package net.krotscheck.kangaroo.authz.oauth2.resource.authorize;

import java.net.URI;
import java.util.SortedMap;
import javax.inject.Inject;
import javax.servlet.http.HttpSession;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import javax.ws.rs.core.UriInfo;
import net.krotscheck.kangaroo.authz.common.authenticator.IAuthenticator;
import net.krotscheck.kangaroo.authz.common.database.entity.ApplicationScope;
import net.krotscheck.kangaroo.authz.common.database.entity.Authenticator;
import net.krotscheck.kangaroo.authz.common.database.entity.AuthenticatorState;
import net.krotscheck.kangaroo.authz.common.database.entity.ClientType;
import net.krotscheck.kangaroo.authz.common.database.entity.OAuthToken;
import net.krotscheck.kangaroo.authz.common.database.entity.OAuthTokenType;
import net.krotscheck.kangaroo.authz.common.database.entity.UserIdentity;
import net.krotscheck.kangaroo.authz.common.util.ValidationUtil;
import net.krotscheck.kangaroo.common.hibernate.id.IdUtil;
import org.apache.commons.lang3.StringUtils;
import org.glassfish.jersey.internal.inject.AbstractBinder;
import org.glassfish.jersey.internal.inject.InjectionManager;
import org.glassfish.jersey.process.internal.RequestScoped;
import org.hibernate.Session;

/* loaded from: input_file:net/krotscheck/kangaroo/authz/oauth2/resource/authorize/AuthCodeHandler.class */
public final class AuthCodeHandler implements IAuthorizeHandler {
    private final InjectionManager injector;
    private final Session session;
    private final UriInfo uriInfo;

    /* loaded from: input_file:net/krotscheck/kangaroo/authz/oauth2/resource/authorize/AuthCodeHandler$Binder.class */
    public static final class Binder extends AbstractBinder {
        @Override // org.glassfish.jersey.internal.inject.AbstractBinder
        protected void configure() {
            bind(AuthCodeHandler.class).to(IAuthorizeHandler.class).named(ClientType.AuthorizationGrant.name()).in(RequestScoped.class);
        }
    }

    @Inject
    public AuthCodeHandler(InjectionManager injectionManager, Session session, @Context UriInfo uriInfo) {
        this.injector = injectionManager;
        this.session = session;
        this.uriInfo = uriInfo;
    }

    @Override // net.krotscheck.kangaroo.authz.oauth2.resource.authorize.IAuthorizeHandler
    public IAuthenticator getAuthenticator(AuthenticatorState authenticatorState) {
        return (IAuthenticator) this.injector.getInstance(IAuthenticator.class, authenticatorState.getAuthenticator().getType().name());
    }

    @Override // net.krotscheck.kangaroo.authz.oauth2.resource.authorize.IAuthorizeHandler
    public Response handle(HttpSession httpSession, Authenticator authenticator, URI uri, SortedMap<String, ApplicationScope> sortedMap, String str) {
        IAuthenticator iAuthenticator = (IAuthenticator) this.injector.getInstance(IAuthenticator.class, authenticator.getType().name());
        AuthenticatorState authenticatorState = new AuthenticatorState();
        authenticatorState.setClientState(str);
        authenticatorState.setClientScopes(sortedMap);
        authenticatorState.setClientRedirect(uri);
        authenticatorState.setAuthenticator(authenticator);
        this.session.save(authenticatorState);
        return iAuthenticator.delegate(authenticator, buildCallback(this.uriInfo, authenticatorState));
    }

    @Override // net.krotscheck.kangaroo.authz.oauth2.resource.authorize.IAuthorizeHandler
    public Response callback(AuthenticatorState authenticatorState, HttpSession httpSession) {
        UserIdentity authenticate = getAuthenticator(authenticatorState).authenticate(authenticatorState.getAuthenticator(), this.uriInfo.getQueryParameters(), buildCallback(this.uriInfo, authenticatorState));
        OAuthToken oAuthToken = new OAuthToken();
        oAuthToken.setClient(authenticatorState.getAuthenticator().getClient());
        oAuthToken.setIdentity(authenticate);
        oAuthToken.setScopes(ValidationUtil.validateScope(authenticatorState.getClientScopes(), authenticate.getUser().getRole()));
        oAuthToken.setTokenType(OAuthTokenType.Authorization);
        oAuthToken.setExpiresIn(authenticatorState.getAuthenticator().getClient().getAuthorizationCodeExpiresIn());
        oAuthToken.setRedirect(authenticatorState.getClientRedirect());
        oAuthToken.setIdentity(authenticate);
        oAuthToken.setIssuer(this.uriInfo.getAbsolutePath().getHost());
        this.session.save(oAuthToken);
        this.session.delete(authenticatorState);
        UriBuilder fromUri = UriBuilder.fromUri(authenticatorState.getClientRedirect());
        fromUri.queryParam("code", IdUtil.toString(oAuthToken.getId()));
        if (!StringUtils.isEmpty(authenticatorState.getClientState())) {
            fromUri.queryParam("state", authenticatorState.getClientState());
        }
        return Response.status(Response.Status.FOUND).location(fromUri.build(new Object[0])).build();
    }
}
