package org.springframework.security.oauth2.client.web;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.class */
public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    public static final String DEFAULT_FILTER_PROCESSES_URI = "/login/oauth2/code/*";
    private static final String AUTHORIZATION_REQUEST_NOT_FOUND_ERROR_CODE = "authorization_request_not_found";
    private static final String CLIENT_REGISTRATION_NOT_FOUND_ERROR_CODE = "client_registration_not_found";
    private ClientRegistrationRepository clientRegistrationRepository;
    private OAuth2AuthorizedClientService authorizedClientService;
    private AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository;

    public OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientService oAuth2AuthorizedClientService) {
        this(clientRegistrationRepository, oAuth2AuthorizedClientService, DEFAULT_FILTER_PROCESSES_URI);
    }

    public OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientService oAuth2AuthorizedClientService, String str) {
        super(str);
        this.authorizationRequestRepository = new HttpSessionOAuth2AuthorizationRequestRepository();
        Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null");
        Assert.notNull(oAuth2AuthorizedClientService, "authorizedClientService cannot be null");
        this.clientRegistrationRepository = clientRegistrationRepository;
        this.authorizedClientService = oAuth2AuthorizedClientService;
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException, ServletException {
        if (!authorizationResponseSuccess(httpServletRequest) && !authorizationResponseError(httpServletRequest)) {
            OAuth2Error oAuth2Error = new OAuth2Error("invalid_request");
            throw new OAuth2AuthenticationException(oAuth2Error, oAuth2Error.toString());
        }
        OAuth2AuthorizationRequest loadAuthorizationRequest = this.authorizationRequestRepository.loadAuthorizationRequest(httpServletRequest);
        if (loadAuthorizationRequest == null) {
            OAuth2Error oAuth2Error2 = new OAuth2Error(AUTHORIZATION_REQUEST_NOT_FOUND_ERROR_CODE);
            throw new OAuth2AuthenticationException(oAuth2Error2, oAuth2Error2.toString());
        }
        this.authorizationRequestRepository.removeAuthorizationRequest(httpServletRequest);
        String str = (String) loadAuthorizationRequest.getAdditionalParameters().get("registration_id");
        ClientRegistration findByRegistrationId = this.clientRegistrationRepository.findByRegistrationId(str);
        if (findByRegistrationId == null) {
            OAuth2Error oAuth2Error3 = new OAuth2Error(CLIENT_REGISTRATION_NOT_FOUND_ERROR_CODE, "Client Registration not found with Id: " + str, (String) null);
            throw new OAuth2AuthenticationException(oAuth2Error3, oAuth2Error3.toString());
        }
        OAuth2LoginAuthenticationToken oAuth2LoginAuthenticationToken = new OAuth2LoginAuthenticationToken(findByRegistrationId, new OAuth2AuthorizationExchange(loadAuthorizationRequest, convert(httpServletRequest)));
        oAuth2LoginAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
        OAuth2LoginAuthenticationToken authenticate = getAuthenticationManager().authenticate(oAuth2LoginAuthenticationToken);
        Authentication oAuth2AuthenticationToken = new OAuth2AuthenticationToken(authenticate.m1getPrincipal(), authenticate.getAuthorities(), authenticate.getClientRegistration().getRegistrationId());
        this.authorizedClientService.saveAuthorizedClient(new OAuth2AuthorizedClient(authenticate.getClientRegistration(), oAuth2AuthenticationToken.getName(), authenticate.getAccessToken()), oAuth2AuthenticationToken);
        return oAuth2AuthenticationToken;
    }

    public final void setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) {
        Assert.notNull(authorizationRequestRepository, "authorizationRequestRepository cannot be null");
        this.authorizationRequestRepository = authorizationRequestRepository;
    }

    private OAuth2AuthorizationResponse convert(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("code");
        String parameter2 = httpServletRequest.getParameter("error");
        String parameter3 = httpServletRequest.getParameter("state");
        String stringBuffer = httpServletRequest.getRequestURL().toString();
        if (StringUtils.hasText(parameter)) {
            return OAuth2AuthorizationResponse.success(parameter).redirectUri(stringBuffer).state(parameter3).build();
        }
        String parameter4 = httpServletRequest.getParameter("error_description");
        return OAuth2AuthorizationResponse.error(parameter2).redirectUri(stringBuffer).errorDescription(parameter4).errorUri(httpServletRequest.getParameter("error_uri")).state(parameter3).build();
    }

    private boolean authorizationResponseSuccess(HttpServletRequest httpServletRequest) {
        return StringUtils.hasText(httpServletRequest.getParameter("code")) && StringUtils.hasText(httpServletRequest.getParameter("state"));
    }

    private boolean authorizationResponseError(HttpServletRequest httpServletRequest) {
        return StringUtils.hasText(httpServletRequest.getParameter("error")) && StringUtils.hasText(httpServletRequest.getParameter("state"));
    }
}
