package uk.co.epsilontechnologies.hmrc4j.core.oauth20.servlet;

import java.io.IOException;
import java.util.Optional;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import uk.co.epsilontechnologies.hmrc4j.core.HmrcCredentials;
import uk.co.epsilontechnologies.hmrc4j.core.HmrcFactory;
import uk.co.epsilontechnologies.hmrc4j.core.model.error.InvalidStateException;
import uk.co.epsilontechnologies.hmrc4j.core.model.error.RedirectUriMismatchException;
import uk.co.epsilontechnologies.hmrc4j.core.model.error.UserDeniedAuthorizationException;
import uk.co.epsilontechnologies.hmrc4j.core.oauth20.TokenStore;

/* loaded from: input_file:uk/co/epsilontechnologies/hmrc4j/core/oauth20/servlet/AbstractAuthorizeRedirectServlet.class */
public abstract class AbstractAuthorizeRedirectServlet extends HttpServlet {
    private final HmrcCredentials hmrcCredentials;

    public AbstractAuthorizeRedirectServlet(HmrcCredentials hmrcCredentials) {
        this.hmrcCredentials = hmrcCredentials;
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            handleAuthorization(httpServletRequest);
            httpServletResponse.sendRedirect(successRedirect());
        } catch (Exception e) {
            httpServletResponse.sendRedirect(failureRedirect(e));
        }
    }

    protected abstract String successRedirect();

    protected abstract String failureRedirect(Exception exc);

    protected abstract TokenStore getTokenStore(HttpServletRequest httpServletRequest);

    private void handleAuthorization(HttpServletRequest httpServletRequest) throws UserDeniedAuthorizationException, RedirectUriMismatchException {
        TokenStore tokenStore = getTokenStore(httpServletRequest);
        if (!isStateValid(httpServletRequest, tokenStore)) {
            throw new InvalidStateException();
        }
        HmrcFactory.createForUserRestrictedAccess(this.hmrcCredentials, tokenStore).exchange(optionalParameter("code", httpServletRequest).orElseThrow(UserDeniedAuthorizationException::new));
    }

    private boolean isStateValid(HttpServletRequest httpServletRequest, TokenStore tokenStore) {
        return !tokenStore.getState().isPresent() || tokenStore.getState().get().equals(optionalParameter("state", httpServletRequest).orElse(""));
    }

    private Optional<String> optionalParameter(String str, HttpServletRequest httpServletRequest) {
        return Optional.ofNullable(parameter(str, httpServletRequest));
    }

    private String parameter(String str, HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(str);
    }
}
