package org.restlet.ext.oauth;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import org.restlet.Context;
import org.restlet.Request;
import org.restlet.Response;
import org.restlet.data.CacheDirective;
import org.restlet.data.ChallengeResponse;
import org.restlet.data.ChallengeScheme;
import org.restlet.data.Form;
import org.restlet.data.MediaType;
import org.restlet.data.Preference;
import org.restlet.data.Reference;
import org.restlet.data.Status;
import org.restlet.engine.util.Base64;
import org.restlet.ext.oauth.internal.CookieCopyClientResource;
import org.restlet.ext.oauth.internal.Scopes;
import org.restlet.representation.EmptyRepresentation;
import org.restlet.representation.Representation;
import org.restlet.representation.StringRepresentation;
import org.restlet.resource.ResourceException;
import org.restlet.routing.Filter;

/* loaded from: input_file:org/restlet/ext/oauth/OAuthProxy.class */
public class OAuthProxy extends Filter {
    private static final List<CacheDirective> no = new ArrayList();
    private static final String VERSION = "DRAFT-10";
    private final OAuthParameters params;
    private final boolean basicSecret;
    private final org.restlet.Client cc;

    public static String getVersion() {
        return VERSION;
    }

    public OAuthProxy(OAuthParameters oAuthParameters, Context context) {
        this(oAuthParameters, context, false);
    }

    public OAuthProxy(OAuthParameters oAuthParameters, Context context, boolean z) {
        this(oAuthParameters, context, z, null);
    }

    public OAuthProxy(OAuthParameters oAuthParameters, Context context, boolean z, org.restlet.Client client) {
        this.basicSecret = z;
        setContext(context);
        this.params = oAuthParameters;
        no.add(CacheDirective.noStore());
        this.cc = client;
    }

