package com.stormpath.sdk.servlet.mvc;

import com.stormpath.sdk.account.Account;
import com.stormpath.sdk.account.AccountStatus;
import com.stormpath.sdk.http.HttpMethod;
import com.stormpath.sdk.lang.Assert;
import com.stormpath.sdk.lang.Collections;
import com.stormpath.sdk.lang.Strings;
import com.stormpath.sdk.provider.ProviderAccountRequest;
import com.stormpath.sdk.provider.Providers;
import com.stormpath.sdk.servlet.csrf.CsrfTokenManager;
import com.stormpath.sdk.servlet.csrf.DisabledCsrfTokenManager;
import com.stormpath.sdk.servlet.form.DefaultField;
import com.stormpath.sdk.servlet.form.DefaultForm;
import com.stormpath.sdk.servlet.form.Field;
import com.stormpath.sdk.servlet.form.Form;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/stormpath/sdk/servlet/mvc/FormController.class */
public abstract class FormController extends AbstractController {
    private static final Logger log = LoggerFactory.getLogger(FormController.class);
    public static final String SPRING_SECURITY_AUTHENTICATION_FAILED_KEY = "SPRING_SECURITY_AUTHENTICATION_FAILED_MESSAGE";
    private CsrfTokenManager csrfTokenManager;
    private RequestFieldValueResolver fieldValueResolver;
    private List<Field> formFields;

    public void setCsrfTokenManager(CsrfTokenManager csrfTokenManager) {
        this.csrfTokenManager = csrfTokenManager;
    }

    public void setFieldValueResolver(RequestFieldValueResolver requestFieldValueResolver) {
        this.fieldValueResolver = requestFieldValueResolver;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public RequestFieldValueResolver getFieldValueResolver() {
        return this.fieldValueResolver;
    }

    public void setFormFields(List<Field> list) {
        this.formFields = list;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CsrfTokenManager getCsrfTokenManager() {
        return this.csrfTokenManager;
    }

    @Override // com.stormpath.sdk.servlet.mvc.AbstractController
    public void init() throws Exception {
        super.init();
        Assert.notNull(this.csrfTokenManager, "csrfTokenManager cannot be null.");
        Assert.notNull(this.fieldValueResolver, "fieldValueResolver cannot be null.");
    }

    private boolean isCsrfProtectionEnabled() {
        return (this.csrfTokenManager == null || (this.csrfTokenManager instanceof DisabledCsrfTokenManager)) ? false : true;
    }

    protected Field createCsrfTokenField(String str) {
        return DefaultField.builder().setName(this.csrfTokenManager.getTokenName()).setValue(str).setType("hidden").build();
    }

    protected void setCsrfToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Form form) throws IllegalArgumentException {
        if (isJsonPreferred(httpServletRequest, httpServletResponse)) {
            return;
        }
        Assert.isInstanceOf(DefaultForm.class, form, "Form implementation class must equal or extend DefaultForm");
        String value = this.fieldValueResolver.getValue(httpServletRequest, this.csrfTokenManager.getTokenName());
        if (HttpMethod.POST.name().equalsIgnoreCase(httpServletRequest.getMethod())) {
            form.addField(createCsrfTokenField(value));
        } else if (HttpMethod.GET.name().equalsIgnoreCase(httpServletRequest.getMethod())) {
            form.addField(createCsrfTokenField(this.csrfTokenManager.createCsrfToken(httpServletRequest, httpServletResponse)));
        }
    }

    void validateCsrfToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Form form) throws IllegalArgumentException {
        if (!isCsrfProtectionEnabled() || isJsonPreferred(httpServletRequest, httpServletResponse)) {
            return;
        }
        Assert.isTrue(this.csrfTokenManager.isValidCsrfToken(httpServletRequest, httpServletResponse, form.getFieldValue(this.csrfTokenManager.getTokenName())), "Invalid CSRF token");
        form.getField(this.csrfTokenManager.getTokenName()).setValue(this.csrfTokenManager.createCsrfToken(httpServletRequest, httpServletResponse));
    }

    private void setForm(Map<String, Object> map, Form form) {
        map.put("form", form);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.stormpath.sdk.servlet.mvc.AbstractController
    public ViewModel doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        return new DefaultViewModel(this.view, createModel(httpServletRequest, httpServletResponse));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map<String, ?> createModel(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        ArrayList arrayList = null;
        if (httpServletRequest.getParameter("error") != null && httpServletRequest.getSession(false) != null) {
            arrayList = new ArrayList();
            ErrorModel errorModel = (ErrorModel) httpServletRequest.getSession(false).getAttribute(SPRING_SECURITY_AUTHENTICATION_FAILED_KEY);
            if (errorModel != null) {
                arrayList.add(errorModel);
            }
        }
        return createModel(httpServletRequest, httpServletResponse, null, arrayList);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Map<String, ?> createModel(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Form form, List<ErrorModel> list) {
        Map<String, ?> newModel = newModel();
        if (!Collections.isEmpty(list)) {
            newModel.put("errors", list);
        }
        if (form == null) {
            form = createForm(httpServletRequest, httpServletResponse);
        }
        setForm(newModel, form);
        String clean = Strings.clean(httpServletRequest.getParameter("status"));
        if (clean != null) {
            newModel.put("status", clean);
        }
        appendModel(httpServletRequest, httpServletResponse, form, list, newModel);
        return newModel;
    }

    protected Form createForm(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return createForm(httpServletRequest, httpServletResponse, false);
    }

