package de.adorsys.oauth2.pkce.endpoint;

import de.adorsys.oauth2.pkce.PkceProperties;
import de.adorsys.oauth2.pkce.model.CodeVerifier;
import de.adorsys.oauth2.pkce.service.CookieService;
import de.adorsys.oauth2.pkce.service.LoginRedirectService;
import de.adorsys.oauth2.pkce.service.UserAgentStateService;
import de.adorsys.oauth2.pkce.util.TokenConstants;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.ResponseHeader;
import java.io.IOException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
import org.springframework.web.util.UriComponentsBuilder;

@Api("OAUTH2 PKCE Login")
@RequestMapping(path = {"${pkce.auth-endpoint:/oauth2/login}"})
@RestController("OAUTH2 PKCE Login Controller")
/* loaded from: input_file:de/adorsys/oauth2/pkce/endpoint/PkceLoginRestController.class */
public class PkceLoginRestController {
    private static final Logger LOG = LoggerFactory.getLogger(PkceLoginRestController.class);
    private final LoginRedirectService loginRedirectService;
    private final PkceProperties pkceProperties;
    private final CookieService cookieService;
    private final UserAgentStateService userAgentStateService;
    private final PkceTokenRestController pkceTokenRestController;

    @Autowired
    public PkceLoginRestController(LoginRedirectService loginRedirectService, PkceProperties pkceProperties, CookieService cookieService, UserAgentStateService userAgentStateService, PkceTokenRestController pkceTokenRestController) {
        this.loginRedirectService = loginRedirectService;
        this.pkceProperties = pkceProperties;
        this.cookieService = cookieService;
        this.userAgentStateService = userAgentStateService;
        this.pkceTokenRestController = pkceTokenRestController;
    }

    @ApiResponses({@ApiResponse(code = 302, message = "Redirect to IDP login page", responseHeaders = {@ResponseHeader(name = "Location", response = String.class, description = "Url to login page"), @ResponseHeader(name = "Set-Cookie", response = String.class, description = "code_verifier=<code-verifier value>; Path=/; Secure; HttpOnly; Max-Age=<token's max-age value>")})})
    @GetMapping(params = {TokenConstants.REDIRECT_URI_PARAM_NAME})
    @ApiOperation(value = "Login with provided redirect-uri", code = 302)
    public void redirectToLoginPageWithRedirectUrl(@RequestParam("redirect_uri") String str, HttpServletResponse httpServletResponse) throws IOException {
        redirectToOriginLocation(str, httpServletResponse);
    }

    @ApiResponses({@ApiResponse(code = 302, message = "Redirect to IDP login page", responseHeaders = {@ResponseHeader(name = "location", response = String.class, description = "Url to login page"), @ResponseHeader(name = "Set-Cookie", response = String.class, description = "user_agent_state=<user-agent-state value>; Path=/; Secure; HttpOnly; Max-Age=<token's max-age value>"), @ResponseHeader(name = "Set-Cookie", response = String.class, description = "code_verifier=<code-verifier value>; Path=/; Secure; HttpOnly; Max-Age=<token's max-age value>")})})
    @GetMapping
    @ApiOperation(value = "Login without provided redirect-uri", code = 302)
    public void redirectToLoginPageWithReferer(HttpServletRequest httpServletRequest, @RequestHeader("Referer") String str, HttpServletResponse httpServletResponse) throws IOException {
        redirectToLogin(str, ServletUriComponentsBuilder.fromRequestUri(httpServletRequest).replacePath(this.pkceProperties.getTokenEndpoint()).build().toUriString(), httpServletResponse);
    }

    @ApiResponses({@ApiResponse(code = 302, message = "Redirect to IDP login page", responseHeaders = {@ResponseHeader(name = "location", response = String.class, description = "Url to login page"), @ResponseHeader(name = "Set-Cookie", response = String.class, description = "user_agent_state=<user-agent-state value>; Path=/; Secure; HttpOnly; Max-Age=<token's max-age value>"), @ResponseHeader(name = "Set-Cookie", response = String.class, description = "code_verifier=<code-verifier value>; Path=/; Secure; HttpOnly; Max-Age=<token's max-age value>")})})
    @GetMapping(params = {TokenConstants.TARGET_PATH_PARAM_NAME})
    @ApiOperation(value = "Login with provided target-path", code = 302)
    public void redirectToLoginPageWithTarget(HttpServletRequest httpServletRequest, @RequestParam("target_path") String str, @RequestHeader("Referer") String str2, HttpServletResponse httpServletResponse) throws IOException {
        redirectToLogin(buildRefererUri(str, str2), ServletUriComponentsBuilder.fromRequestUri(httpServletRequest).replacePath(this.pkceProperties.getTokenEndpoint()).build().toUriString(), httpServletResponse);
    }

    private String buildRefererUri(String str, String str2) {
        return UriComponentsBuilder.fromUriString(str2).replacePath(str).build().toString();
    }

    private void redirectToLogin(String str, String str2, HttpServletResponse httpServletResponse) throws IOException {
        LoginRedirectService.LoginRedirect redirect = this.loginRedirectService.getRedirect(str2);
        httpServletResponse.addCookie(createCodeVerifierCookie(redirect.getCodeVerifier()));
        httpServletResponse.addCookie(this.userAgentStateService.createRedirectCookie(str, str2));
        httpServletResponse.sendRedirect(redirect.getRedirectUrl());
    }

    private void redirectToOriginLocation(String str, HttpServletResponse httpServletResponse) throws IOException {
        LoginRedirectService.LoginRedirect redirect = this.loginRedirectService.getRedirect(str);
        httpServletResponse.addCookie(createCodeVerifierCookie(redirect.getCodeVerifier()));
        httpServletResponse.addCookie(createCodeVerifierCookieForDeprecatedEndpoint(redirect.getCodeVerifier()));
        httpServletResponse.sendRedirect(redirect.getRedirectUrl());
    }

    private Cookie createCodeVerifierCookie(CodeVerifier codeVerifier) {
        return this.cookieService.creationCookieWithDefaultDuration(TokenConstants.CODE_VERIFIER_COOKIE_NAME, codeVerifier.getValue(), this.pkceProperties.getTokenEndpoint());
    }

    private Cookie createCodeVerifierCookieForDeprecatedEndpoint(CodeVerifier codeVerifier) {
        return this.cookieService.creationCookieWithDefaultDuration(TokenConstants.CODE_VERIFIER_COOKIE_NAME, codeVerifier.getValue(), this.pkceProperties.getAuthEndpoint());
    }

    @GetMapping(params = {TokenConstants.CODE_REQUEST_PARAMETER_NAME})
    @Deprecated
    public void getTokenFromCode(@RequestParam("code") String str, @CookieValue(name = "code_verifier") String str2, @CookieValue(name = "user_agent_state") String str3, HttpServletResponse httpServletResponse) throws IOException {
        this.pkceTokenRestController.getTokenFromCode(str, str2, str3, httpServletResponse);
    }

    @GetMapping(params = {TokenConstants.CODE_REQUEST_PARAMETER_NAME, TokenConstants.REDIRECT_URI_PARAM_NAME})
    @Deprecated
    public void getTokenFromCodeWithRedirect(@RequestParam("code") String str, @RequestParam(name = "redirect_uri") String str2, @CookieValue(name = "code_verifier") String str3, HttpServletResponse httpServletResponse) throws IOException {
        this.pkceTokenRestController.getTokenFromCodeWithRedirect(str, str2, str3, httpServletResponse);
    }
}
