u0005\u0002A\u000bQ\u0001\\8hS:$2!\u0015+a!\ty!+\u0003\u0002T!\t!QK\\5u\u0011\u0015)f\n1\u0001W\u0003\u001d\u0011X-];fgR\u0004\"a\u00160\u000e\u0003aS!!\u0017.\u0002\t!$H\u000f\u001d\u0006\u00037r\u000bqa]3sm2,GOC\u0001^\u0003\u0015Q\u0017M^1y\u0013\ty\u0006L\u0001\nIiR\u00048+\u001a:wY\u0016$(+Z9vKN$\b\"B1O\u0001\u0004\u0011\u0017\u0001\u0003:fgB|gn]3\u0011\u0005]\u001b\u0017B\u00013Y\u0005MAE\u000f\u001e9TKJ4H.\u001a;SKN\u0004xN\\:f\u0011\u00151\u0007\u0001\"\u0001h\u0003]\tW\u000f\u001e5pe&T\u0018\r^5p]\u000e{G-Z*uCR,8\u000f\u0006\u0002i]B\u0011\u0011\u000e\\\u0007\u0002U*\u00111\u000eB\u0001\u0006[>$W\r\\\u0005\u0003[*\u0014!#\u00119j%\u0016\u001c\bo\u001c8tK6+7o]1hK\")\u0011)\u001aa\u0001\u0005\")\u0001\u000f\u0001C\u0001c\u0006)Ao\\6f]R\u0019!/\u001e<\u0011\u0005%\u001c\u0018B\u0001;k\u00055!vn[3o%\u0016\u001c\bo\u001c8tK\")Qk\u001ca\u0001-\")\u0011m\u001ca\u0001E\")\u0001\u0010\u0001C\u0001s\u0006I\u0011-\u001e;i_JL'0\u001a\u000b\u0004Qj\\\b\"B+x\u0001\u00041\u0006\"B1x\u0001\u0004\u0011\u0007")
/* loaded from: input_file:com/wordnik/swagger/auth/service/AuthService.class */
public class AuthService implements TokenStore {
    private final Logger com$wordnik$swagger$auth$service$AuthService$$LOGGER;
    private final Validator validator;

    @Override // com.wordnik.swagger.auth.service.TokenStore
    public boolean hasAccessCode(String str) {
        return TokenStore.Cclass.hasAccessCode(this, str);
    }

    @Override // com.wordnik.swagger.auth.service.TokenStore
    public String exchangeRequestIdForCode(String str) {
        return TokenStore.Cclass.exchangeRequestIdForCode(this, str);
    }

    @Override // com.wordnik.swagger.auth.service.TokenStore
    public TokenWrapper getTokenForAccessCode(String str) {
        return TokenStore.Cclass.getTokenForAccessCode(this, str);
    }

    @Override // com.wordnik.swagger.auth.service.TokenStore
    public void addAccessCode(String str, TokenWrapper tokenWrapper) {
        TokenStore.Cclass.addAccessCode(this, str, tokenWrapper);
    }

    @Override // com.wordnik.swagger.auth.service.TokenStore
    public void removeAccessCode(String str) {
        TokenStore.Cclass.removeAccessCode(this, str);
    }

    @Override // com.wordnik.swagger.auth.service.TokenStore
    public boolean hasRequestId(String str) {
        return TokenStore.Cclass.hasRequestId(this, str);
    }

    @Override // com.wordnik.swagger.auth.service.TokenStore
    public Map<String, Option<String>> getRequestId(String str) {
        return TokenStore.Cclass.getRequestId(this, str);
    }

    @Override // com.wordnik.swagger.auth.service.TokenStore
    public void addRequestId(String str, Map<String, Option<String>> map) {
        TokenStore.Cclass.addRequestId(this, str, map);
    }

    @Override // com.wordnik.swagger.auth.service.TokenStore
    public void removeRequestId(String str) {
        TokenStore.Cclass.removeRequestId(this, str);
    }

    @Override // com.wordnik.swagger.auth.service.TokenStore
    public String generateRequestId(String str) {
        return TokenStore.Cclass.generateRequestId(this, str);
    }

    @Override // com.wordnik.swagger.auth.service.TokenStore
    public String generateCode(String str) {
        return TokenStore.Cclass.generateCode(this, str);
    }

    @Override // com.wordnik.swagger.auth.service.TokenStore
    public String generateAccessToken() {
        return TokenStore.Cclass.generateAccessToken(this);
    }