    protected Form createForm(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z) {
        DefaultForm build = DefaultForm.builder().setFields(createFields(httpServletRequest, z)).build();
        if (isCsrfProtectionEnabled()) {
            setCsrfToken(httpServletRequest, httpServletResponse, build);
        }
        return build;
    }

    protected List<Field> createFields(HttpServletRequest httpServletRequest, boolean z) {
        ArrayList arrayList = new ArrayList();
        Iterator<Field> it = this.formFields.iterator();
        while (it.hasNext()) {
            Field copy = it.next().copy();
            if (copy.isEnabled()) {
                String value = this.fieldValueResolver.getValue(httpServletRequest, copy.getName());
                if (z && "password".equals(copy.getName())) {
                    copy.setValue(value);
                } else {
                    copy.setValue(value);
                }
                ((DefaultField) copy).setLabel(i18nWithDefault(httpServletRequest, copy.getLabel(), copy.getLabel()));
                ((DefaultField) copy).setPlaceholder(i18nWithDefault(httpServletRequest, copy.getPlaceholder(), copy.getPlaceholder()));
                arrayList.add(copy);
            }
        }
        return arrayList;
    }

    protected void appendModel(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Form form, List<ErrorModel> list, Map<String, Object> map) {
    }

    @Override // com.stormpath.sdk.servlet.mvc.AbstractController
    protected ViewModel doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        Form createForm = createForm(httpServletRequest, httpServletResponse, true);
        try {
            validate(httpServletRequest, httpServletResponse, createForm);
            return onValidSubmit(httpServletRequest, httpServletResponse, createForm);
        } catch (Exception e) {
            return onErrorSubmit(httpServletRequest, httpServletResponse, createForm, e);
        }
    }

    protected ViewModel onErrorSubmit(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Form form, Exception exc) {
        sanitizeForm(form);
        List<ErrorModel> errors = toErrors(httpServletRequest, form, exc);
        if (isJsonPreferred(httpServletRequest, httpServletResponse)) {
            httpServletResponse.setStatus(errors.get(0).getStatus());
            return new DefaultViewModel("stormpathJsonView", errors.get(0).toMap());
        }
        return new DefaultViewModel(this.view, createModel(httpServletRequest, httpServletResponse, form, errors));
    }

    private void sanitizeForm(Form form) {
        Field field = form.getField("password");
        if (field != null) {
            field.setValue("");
        }
        Field field2 = form.getField("confirmPassword");
        if (field2 != null) {
            field2.setValue("");
        }
    }

    protected abstract List<ErrorModel> toErrors(HttpServletRequest httpServletRequest, Form form, Exception exc);

    protected abstract ViewModel onValidSubmit(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Form form) throws Exception;

    /* JADX INFO: Access modifiers changed from: protected */
    public void validate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Form form) {
        ProviderAccountRequest accountProviderRequest;
        validateCsrfToken(httpServletRequest, httpServletResponse, form);
        if (httpServletRequest.getParameterMap().size() == 0 && httpServletRequest.getContentLength() > 0 && (accountProviderRequest = getAccountProviderRequest(httpServletRequest)) != null) {
            Account account = getApplication(httpServletRequest).getAccount(accountProviderRequest).getAccount();
            if (account.getStatus().equals(AccountStatus.ENABLED)) {
                httpServletRequest.setAttribute(Account.class.getName(), account);
                return;
            }
        }
        for (Field field : form.getFields()) {
            if (field.isRequired() || field.isEnabled()) {
                if (form.getFieldValue(field.getName()) == null) {
                    throw new ValidationException(i18n(httpServletRequest, "stormpath.web." + getControllerKey() + ".form.fields." + field.getName() + ".required"));
                }
            }
        }
        if (isJsonPreferred(httpServletRequest, httpServletResponse)) {
            for (String str : this.fieldValueResolver.getAllFields(httpServletRequest).keySet()) {
                if (form.getField(str) == null && !"customData".equals(str)) {
                    throw new ValidationException(i18n(httpServletRequest, "stormpath.web.form.fields.unknown", str));
                }
            }
        }
    }

    private ProviderAccountRequest getAccountProviderRequest(HttpServletRequest httpServletRequest) {
        Map map = (Map) ((Map) httpServletRequest.getAttribute(JacksonFieldValueResolver.MARSHALLED_OBJECT)).get("providerData");
        if (map == null) {
            log.warn("Provider data not found in request.");
            return null;
        }
        String str = (String) map.get("providerId");
        ProviderAccountRequest providerAccountRequest = null;
        boolean z = -1;
        switch (str.hashCode()) {
            case -1245635613:
                if (str.equals("github")) {
                    z = true;
                    break;
                }
                break;
            case -1240244679:
                if (str.equals("google")) {
                    z = 2;
                    break;
                }
                break;
            case 497130182:
                if (str.equals("facebook")) {
                    z = false;
                    break;
                }
                break;
            case 1194692862:
                if (str.equals("linkedin")) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                providerAccountRequest = Providers.FACEBOOK.account().setAccessToken((String) map.get("accessToken")).build();
                break;
            case true:
                providerAccountRequest = Providers.GITHUB.account().setAccessToken(exchangeGithubCodeForAccessToken((String) map.get("code"), httpServletRequest)).build();
                break;
            case true:
                providerAccountRequest = Providers.GOOGLE.account().setCode((String) map.get("code")).build();
                break;
            case true:
                providerAccountRequest = Providers.LINKEDIN.account().setCode((String) map.get("code")).build();
                break;
            default:
                log.error("No provider configured for " + str);
                break;
        }
        return providerAccountRequest;
    }
}
