package it.nerdammer.oauthentication.web;

import it.nerdammer.oauthentication.OauthProvider;
import it.nerdammer.oauthentication.User;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.util.Arrays;
import java.util.Date;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.codec.binary.Base64;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.type.TypeReference;

/* loaded from: input_file:it/nerdammer/oauthentication/web/FacebookLoginCanvasServlet.class */
public class FacebookLoginCanvasServlet extends HttpServlet {
    private static final long serialVersionUID = 1;

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        Logger anonymousLogger = Logger.getAnonymousLogger();
        if (anonymousLogger.isLoggable(Level.FINER)) {
            anonymousLogger.finer("Facebook-Oauth-Canvas. Received canvas request. Printing parameters");
            for (String str : httpServletRequest.getParameterMap().keySet()) {
                anonymousLogger.finer(str + ": " + httpServletRequest.getParameter(str));
            }
        }
        String parameter = httpServletRequest.getParameter("signed_request");
        Logger.getAnonymousLogger().finer("Signed Request: " + parameter);
        String[] split = parameter.split("\\.");
        String str2 = split[0];
        String str3 = split[1];
        byte[] decodeBase64 = Base64.decodeBase64(str2);
        byte[] decodeBase642 = Base64.decodeBase64(str3);
        OauthConfig config = CommonUtils.getConfig();
        String facebookAppSecret = config.getFacebookAppSecret();
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(facebookAppSecret.getBytes("UTF-8"), "HmacSHA256"));
            if (!Arrays.equals(mac.doFinal(str3.getBytes("UTF-8")), decodeBase64)) {
                httpServletResponse.sendError(403, "Signature does not match");
                return;
            }
            Map map = (Map) new ObjectMapper().readValue(decodeBase642, new TypeReference<Map<String, Object>>() { // from class: it.nerdammer.oauthentication.web.FacebookLoginCanvasServlet.1
            });
            String str4 = (String) map.get("oauth_token");
            if (str4 == null) {
                anonymousLogger.info("Access token not found, redirect to login");
                httpServletResponse.sendRedirect(CommonUtils.buildCompleteUrl(httpServletRequest, "/oauthentication/top_redirector?url=" + URLEncoder.encode(CommonUtils.getRequestedUrlFromSession(httpServletRequest.getSession(true)), "UTF-8")));
                return;
            }
            Number number = (Number) map.get("expires");
            Long l = null;
            if (number != null) {
                l = Long.valueOf(System.currentTimeMillis() + Long.valueOf(number.longValue()).longValue());
                Logger.getAnonymousLogger().info("Token expiration " + new Date(l.longValue()));
            }
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL("https://graph.facebook.com/me?access_token=" + URLEncoder.encode(str4, "UTF-8")).openConnection();
            Map map2 = (Map) new ObjectMapper().readValue(httpURLConnection.getInputStream(), new TypeReference<Map<String, Object>>() { // from class: it.nerdammer.oauthentication.web.FacebookLoginCanvasServlet.2
            });
            httpURLConnection.disconnect();
            Logger.getAnonymousLogger().finer("Facebook profile: " + map2);
            User mapFacebookUser = CommonUtils.mapFacebookUser(map2, str4, l);
            HttpSession session = httpServletRequest.getSession(true);
            CommonUtils.putUserInSession(session, mapFacebookUser);
            CommonUtils.putProviderAsCookie(httpServletRequest, httpServletResponse, OauthProvider.FACEBOOK);
            httpServletResponse.sendRedirect(CommonUtils.getRequestedUrlFromSession(session));
        } catch (Exception e) {
            Logger.getAnonymousLogger().warning("Error while verifying the signature");
            Logger.getAnonymousLogger().throwing(getClass().getCanonicalName(), "doGet", e);
            httpServletResponse.sendRedirect(CommonUtils.buildCompleteUrl(httpServletRequest, config.getLoginErrorPage()));
        }
    }
}
