package de.adorsys.oauth2.pkce.endpoint;

import de.adorsys.oauth2.pkce.PkceProperties;
import de.adorsys.oauth2.pkce.service.CookieService;
import de.adorsys.oauth2.pkce.service.PkceTokenRequestService;
import de.adorsys.oauth2.pkce.service.UserAgentStateService;
import de.adorsys.oauth2.pkce.util.TokenConstants;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.ResponseHeader;
import java.io.IOException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@Api("OAUTH2 PKCE Token")
@RequestMapping(path = {"${pkce.token-endpoint:/oauth2/token}"})
@RestController("OAUTH2 PKCE Token Controller")
/* loaded from: input_file:de/adorsys/oauth2/pkce/endpoint/PkceTokenRestController.class */
public class PkceTokenRestController {
    private final PkceProperties pkceProperties;
    private final CookieService cookieService;
    private final PkceTokenRequestService pkceTokenRequestService;
    private final UserAgentStateService userAgentStateService;

    public PkceTokenRestController(PkceProperties pkceProperties, CookieService cookieService, PkceTokenRequestService pkceTokenRequestService, UserAgentStateService userAgentStateService) {
        this.pkceProperties = pkceProperties;
        this.cookieService = cookieService;
        this.pkceTokenRequestService = pkceTokenRequestService;
        this.userAgentStateService = userAgentStateService;
    }

    @ApiResponses({@ApiResponse(code = 302, message = "Redirect back to user agent", responseHeaders = {@ResponseHeader(name = "Location", response = String.class, description = "Url to origin/referer/redirectUri"), @ResponseHeader(name = "Set-Cookie", response = String.class, description = "access_token=<access-token-value>; Path=/; Secure; HttpOnly; Max-Age=<token's max-age value>"), @ResponseHeader(name = "��Set-Cookie", response = String.class, description = "refresh_token=<refresh-token-value>; Path=/; Secure; HttpOnly; Max-Age=<token's max-age value>"), @ResponseHeader(name = "����Set-Cookie", response = String.class, description = "code_verifier=null; Path=/; Secure; HttpOnly; Max-Age=0"), @ResponseHeader(name = "������Set-Cookie", response = String.class, description = "user_agent_state=null; Path=/; Secure; HttpOnly; Max-Age=0")})})
    @GetMapping(params = {TokenConstants.CODE_REQUEST_PARAMETER_NAME})
    @ApiOperation(value = "Get token for code without provided redirect-uri", code = 302)
    public void getTokenFromCode(@RequestParam("code") String str, @CookieValue(name = "code_verifier") String str2, @CookieValue(name = "user_agent_state") String str3, HttpServletResponse httpServletResponse) throws IOException {
        UserAgentStateService.UserAgentState readUserAgentState = this.userAgentStateService.readUserAgentState(str3);
        httpServletResponse.addCookie(this.userAgentStateService.deleteUserAgentStateCookie());
        getTokenForCode(str, readUserAgentState.getRedirectUri(), readUserAgentState.getUserAgentPage(), str2, httpServletResponse);
    }

    @ApiResponses({@ApiResponse(code = 302, message = "Redirect to IDP login page", responseHeaders = {@ResponseHeader(name = "Location", response = String.class, description = "Url to user agent"), @ResponseHeader(name = "Set-Cookie", response = String.class, description = "access_token=<access-token-value>; Path=/; Secure; HttpOnly; Max-Age=<token's max-age value>"), @ResponseHeader(name = "��Set-Cookie", response = String.class, description = "refresh_token=<refresh-token-value>; Path=/; Secure; HttpOnly; Max-Age=<token's max-age value>"), @ResponseHeader(name = "����Set-Cookie", response = String.class, description = "code_verifier=null; Path=/; Secure; HttpOnly; Max-Age=0"), @ResponseHeader(name = "������Set-Cookie", response = String.class, description = "user_agent_state=null; Path=/; Secure; HttpOnly; Max-Age=0")})})
    @GetMapping(params = {TokenConstants.CODE_REQUEST_PARAMETER_NAME, TokenConstants.REDIRECT_URI_PARAM_NAME})
    @ApiOperation(value = "Get token for code with provided redirect-uri", code = 302)
    public void getTokenFromCodeWithRedirect(@RequestParam("code") String str, @RequestParam(name = "redirect_uri") String str2, @CookieValue(name = "code_verifier") String str3, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.addCookie(this.userAgentStateService.deleteUserAgentStateCookie());
        getTokenForCode(str, str2, str2, str3, httpServletResponse);
    }

    private void getTokenForCode(String str, String str2, String str3, String str4, HttpServletResponse httpServletResponse) throws IOException {
        PkceTokenRequestService.TokenResponse requestToken = this.pkceTokenRequestService.requestToken(str, str4, str2);
        httpServletResponse.addCookie(createTokenCookie(TokenConstants.ACCESS_TOKEN_COOKIE_NAME, requestToken.getAccess_token(), requestToken.getExpires_in()));
        httpServletResponse.addCookie(createTokenCookie(TokenConstants.REFRESH_TOKEN_COOKIE_NAME, requestToken.getRefresh_token(), requestToken.anyRefreshTokenExpireIn()));
        httpServletResponse.addCookie(deleteCodeVerifierCookie());
        httpServletResponse.addCookie(deleteCodeVerifierCookieForDeprecatedEndpoint());
        httpServletResponse.sendRedirect(str3);
    }

    private Cookie createTokenCookie(String str, String str2, Long l) {
        return this.cookieService.creationCookie(str, str2, "/", l.intValue());
    }

    private Cookie deleteCodeVerifierCookie() {
        return this.cookieService.deletionCookie(TokenConstants.CODE_VERIFIER_COOKIE_NAME, this.pkceProperties.getTokenEndpoint());
    }

    private Cookie deleteCodeVerifierCookieForDeprecatedEndpoint() {
        return this.cookieService.deletionCookie(TokenConstants.CODE_VERIFIER_COOKIE_NAME, this.pkceProperties.getAuthEndpoint());
    }
}
