package org.springframework.social.facebook.web;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.List;
import java.util.Map;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.social.connect.Connection;
import org.springframework.social.connect.ConnectionFactoryLocator;
import org.springframework.social.connect.UsersConnectionRepository;
import org.springframework.social.connect.web.SignInAdapter;
import org.springframework.social.facebook.api.Facebook;
import org.springframework.social.oauth2.AccessGrant;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.context.request.NativeWebRequest;
import org.springframework.web.servlet.View;
import org.springframework.web.servlet.view.RedirectView;

@RequestMapping({"/canvas"})
@Controller
/* loaded from: input_file:org/springframework/social/facebook/web/CanvasSignInController.class */
public class CanvasSignInController {
    private static final Log logger = LogFactory.getLog(CanvasSignInController.class);
    private final String clientId;
    private final String canvasPage;
    private final ConnectionFactoryLocator connectionFactoryLocator;
    private final UsersConnectionRepository usersConnectionRepository;
    private final SignInAdapter signInAdapter;
    private final SignedRequestDecoder signedRequestDecoder;
    private String postSignInUrl = "/";
    private String postDeclineUrl = "http://www.facebook.com";
    private String scope;

    /* loaded from: input_file:org/springframework/social/facebook/web/CanvasSignInController$TopLevelWindowRedirect.class */
    private static abstract class TopLevelWindowRedirect implements View {
        private TopLevelWindowRedirect() {
        }

        public String getContentType() {
            return "text/html";
        }

        public void render(Map<String, ?> map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
            httpServletResponse.getWriter().write("<script>");
            httpServletResponse.getWriter().write("top.location.href='" + getRedirectUrl(map) + "';");
            httpServletResponse.getWriter().write("</script>");
            httpServletResponse.flushBuffer();
        }

        protected abstract String getRedirectUrl(Map<String, ?> map);
    }

    @Inject
    public CanvasSignInController(ConnectionFactoryLocator connectionFactoryLocator, UsersConnectionRepository usersConnectionRepository, SignInAdapter signInAdapter, String str, String str2, String str3) {
        this.usersConnectionRepository = usersConnectionRepository;
        this.signInAdapter = signInAdapter;
        this.clientId = str;
        this.canvasPage = str3;
        this.connectionFactoryLocator = connectionFactoryLocator;
        this.signedRequestDecoder = new SignedRequestDecoder(str2);
    }

    public void setPostSignInUrl(String str) {
        this.postSignInUrl = str;
    }

    public void setPostDeclineUrl(String str) {
        this.postDeclineUrl = str;
    }

    public void setScope(String str) {
        this.scope = str;
    }

    @RequestMapping(method = {RequestMethod.POST, RequestMethod.GET}, params = {"signed_request", "!error"})
    public View signin(Model model, NativeWebRequest nativeWebRequest) throws SignedRequestException {
        String parameter = nativeWebRequest.getParameter("signed_request");
        if (parameter == null) {
            debug("Expected a signed_request parameter, but none given. Redirecting to the application's Canvas Page: " + this.canvasPage);
            return new RedirectView(this.canvasPage, false);
        }
        String str = (String) this.signedRequestDecoder.decodeSignedRequest(parameter).get("oauth_token");
        if (str != null) {
            debug("Access token available in signed_request parameter. Creating connection and signing in.");
            handleSignIn(this.connectionFactoryLocator.getConnectionFactory(Facebook.class).createConnection(new AccessGrant(str)), nativeWebRequest);
            debug("Signed in. Redirecting to post-signin page.");
            return new RedirectView(this.postSignInUrl, true);
        }
        debug("No access token in the signed_request parameter. Redirecting to the authorization dialog.");
        model.addAttribute("clientId", this.clientId);
        model.addAttribute("canvasPage", this.canvasPage);
        if (this.scope != null) {
            model.addAttribute("scope", this.scope);
        }
        return new TopLevelWindowRedirect() { // from class: org.springframework.social.facebook.web.CanvasSignInController.1
            @Override // org.springframework.social.facebook.web.CanvasSignInController.TopLevelWindowRedirect
            protected String getRedirectUrl(Map<String, ?> map) {
                String str2 = (String) map.get("clientId");
                String str3 = (String) map.get("canvasPage");
                String str4 = (String) map.get("scope");
                String str5 = "https://www.facebook.com/v1.0/dialog/oauth?client_id=" + str2 + "&redirect_uri=" + str3;
                if (str4 != null) {
                    str5 = str5 + "&scope=" + CanvasSignInController.this.formEncode(str4);
                }
                return str5;
            }
        };
    }

    @RequestMapping(method = {RequestMethod.POST, RequestMethod.GET}, params = {"error"})
    public View error(@RequestParam("error") String str, @RequestParam("error_description") String str2) {
        debug("User declined authorization: '" + str2 + "'. Redirecting to " + this.postDeclineUrl);
        return postDeclineView();
    }

    protected View postDeclineView() {
        return new TopLevelWindowRedirect() { // from class: org.springframework.social.facebook.web.CanvasSignInController.2
            @Override // org.springframework.social.facebook.web.CanvasSignInController.TopLevelWindowRedirect
            protected String getRedirectUrl(Map<String, ?> map) {
                return CanvasSignInController.this.postDeclineUrl;
            }
        };
    }

    private void debug(String str) {
        if (logger.isDebugEnabled()) {
            logger.debug(str);
        }
    }

    private void handleSignIn(Connection<Facebook> connection, NativeWebRequest nativeWebRequest) {
        List findUserIdsWithConnection = this.usersConnectionRepository.findUserIdsWithConnection(connection);
        if (findUserIdsWithConnection.size() != 1) {
            logger.error("Expected exactly 1 matching user. Got " + findUserIdsWithConnection.size() + " metching users.");
        } else {
            this.usersConnectionRepository.createConnectionRepository((String) findUserIdsWithConnection.get(0)).updateConnection(connection);
            this.signInAdapter.signIn((String) findUserIdsWithConnection.get(0), connection, nativeWebRequest);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String formEncode(String str) {
        try {
            return URLEncoder.encode(str, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            throw new IllegalStateException(e);
        }
    }
}
