package com.racquettrack.security.oauth;

import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientHandlerException;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.UniformInterfaceException;
import com.sun.jersey.core.util.MultivaluedMapImpl;
import java.io.IOException;
import java.net.URI;
import java.util.Map;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.UriBuilder;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.type.TypeReference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.authentication.AccountStatusUserDetailsChecker;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsChecker;
import org.springframework.util.Assert;

/* loaded from: input_file:com/racquettrack/security/oauth/OAuth2AuthenticationProvider.class */
public class OAuth2AuthenticationProvider implements AuthenticationProvider, InitializingBean {
    private static final Logger LOGGER = LoggerFactory.getLogger(OAuth2AuthenticationProvider.class);
    private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
    private AuthenticationUserDetailsService<OAuth2AuthenticationToken> authenticatedUserDetailsService = null;
    private UserDetailsChecker userDetailsChecker = new AccountStatusUserDetailsChecker();
    boolean throwExceptionWhenTokenRejected = false;
    private OAuth2ServiceProperties oAuth2ServiceProperties = null;
    private Client client = null;

    public void afterPropertiesSet() {
        Assert.notNull(this.authenticatedUserDetailsService, "An AuthenticationUserDetailsService must be set");
        Assert.notNull(this.oAuth2ServiceProperties, "An oAuth2ServiceProperties must be set");
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        if (!supports(authentication.getClass())) {
            return null;
        }
        LOGGER.debug("OAuth2Authentication authentication request: " + authentication);
        if (authentication.getCredentials() == null) {
            LOGGER.debug("No credentials found in request.");
            if (this.throwExceptionWhenTokenRejected) {
                throw new BadCredentialsException("No pre-authenticated credentials found in request.");
            }
            return null;
        }
        String accessToken = getAccessToken(authentication);
        UserDetails loadUserDetails = this.authenticatedUserDetailsService.loadUserDetails(new OAuth2AuthenticationToken(accessToken));
        this.userDetailsChecker.check(loadUserDetails);
        OAuth2AuthenticationToken oAuth2AuthenticationToken = new OAuth2AuthenticationToken(loadUserDetails, accessToken, loadUserDetails.getAuthorities());
        oAuth2AuthenticationToken.setDetails(authentication.getDetails());
        return oAuth2AuthenticationToken;
    }

    public boolean supports(Class<?> cls) {
        return OAuth2AuthenticationToken.class.isAssignableFrom(cls);
    }

    public void setAuthenticatedUserDetailsService(AuthenticationUserDetailsService<OAuth2AuthenticationToken> authenticationUserDetailsService) {
        this.authenticatedUserDetailsService = authenticationUserDetailsService;
    }

    public void setThrowExceptionWhenTokenRejected(boolean z) {
        this.throwExceptionWhenTokenRejected = z;
    }

    public void setUserDetailsChecker(UserDetailsChecker userDetailsChecker) {
        Assert.notNull(userDetailsChecker, "userDetailsChacker cannot be null");
        this.userDetailsChecker = userDetailsChecker;
    }

    protected String getAccessToken(Authentication authentication) {
        try {
            ClientResponse clientResponseForAccessTokenRequestFrom = getClientResponseForAccessTokenRequestFrom(authentication);
            if (!isOkay(clientResponseForAccessTokenRequestFrom)) {
                throw new AuthenticationServiceException("Got HTTP error code from OAuth2 provider: " + clientResponseForAccessTokenRequestFrom.getStatus());
            }
            String stringRepresentationFrom = getStringRepresentationFrom(clientResponseForAccessTokenRequestFrom);
            LOGGER.debug("Output is {}", stringRepresentationFrom);
            Map<String, Object> userDataMapFrom = getUserDataMapFrom(stringRepresentationFrom);
            if (!userDataMapFrom.containsKey("error")) {
                return (String) userDataMapFrom.get(this.oAuth2ServiceProperties.getAccessTokenName());
            }
            LOGGER.error("Got error response from the OAuth Provider: {}", stringRepresentationFrom);
            throw new AuthenticationServiceException("Credentials were rejected by the OAuth Provider: " + stringRepresentationFrom);
        } catch (UniformInterfaceException | ClientHandlerException e) {
            LOGGER.error("Error thrown by Jersey client when exchanging code for token", e);
            throw new AuthenticationServiceException("Error thrown by Jersey client when exchanging code for token", e);
        }
    }

