package org.mitre.oauth2.web;

import com.google.common.base.Joiner;
import com.google.common.base.Splitter;
import com.google.common.base.Strings;
import com.google.common.collect.Sets;
import com.google.gson.JsonObject;
import java.security.Principal;
import java.util.Date;
import java.util.HashMap;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.SystemScope;
import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.oauth2.service.SystemScopeService;
import org.mitre.openid.connect.model.UserInfo;
import org.mitre.openid.connect.service.ScopeClaimTranslationService;
import org.mitre.openid.connect.service.StatsService;
import org.mitre.openid.connect.service.UserInfoService;
import org.mitre.openid.connect.view.HttpCodeView;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.SessionAttributes;

@SessionAttributes({"authorizationRequest"})
@Controller
/* loaded from: input_file:org/mitre/oauth2/web/OAuthConfirmationController.class */
public class OAuthConfirmationController {

    @Autowired
    private ClientDetailsEntityService clientService;

    @Autowired
    private SystemScopeService scopeService;

    @Autowired
    private ScopeClaimTranslationService scopeClaimTranslationService;

    @Autowired
    private UserInfoService userInfoService;

    @Autowired
    private StatsService statsService;
    private static Logger logger = LoggerFactory.getLogger(OAuthConfirmationController.class);

    public OAuthConfirmationController() {
    }

    public OAuthConfirmationController(ClientDetailsEntityService clientDetailsEntityService) {
        this.clientService = clientDetailsEntityService;
    }

    @RequestMapping({"/oauth/confirm_access"})
    @PreAuthorize("hasRole('ROLE_USER')")
    public String confimAccess(Map<String, Object> map, @ModelAttribute("authorizationRequest") AuthorizationRequest authorizationRequest, Principal principal) {
        List splitToList = Splitter.on(" ").splitToList(Strings.nullToEmpty((String) authorizationRequest.getExtensions().get("prompt")));
        if (splitToList.contains("none")) {
            logger.info("Client requested no prompt, returning 403 from confirmation endpoint");
            map.put("code", HttpStatus.FORBIDDEN);
            return HttpCodeView.VIEWNAME;
        }
        if (splitToList.contains("consent")) {
            map.put("consent", true);
        }
        try {
            ClientDetailsEntity loadClientByClientId = this.clientService.loadClientByClientId(authorizationRequest.getClientId());
            if (loadClientByClientId == null) {
                logger.error("confirmAccess: could not find client " + authorizationRequest.getClientId());
                map.put("code", HttpStatus.NOT_FOUND);
                return HttpCodeView.VIEWNAME;
            }
            map.put("auth_request", authorizationRequest);
            map.put("client", loadClientByClientId);
            map.put("redirect_uri", authorizationRequest.getRedirectUri());
            Set fromStrings = this.scopeService.fromStrings(authorizationRequest.getScope());
            LinkedHashSet<SystemScope> linkedHashSet = new LinkedHashSet(fromStrings.size());
            Set<SystemScope> all = this.scopeService.getAll();
            for (SystemScope systemScope : all) {
                if (fromStrings.contains(systemScope)) {
                    linkedHashSet.add(systemScope);
                }
            }
            linkedHashSet.addAll(Sets.difference(fromStrings, all));
            map.put("scopes", linkedHashSet);
            UserInfo byUsername = this.userInfoService.getByUsername(principal.getName());
            HashMap hashMap = new HashMap();
            if (byUsername != null) {
                JsonObject json = byUsername.toJson();
                for (SystemScope systemScope2 : linkedHashSet) {
                    HashMap hashMap2 = new HashMap();
                    for (String str : this.scopeClaimTranslationService.getClaimsForScope(systemScope2.getValue())) {
                        if (json.has(str) && json.get(str).isJsonPrimitive()) {
                            hashMap2.put(str, json.get(str).getAsString());
                        }
                    }
                    hashMap.put(systemScope2.getValue(), hashMap2);
                }
            }
            map.put("claims", hashMap);
            Integer countForClientId = this.statsService.getCountForClientId(loadClientByClientId.getId());
            map.put("count", countForClientId);
            if (loadClientByClientId.getContacts() != null) {
                map.put("contacts", Joiner.on(", ").join(loadClientByClientId.getContacts()));
            }
            Date date = new Date(System.currentTimeMillis() - 604800000);
            if (countForClientId.intValue() <= 1 || loadClientByClientId.getCreatedAt() == null || !loadClientByClientId.getCreatedAt().before(date)) {
                map.put("gras", false);
            } else {
                map.put("gras", true);
            }
            map.put("csrf", authorizationRequest.getExtensions().get("csrf"));
            return "approve";
        } catch (OAuth2Exception e) {
            logger.error("confirmAccess: OAuth2Exception was thrown when attempting to load client", e);
            map.put("code", HttpStatus.BAD_REQUEST);
            return HttpCodeView.VIEWNAME;
        } catch (IllegalArgumentException e2) {
            logger.error("confirmAccess: IllegalArgumentException was thrown when attempting to load client", e2);
            map.put("code", HttpStatus.BAD_REQUEST);
            return HttpCodeView.VIEWNAME;
        }
    }

    public ClientDetailsEntityService getClientService() {
        return this.clientService;
    }

    public void setClientService(ClientDetailsEntityService clientDetailsEntityService) {
        this.clientService = clientDetailsEntityService;
    }
}