    @Override // com.wordnik.swagger.auth.service.TokenStore
    public boolean allowAnonymousTokens() {
        return TokenStore.Cclass.allowAnonymousTokens(this);
    }

    public Logger com$wordnik$swagger$auth$service$AuthService$$LOGGER() {
        return this.com$wordnik$swagger$auth$service$AuthService$$LOGGER;
    }

    public Validator validator() {
        return this.validator;
    }

    public <T> T validate(String str, Function0<T> function0) {
        com$wordnik$swagger$auth$service$AuthService$$LOGGER().debug(new StringBuilder().append("validating access code ").append(str).toString());
        if (!hasAccessCode(str)) {
            throw new Exception("unauthorized");
        }
        TokenWrapper tokenForAccessCode = getTokenForAccessCode(str);
        if (tokenForAccessCode.getRemaining() <= 0) {
            throw new Exception("unauthorized");
        }
        TokenResponse tokenResponse = tokenForAccessCode.tokenResponse();
        if (tokenResponse instanceof AnonymousTokenResponse) {
            TokenScope.unsetUsername();
            BoxedUnit boxedUnit = BoxedUnit.UNIT;
        } else {
            if (!(tokenResponse instanceof UserTokenResponse)) {
                throw new Exception("unauthorized");
            }
            TokenScope.setUsername(((UserTokenResponse) tokenResponse).username());
            BoxedUnit boxedUnit2 = BoxedUnit.UNIT;
        }
        return (T) function0.apply();
    }

    public void login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        httpServletRequest.getParameter("scope");
        String parameter = httpServletRequest.getParameter("redirect_uri");
        String parameter2 = httpServletRequest.getParameter("username");
        String parameter3 = httpServletRequest.getParameter("password");
        String parameter4 = httpServletRequest.getParameter("client_id");
        String parameter5 = httpServletRequest.getParameter("accept");
        String parameter6 = httpServletRequest.getParameter("request_id");
        httpServletRequest.getParameter("response_type");
        com$wordnik$swagger$auth$service$AuthService$$LOGGER().debug(new StringBuilder().append("logging in user ").append(parameter2).append(", accept=").append(parameter5).toString());
        String lowerCase = parameter5.toLowerCase();
        if (lowerCase != null ? lowerCase.equals("deny") : "deny" == 0) {
            com$wordnik$swagger$auth$service$AuthService$$LOGGER().debug(new StringBuilder().append("user ").append(parameter2).append(" denied the login request").toString());
            httpServletResponse.sendRedirect(new StringBuilder().append(parameter.indexOf("#") >= 0 ? new StringBuilder().append(parameter).append("&").toString() : new StringBuilder().append(parameter).append("#").toString()).append("error=user_cancelled").toString());
            return;
        }
        if (!validator().isValidUser(parameter2, parameter3)) {
            com$wordnik$swagger$auth$service$AuthService$$LOGGER().debug("invalid credentials");
            httpServletResponse.sendRedirect(new StringBuilder().append(parameter.indexOf("#") >= 0 ? new StringBuilder().append(parameter).append("&").toString() : new StringBuilder().append(parameter).append("#").toString()).append("error=invalid_credentials").toString());
            return;
        }
        com$wordnik$swagger$auth$service$AuthService$$LOGGER().debug(new StringBuilder().append("username ").append(parameter2).append(" has valid password").toString());
        if (!validator().isValidRedirectUri(parameter4, parameter)) {
            httpServletResponse.getOutputStream().write("bad redirect_uri".getBytes("utf-8"));
            return;
        }
        com$wordnik$swagger$auth$service$AuthService$$LOGGER().debug(new StringBuilder().append("username ").append(parameter2).append(" has valid redirect URI: ").append(parameter).toString());
        String stringBuilder = parameter.indexOf("?") >= 0 ? new StringBuilder().append(parameter).append("&").toString() : new StringBuilder().append(parameter).append("?").toString();
        if (parameter6 == null || "".equals(parameter6)) {
            com$wordnik$swagger$auth$service$AuthService$$LOGGER().debug("no request id, generating access token");
            String generateAccessToken = generateAccessToken();
            addAccessCode(generateAccessToken, new TokenWrapper(new Date(), new UserTokenResponse(3600L, generateAccessToken, parameter2)));
            httpServletResponse.sendRedirect(new StringBuilder().append(parameter.indexOf("#") >= 0 ? new StringBuilder().append(parameter).append("&").toString() : new StringBuilder().append(parameter).append("#").toString()).append("access_token=").append(generateAccessToken).toString());
            return;
        }
        com$wordnik$swagger$auth$service$AuthService$$LOGGER().debug(new StringBuilder().append("username ").append(parameter2).append(" has request id=").append(parameter6).toString());
        if (!hasRequestId(parameter6)) {
            com$wordnik$swagger$auth$service$AuthService$$LOGGER().debug(new StringBuilder().append("token for requestId ").append(parameter6).append(" NOT found").toString());
            httpServletResponse.sendRedirect(new StringBuilder().append(stringBuilder).append("error=invalid_code").toString());
            return;
        }
        com$wordnik$swagger$auth$service$AuthService$$LOGGER().debug(new StringBuilder().append("token for requestId ").append(parameter6).append(" found").toString());
        Map<String, Option<String>> $plus$plus = getRequestId(parameter6).$plus$plus(Predef$.MODULE$.Map().apply(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.any2ArrowAssoc("username"), new Some(parameter2))})));
        addRequestId(parameter6, $plus$plus);
        String str = (String) ((Option) $plus$plus.apply("redirect_uri")).get();
        String stringBuilder2 = str.indexOf("?") >= 0 ? new StringBuilder().append(str).append("&").toString() : new StringBuilder().append(str).append("?").toString();
        String exchangeRequestIdForCode = exchangeRequestIdForCode(parameter6);
        addAccessCode(exchangeRequestIdForCode, new TokenWrapper(new Date(), new UserTokenResponse(3600L, exchangeRequestIdForCode, parameter2)));
        com$wordnik$swagger$auth$service$AuthService$$LOGGER().debug(new StringBuilder().append("redirecting to ").append(stringBuilder2).append("code=").append(exchangeRequestIdForCode).toString());
        httpServletResponse.sendRedirect(new StringBuilder().append(stringBuilder2).append("code=").append(exchangeRequestIdForCode).toString());
    }