    private ClientResponse getClientResponseForAccessTokenRequestFrom(Authentication authentication) {
        Client client = getClient();
        MultivaluedMapImpl multivaluedMapImpl = new MultivaluedMapImpl();
        multivaluedMapImpl.add(this.oAuth2ServiceProperties.getGrantTypeParamName(), this.oAuth2ServiceProperties.getGrantType());
        multivaluedMapImpl.add(this.oAuth2ServiceProperties.getClientIdParamName(), this.oAuth2ServiceProperties.getClientId());
        multivaluedMapImpl.add(this.oAuth2ServiceProperties.getClientSecretParamName(), this.oAuth2ServiceProperties.getClientSecret());
        multivaluedMapImpl.add(this.oAuth2ServiceProperties.getCodeParamName(), (String) authentication.getCredentials());
        multivaluedMapImpl.add(this.oAuth2ServiceProperties.getRedirectUriParamName(), redirectUriUsing(authentication).toString());
        return (ClientResponse) client.resource(this.oAuth2ServiceProperties.getAccessTokenUri()).accept(new MediaType[]{MediaType.APPLICATION_JSON_TYPE}).type("application/x-www-form-urlencoded").post(ClientResponse.class, multivaluedMapImpl);
    }

    private boolean isOkay(ClientResponse clientResponse) {
        return clientResponse != null && clientResponse.getClientResponseStatus() == ClientResponse.Status.OK;
    }

    private String getStringRepresentationFrom(ClientResponse clientResponse) {
        return (String) clientResponse.getEntity(String.class);
    }

    private Map<String, Object> getUserDataMapFrom(String str) throws AuthenticationServiceException {
        try {
            return (Map) OBJECT_MAPPER.readValue(str, new TypeReference<Map<String, Object>>() { // from class: com.racquettrack.security.oauth.OAuth2AuthenticationProvider.1
            });
        } catch (IOException e) {
            LOGGER.error("Error getting user data from Provider", e);
            throw new AuthenticationServiceException("Error getting user data from Provider", e);
        }
    }

    private URI redirectUriUsing(Authentication authentication) {
        URI redirectUri;
        Object details = authentication.getDetails();
        if (details == null || !OAuth2WebAuthenticationDetails.class.isAssignableFrom(details.getClass()) || this.oAuth2ServiceProperties.getRedirectUri().isAbsolute()) {
            redirectUri = this.oAuth2ServiceProperties.getRedirectUri();
        } else {
            OAuth2WebAuthenticationDetails oAuth2WebAuthenticationDetails = (OAuth2WebAuthenticationDetails) details;
            redirectUri = UriBuilder.fromPath(oAuth2WebAuthenticationDetails.getContextPath()).path(this.oAuth2ServiceProperties.getRedirectUri().toString()).scheme(oAuth2WebAuthenticationDetails.getScheme()).host(oAuth2WebAuthenticationDetails.getHost()).port(oAuth2WebAuthenticationDetails.getPort()).build(new Object[0]);
        }
        return redirectUri;
    }

    public void setoAuth2ServiceProperties(OAuth2ServiceProperties oAuth2ServiceProperties) {
        this.oAuth2ServiceProperties = oAuth2ServiceProperties;
    }

    public Client getClient() {
        if (this.client == null) {
            this.client = Client.create();
        }
        return this.client;
    }

    public void setClient(Client client) {
        this.client = client;
    }
}