    protected int beforeHandle(Request request, Response response) {
        OAuthUser createJson;
        Boolean bool = false;
        request.setCacheDirectives(no);
        String url = request.getResourceRef().toUrl().toString();
        Form form = new Form(request.getOriginalRef().getQuery());
        String firstValue = form.getFirstValue(OAuthServerResource.ERROR);
        if (firstValue != null && firstValue.length() > 0) {
            Representation emptyRepresentation = new EmptyRepresentation();
            String firstValue2 = form.getFirstValue(OAuthServerResource.ERROR_DESC);
            String firstValue3 = form.getFirstValue(OAuthServerResource.ERROR_URI);
            if (firstValue2 != null || firstValue3 != null) {
                StringBuilder sb = new StringBuilder();
                sb.append("<html><body><pre>");
                sb.append("OAuth2 error detected.\n");
                if (firstValue2 != null) {
                    sb.append("Error description : ").append(firstValue2);
                }
                if (firstValue3 != null) {
                    sb.append("<a href=\"");
                    sb.append(firstValue3);
                    sb.append("\">Error Description</a>");
                }
                sb.append("</pre></body></html>");
                emptyRepresentation = new StringRepresentation(sb.toString(), MediaType.TEXT_HTML);
            }
            OAuthError valueOf = OAuthError.valueOf(firstValue);
            switch (valueOf) {
                case invalid_request:
                    response.setStatus(Status.CLIENT_ERROR_BAD_REQUEST, firstValue);
                    response.setEntity(emptyRepresentation);
                    return 2;
                case invalid_client:
                    response.setStatus(Status.CLIENT_ERROR_NOT_FOUND, firstValue);
                    response.setEntity(emptyRepresentation);
                    return 2;
                case unauthorized_client:
                    response.setStatus(Status.CLIENT_ERROR_FORBIDDEN, firstValue);
                    response.setEntity(emptyRepresentation);
                    return 2;
                case access_denied:
                    response.setStatus(Status.CLIENT_ERROR_FORBIDDEN, firstValue);
                    response.setEntity(emptyRepresentation);
                    return 2;
                case unsupported_response_type:
                    response.setStatus(Status.CLIENT_ERROR_BAD_REQUEST, firstValue);
                    response.setEntity(emptyRepresentation);
                    return 2;
                case invalid_scope:
                    response.setStatus(Status.CLIENT_ERROR_FORBIDDEN, firstValue);
                    response.setEntity(emptyRepresentation);
                    return 2;
                default:
                    getLogger().warning("Unhandled error response type. " + valueOf.name());
                    return 2;
            }
        }
        String firstValue4 = form.getFirstValue(OAuthServerResource.CODE);
        getLogger().fine("Incomming request query = " + form);
        if (firstValue4 == null) {
            Form form2 = new Form();
            form2.add(OAuthServerResource.RESPONSE_TYPE, ResponseType.code.name());
            form2.add(OAuthServerResource.CLIENT_ID, this.params.getClientId());
            form2.add(OAuthServerResource.REDIR_URI, url);
            form2.add(OAuthServerResource.SCOPE, Scopes.toScope(this.params.getRoles()));
            try {
                form2.encode();
            } catch (IOException e) {
                getLogger().warning(e.getMessage());
            }
            Reference reference = new Reference(this.params.getBaseRef(), this.params.getAuthorizePath(), form2.getQueryString(), (String) null);
            getLogger().fine("Redirecting to : " + reference.toUri());
            response.setCacheDirectives(no);
            response.redirectTemporary(reference);
            getLogger().fine("After Redirecting to : " + reference.toUri());
        } else {
            getLogger().fine("Came back after SNS code = " + firstValue4);
            CookieCopyClientResource cookieCopyClientResource = new CookieCopyClientResource(this.params.getBaseRef() + this.params.getAccessTokenPath());
            if (this.cc != null) {
                cookieCopyClientResource.setNext(this.cc);
            }
            Form form3 = new Form();
            form3.add(OAuthServerResource.GRANT_TYPE, GrantType.authorization_code.name());
            form3.add(OAuthServerResource.REDIR_URI, request.getResourceRef().getHostIdentifier() + request.getResourceRef().getPath());
            if (this.basicSecret) {
                ChallengeResponse challengeResponse = new ChallengeResponse(ChallengeScheme.HTTP_BASIC);
                challengeResponse.setDigestAlgorithm("NONE");
                challengeResponse.setRawValue(Base64.encode((this.params.getClientId() + ':' + this.params.getClientSecret()).getBytes(), false));
                cookieCopyClientResource.setChallengeResponse(challengeResponse);
            } else {
                form3.add(OAuthServerResource.CLIENT_ID, this.params.getClientId());
                form3.add(OAuthServerResource.CLIENT_SECRET, this.params.getClientSecret());
            }
            form3.add(OAuthServerResource.CODE, firstValue4);
            getLogger().fine("Sending access form : " + form3.getQueryString() + " to : " + cookieCopyClientResource.getReference());
            try {
                Representation webRepresentation = form3.getWebRepresentation();
                cookieCopyClientResource.getClientInfo().getAcceptedMediaTypes().add(new Preference(MediaType.APPLICATION_JSON));
                Representation post = cookieCopyClientResource.post(webRepresentation);
                if (cookieCopyClientResource.getStatus().isSuccess() && (createJson = OAuthUser.createJson(request.getClientInfo().getUser(), post)) != null) {
                    request.getClientInfo().setUser(createJson);
                    request.getClientInfo().setAuthenticated(true);
                    getLogger().fine("storing to context = : " + getContext());
                    bool = true;
                }
                getLogger().fine("Before sns release");
                post.release();
            } catch (ResourceException e2) {
                getLogger().warning("Could not find token resource.");
            }
            cookieCopyClientResource.release();
        }
        if (bool.booleanValue()) {
            return 0;
        }
        if (!response.getStatus().isSuccess() && !response.getStatus().isServerError()) {
            return 2;
        }
        response.setStatus(Status.CLIENT_ERROR_FORBIDDEN);
        return 2;
    }

    public synchronized void start() throws Exception {
        super.start();
    }

    public synchronized void stop() throws Exception {
        super.stop();
    }
}