    public ApiResponseMessage authorizationCodeStatus(String str) {
        com$wordnik$swagger$auth$service$AuthService$$LOGGER().debug(new StringBuilder().append("checking code status for ").append(str).toString());
        if (!hasAccessCode(str)) {
            return new ApiResponseMessage(400, "invalid token");
        }
        TokenWrapper tokenForAccessCode = getTokenForAccessCode(str);
        return tokenForAccessCode.getRemaining() > 0 ? new ApiResponseMessage(200, new StringOps(Predef$.MODULE$.augmentString("%d seconds remaining")).format(Predef$.MODULE$.genericWrapArray(new Object[]{BoxesRunTime.boxToLong(tokenForAccessCode.getRemaining())}))) : new ApiResponseMessage(400, "invalid token");
    }

    /* JADX WARN: Code restructure failed: missing block: B:27:0x0089, code lost:
    
        if ("authorization_code".equals(r0) != false) goto L11;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.wordnik.swagger.auth.model.TokenResponse token(javax.servlet.http.HttpServletRequest r8, javax.servlet.http.HttpServletResponse r9) {
        /*
            Method dump skipped, instructions count: 441
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.wordnik.swagger.auth.service.AuthService.token(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse):com.wordnik.swagger.auth.model.TokenResponse");
    }

    public ApiResponseMessage authorize(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        ApiResponseMessage apiResponseMessage;
        try {
            OAuthAuthzRequest oAuthAuthzRequest = new OAuthAuthzRequest(httpServletRequest);
            String param = oAuthAuthzRequest.getParam("response_type");
            OAuthASResponse.OAuthAuthorizationResponseBuilder authorizationResponse = OAuthASResponse.authorizationResponse(httpServletRequest, 302);
            if (param.equals(ResponseType.CODE.toString())) {
                Map<String, Option<String>> map = (Map) Predef$.MODULE$.Map().apply(Predef$.MODULE$.wrapRefArray(new Tuple2[]{Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.any2ArrowAssoc("state"), Option$.MODULE$.apply(oAuthAuthzRequest.getParam("state"))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.any2ArrowAssoc("redirect_uri"), Option$.MODULE$.apply(oAuthAuthzRequest.getParam("redirect_uri"))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.any2ArrowAssoc("client_id"), Option$.MODULE$.apply(oAuthAuthzRequest.getParam("client_id"))), Predef$ArrowAssoc$.MODULE$.$minus$greater$extension(Predef$.MODULE$.any2ArrowAssoc("scope"), Option$.MODULE$.apply(oAuthAuthzRequest.getParam("scope")))}));
                String generateRequestId = generateRequestId(oAuthAuthzRequest.getParam("client_id"));
                addRequestId(generateRequestId, map);
                apiResponseMessage = ((AuthDialog) SwaggerContext$.MODULE$.loadClass((String) Option$.MODULE$.apply(httpServletRequest.getSession().getServletContext().getInitParameter("DialogImplementation")).getOrElse(new AuthService$$anonfun$1(this))).newInstance()).show(oAuthAuthzRequest.getParam("client_id"), oAuthAuthzRequest.getParam("redirect_uri"), oAuthAuthzRequest.getParam("scope"), ResponseType.CODE.toString(), Option$.MODULE$.apply(generateRequestId));
            } else {
                apiResponseMessage = new ApiResponseMessage(200, new URI(authorizationResponse.location(oAuthAuthzRequest.getParam("redirect_uri")).buildQueryMessage().getLocationUri()).toString());
            }
            return apiResponseMessage;
        } catch (OAuthProblemException e) {
            e.printStackTrace();
            Response.status(302);
            return OAuthUtils.isEmpty(e.getRedirectUri()) ? new ApiResponseMessage(400, "OAuth callback url needs to be provided by client") : new ApiResponseMessage(400, e.getMessage());
        }
    }

    public AuthService() {
        TokenStore.Cclass.$init$(this);
        this.com$wordnik$swagger$auth$service$AuthService$$LOGGER = LoggerFactory.getLogger(AuthService.class);
        this.validator = ValidatorFactory$.MODULE$.validator();
    }
}
