package io.vertx.ext.web.handler.impl;

import io.vertx.core.http.HttpHeaders;
import io.vertx.core.http.HttpMethod;
import io.vertx.core.json.JsonArray;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.User;
import io.vertx.ext.auth.oauth2.OAuth2Auth;
import io.vertx.ext.web.Route;
import io.vertx.ext.web.RoutingContext;
import io.vertx.ext.web.Session;
import io.vertx.ext.web.handler.OAuth2AuthHandler;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Iterator;
import java.util.regex.Pattern;

/* loaded from: input_file:io/vertx/ext/web/handler/impl/OAuth2AuthHandlerImpl.class */
public class OAuth2AuthHandlerImpl extends AuthHandlerImpl implements OAuth2AuthHandler {
    private static final Pattern BEARER = Pattern.compile("^Bearer$", 2);
    private final String host;
    private final String callbackPath;
    private final boolean supportJWT;
    private Route callback;
    private JsonObject extraParams;

    public OAuth2AuthHandlerImpl(OAuth2Auth oAuth2Auth, String str) {
        super(oAuth2Auth);
        this.extraParams = new JsonObject();
        this.supportJWT = oAuth2Auth.hasJWTToken();
        try {
            URL url = new URL(str);
            this.host = url.getProtocol() + "://" + url.getHost() + (url.getPort() == -1 ? "" : ":" + url.getPort());
            this.callbackPath = url.getPath();
        } catch (MalformedURLException e) {
            throw new RuntimeException(e);
        }
    }

    public void handle(RoutingContext routingContext) {
        String str;
        User user = routingContext.user();
        if (user != null) {
            if (this.supportJWT) {
                authorise(user, routingContext);
                return;
            } else {
                routingContext.next();
                return;
            }
        }
        if (this.supportJWT && (str = routingContext.request().headers().get(HttpHeaders.AUTHORIZATION)) != null) {
            String[] split = str.split(" ");
            if (split.length != 2) {
                routingContext.response().putHeader("WWW-Authenticate", "Bearer error=\"invalid_token\"");
                routingContext.fail(401);
                return;
            } else {
                String str2 = split[0];
                String str3 = split[1];
                if (BEARER.matcher(str2).matches()) {
                    this.authProvider.decodeToken(str3, asyncResult -> {
                        if (asyncResult.failed()) {
                            routingContext.response().putHeader("WWW-Authenticate", "Bearer error=\"invalid_token\" error_message=\"" + asyncResult.cause().getMessage() + "\"");
                            routingContext.fail(401);
                            return;
                        }
                        routingContext.setUser((User) asyncResult.result());
                        Session session = routingContext.session();
                        if (session != null) {
                            session.regenerateId();
                        }
                        routingContext.next();
                    });
                    return;
                }
            }
        }
        routingContext.response().putHeader("Location", authURI(this.host, routingContext.normalisedPath())).setStatusCode(302).end();
    }

    private String authURI(String str, String str2) {
        if (this.callback == null) {
            throw new NullPointerException("callback is null");
        }
        if (this.authorities.size() <= 0) {
            return this.authProvider.authorizeURL(new JsonObject().put("redirect_uri", str + this.callback.getPath()).put("state", str2));
        }
        JsonArray jsonArray = new JsonArray();
        Iterator<String> it = this.authorities.iterator();
        while (it.hasNext()) {
            jsonArray.add(it.next());
        }
        return this.authProvider.authorizeURL(new JsonObject().put("redirect_uri", str + this.callback.getPath()).put("scopes", jsonArray).put("state", str2));
    }

    @Override // io.vertx.ext.web.handler.OAuth2AuthHandler
    public OAuth2AuthHandler extraParams(JsonObject jsonObject) {
        this.extraParams = jsonObject;
        return this;
    }

    @Override // io.vertx.ext.web.handler.OAuth2AuthHandler
    public OAuth2AuthHandler setupCallback(Route route) {
        this.callback = route;
        if (!"".equals(this.callbackPath)) {
            this.callback.path(this.callbackPath);
        }
        this.callback.method(HttpMethod.GET);
        route.handler(routingContext -> {
            String param = routingContext.request().getParam("code");
            if (param == null) {
                routingContext.fail(400);
            } else {
                String param2 = routingContext.request().getParam("state");
                this.authProvider.getToken(new JsonObject().put("code", param).put("redirect_uri", this.host + this.callback.getPath()).mergeIn(this.extraParams), asyncResult -> {
                    if (asyncResult.failed()) {
                        routingContext.fail(asyncResult.cause());
                        return;
                    }
                    routingContext.setUser((User) asyncResult.result());
                    Session session = routingContext.session();
                    if (session == null) {
                        routingContext.reroute(param2);
                    } else {
                        session.regenerateId();
                        routingContext.response().putHeader("Cache-Control", "no-cache, no-store, must-revalidate").putHeader("Pragma", "no-cache").putHeader("Expires", "0").putHeader("Location", param2).setStatusCode(302).end("Redirecting to " + param2 + ".");
                    }
                });
            }
        });
        return this;
    }
}
