package de.adorsys.ledgers.oba.rest.server.resource;

import de.adorsys.ledgers.middleware.api.domain.um.AccessTokenTO;
import de.adorsys.ledgers.oba.rest.server.config.cors.CookieConfigProperties;
import de.adorsys.ledgers.oba.service.api.domain.ConsentReference;
import de.adorsys.ledgers.oba.service.api.domain.OnlineBankingResponse;
import de.adorsys.ledgers.oba.service.api.domain.PsuMessage;
import de.adorsys.ledgers.oba.service.api.domain.PsuMessageCategory;
import java.net.HttpCookie;
import java.util.Date;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.web.util.UrlUtils;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:de/adorsys/ledgers/oba/rest/server/resource/ResponseUtils.class */
public class ResponseUtils {
    private static final String LOCATION_HEADER_NAME = "Location";
    public static final String CONSENT_COOKIE_NAME = "CONSENT";
    public static final String ACCESS_TOKEN_COOKIE_NAME = "ACCESS_TOKEN";
    public static final String UNKNOWN_CREDENTIALS = "Unknown credentials";
    private final CookieConfigProperties cookieConfigProperties;

    public void setCookies(HttpServletResponse httpServletResponse, ConsentReference consentReference, String str, AccessTokenTO accessTokenTO) {
        int maxAge = this.cookieConfigProperties.getMaxAge();
        if (!StringUtils.isNoneBlank(new CharSequence[]{str}) || accessTokenTO == null) {
            removeCookie(httpServletResponse, ACCESS_TOKEN_COOKIE_NAME);
        } else {
            maxAge = Long.valueOf(TimeUnit.SECONDS.convert(Math.abs(new Date().getTime() - accessTokenTO.getExp().getTime()), TimeUnit.MILLISECONDS)).intValue();
            Cookie cookie = new Cookie(ACCESS_TOKEN_COOKIE_NAME, str);
            cookie.setHttpOnly(this.cookieConfigProperties.isHttpOnly());
            cookie.setSecure(this.cookieConfigProperties.isSecure());
            cookie.setMaxAge(maxAge);
            cookie.setPath(this.cookieConfigProperties.getPath());
            httpServletResponse.addCookie(cookie);
        }
        if (consentReference == null || !StringUtils.isNoneBlank(new CharSequence[]{consentReference.getCookieString()})) {
            return;
        }
        Cookie cookie2 = new Cookie(CONSENT_COOKIE_NAME, consentReference.getCookieString());
        cookie2.setHttpOnly(true);
        cookie2.setSecure(this.cookieConfigProperties.isSecure());
        cookie2.setMaxAge(maxAge);
        cookie2.setPath(this.cookieConfigProperties.getPath());
        httpServletResponse.addCookie(cookie2);
    }

    public void removeCookies(HttpServletResponse httpServletResponse) {
        removeCookie(httpServletResponse, ACCESS_TOKEN_COOKIE_NAME);
        removeCookie(httpServletResponse, CONSENT_COOKIE_NAME);
    }

    private void removeCookie(HttpServletResponse httpServletResponse, String str) {
        Cookie cookie = new Cookie(str, "");
        cookie.setHttpOnly(this.cookieConfigProperties.isHttpOnly());
        cookie.setSecure(this.cookieConfigProperties.isSecure());
        cookie.setPath(this.cookieConfigProperties.getPath());
        cookie.setMaxAge(0);
        httpServletResponse.addCookie(cookie);
    }

    public <T extends OnlineBankingResponse> ResponseEntity<T> unknownCredentials(T t, HttpServletResponse httpServletResponse) {
        return error(t, HttpStatus.FORBIDDEN, UNKNOWN_CREDENTIALS, httpServletResponse);
    }

    public <T extends OnlineBankingResponse> ResponseEntity<T> couldNotProcessRequest(T t, String str, HttpStatus httpStatus, HttpServletResponse httpServletResponse) {
        return error(t, httpStatus, str, httpServletResponse);
    }

    public <T extends OnlineBankingResponse> ResponseEntity<T> redirect(String str, HttpServletResponse httpServletResponse) {
        HttpHeaders httpHeaders = new HttpHeaders();
        if (!UrlUtils.isAbsoluteUrl(str)) {
            str = "http://" + str;
        }
        httpHeaders.add(LOCATION_HEADER_NAME, str);
        removeCookies(httpServletResponse);
        return new ResponseEntity<>(httpHeaders, HttpStatus.FOUND);
    }

    public <T extends OnlineBankingResponse> ResponseEntity<T> error(T t, HttpStatus httpStatus, String str, HttpServletResponse httpServletResponse) {
        PsuMessage psuMessage = new PsuMessage();
        psuMessage.setCategory(PsuMessageCategory.ERROR);
        psuMessage.setText(str);
        psuMessage.setCode(httpStatus.toString());
        t.getPsuMessages().add(psuMessage);
        removeCookies(httpServletResponse);
        return ResponseEntity.status(httpStatus).body(t);
    }

    public String consentCookie(String str) {
        return cookie(str, CONSENT_COOKIE_NAME);
    }

    private String cookie(String str, String str2) {
        String str3 = str;
        if (str3 == null) {
            return null;
        }
        String str4 = str2 + "=";
        if (!StringUtils.startsWithIgnoreCase(str3, str4)) {
            str3 = str3.substring(StringUtils.indexOfIgnoreCase(str3, str4));
        }
        for (HttpCookie httpCookie : HttpCookie.parse(str3)) {
            if (StringUtils.equalsIgnoreCase(httpCookie.getName(), str2)) {
                return httpCookie.getValue();
            }
        }
        return null;
    }

    public ResponseUtils(CookieConfigProperties cookieConfigProperties) {
        this.cookieConfigProperties = cookieConfigProperties;
    }
}
