package com.appiancorp.security.auth.oidc.test;

import com.appiancorp.common.config.ApplicationContextHolder;
import com.appiancorp.security.auth.oidc.AppianOidcClientRegistrationRepository;
import com.appiancorp.security.auth.oidc.OidcAuthCodeManager;
import com.appiancorp.security.auth.oidc.OidcUserDataMissingException;
import com.appiancorp.security.auth.oidc.test.exceptions.OidcIncorrectTestUserException;
import com.appiancorp.suiteapi.common.exceptions.InvalidUserException;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;
import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;

/* loaded from: input_file:com/appiancorp/security/auth/oidc/test/OidcTestServlet.class */
public class OidcTestServlet extends HttpServlet {
    public static final Logger LOG = LoggerFactory.getLogger(OidcTestServlet.class);
    private static final String ERROR_MESSAGE_ATTRIBUTE = "errorMessage";
    private static final String FAILED_DUE_TO_UNEXPECTED_EXCEPTION_MESSAGE = "FailedUnexpected";
    private static final String FAILED_DUE_INCORRECT_TEST_USER_USED = "FailedIncorrectUser";
    private static final String FAILED_DUE_INVALID_USER = "FailedInvalidUser";
    private static final String FAILED_TO_FIND_ATTRIBUTES_MESSAGE = "FailedAttribute";
    private static final String OIDC_AUTH_TEST_ERROR_MESSAGE = "Error occurred during OIDC authentication test: ";
    private static final String OIDC_TESTCOMPLETED_JSP = "/oidc/testcompleted.jsp";
    private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource = new WebAuthenticationDetailsSource();
    private AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository;
    private ClientRegistrationRepository clientRegistrationRepository;
    private RedirectStrategy redirectStrategy;
    private OidcTestStateManager oidcTestStateManager;
    private OidcRelativeInternalUriStringBuilder relativeInternalUriStringBuilder;
    private OidcTestValidator oidcTestValidator;
    private OidcAuthCodeManager oidcAuthCodeManager;

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        handleRequest(httpServletRequest, httpServletResponse);
    }

    public void init() throws ServletException {
        super.init();
        this.authorizationRequestRepository = (AuthorizationRequestRepository) ApplicationContextHolder.getBean(AuthorizationRequestRepository.class);
        this.redirectStrategy = (RedirectStrategy) ApplicationContextHolder.getBean(RedirectStrategy.class);
        this.oidcTestStateManager = (OidcTestStateManager) ApplicationContextHolder.getBean(OidcTestStateManagerImpl.class);
        this.clientRegistrationRepository = (ClientRegistrationRepository) ApplicationContextHolder.getBean(AppianOidcClientRegistrationRepository.class);
        this.relativeInternalUriStringBuilder = (OidcRelativeInternalUriStringBuilder) ApplicationContextHolder.getBean(OidcRelativeInternalUriStringBuilder.class);
        this.oidcTestValidator = (OidcTestValidator) ApplicationContextHolder.getBean(OidcTestValidator.class);
        this.oidcAuthCodeManager = (OidcAuthCodeManager) ApplicationContextHolder.getBean(OidcAuthCodeManager.class);
    }

    private void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            if (isAuthorizationResponse(httpServletRequest)) {
                handleAuthorizationCodeResponse(httpServletRequest, httpServletResponse);
            } else {
                handleAuthorizationCodeRequest(httpServletRequest, httpServletResponse);
            }
        } finally {
            this.oidcTestStateManager.stopUsingTestData();
        }
    }

    private boolean isAuthorizationResponse(HttpServletRequest httpServletRequest) {
        return this.oidcAuthCodeManager.isAuthorizationResponse(this.oidcAuthCodeManager.toMultiMap(httpServletRequest.getParameterMap()));
    }

    private void handleAuthorizationCodeRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            this.oidcTestStateManager.startUsingTestData();
            OAuth2AuthorizationRequest resolve = new DefaultOAuth2AuthorizationRequestResolver(this.clientRegistrationRepository, "/oauth2/authorization").resolve(httpServletRequest, this.oidcTestStateManager.getOidcTestData(httpServletRequest).getRegistrationId());
            this.authorizationRequestRepository.saveAuthorizationRequest(resolve, httpServletRequest, httpServletResponse);
            this.redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, resolve.getAuthorizationRequestUri());
        } catch (Exception e) {
            LOG.error("Error when trying to redirect to OIDC provider.", e);
            httpServletResponse.sendError(500);
        }
    }

    private void handleAuthorizationCodeResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (this.oidcTestStateManager.isTestModeUnavailable()) {
            LOG.info("Redirecting to non-test base URL.");
            this.redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, "{baseUrl}");
        } else {
            this.oidcTestStateManager.startUsingTestData();
            processTestResponse(httpServletRequest, httpServletResponse);
            redirectToTestCompletedPage(httpServletRequest, httpServletResponse);
        }
    }

    private void processTestResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        boolean z = false;
        try {
            try {
                try {
                    this.oidcTestValidator.validate(this.oidcAuthCodeManager.process(httpServletRequest, httpServletResponse, () -> {
                        return this.authenticationDetailsSource;
                    }));
                    z = true;
                    this.oidcTestStateManager.markTestCompletedWithSuccess(true);
                } catch (InvalidUserException e) {
                    setErrorPageMessage(httpServletRequest, e, FAILED_DUE_INVALID_USER);
                    this.oidcTestStateManager.markTestCompletedWithSuccess(z);
                } catch (OidcUserDataMissingException e2) {
                    setErrorPageMessage(httpServletRequest, e2, FAILED_TO_FIND_ATTRIBUTES_MESSAGE);
                    this.oidcTestStateManager.markTestCompletedWithSuccess(z);
                }
            } catch (Exception e3) {
                LOG.error("Unexpected exception during OIDC authentication test: ", e3);
                httpServletRequest.setAttribute(ERROR_MESSAGE_ATTRIBUTE, FAILED_DUE_TO_UNEXPECTED_EXCEPTION_MESSAGE);
                this.oidcTestStateManager.markTestCompletedWithSuccess(z);
            } catch (OidcIncorrectTestUserException e4) {
                setErrorPageMessage(httpServletRequest, e4, FAILED_DUE_INCORRECT_TEST_USER_USED);
                this.oidcTestStateManager.markTestCompletedWithSuccess(z);
            }
        } catch (Throwable th) {
            this.oidcTestStateManager.markTestCompletedWithSuccess(z);
            throw th;
        }
    }

    private void setErrorPageMessage(HttpServletRequest httpServletRequest, Exception exc, String str) {
        LOG.error(OIDC_AUTH_TEST_ERROR_MESSAGE + exc.getMessage(), exc);
        httpServletRequest.setAttribute(ERROR_MESSAGE_ATTRIBUTE, str);
    }

    private void redirectToTestCompletedPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            httpServletRequest.getRequestDispatcher(this.relativeInternalUriStringBuilder.toString(httpServletRequest, httpServletResponse, OIDC_TESTCOMPLETED_JSP)).forward(httpServletRequest, httpServletResponse);
        } catch (ServletException e) {
            httpServletResponse.sendError(500);
        }
    }
}
