package com.alogic.oauth.server;

import com.alogic.auth.Constants;
import com.alogic.auth.CookieManager;
import com.alogic.auth.Session;
import com.alogic.auth.SessionManager;
import com.alogic.auth.SessionManagerFactory;
import com.alogic.oauth.OAuthConstants;
import com.alogic.xscript.ExecuteWatcher;
import com.alogic.xscript.Logiclet;
import com.alogic.xscript.Script;
import com.alogic.xscript.doc.json.JsonObject;
import com.anysoft.util.BaseException;
import com.anysoft.util.Configurable;
import com.anysoft.util.IOTools;
import com.anysoft.util.Properties;
import com.anysoft.util.PropertiesConstants;
import com.anysoft.util.Settings;
import com.anysoft.util.XMLConfigurable;
import com.anysoft.util.XmlElementProperties;
import com.anysoft.util.XmlTools;
import com.anysoft.webloader.ServletConfigProperties;
import com.anysoft.webloader.ServletHandler;
import com.jayway.jsonpath.spi.JsonProvider;
import com.jayway.jsonpath.spi.JsonProviderFactory;
import com.logicbus.backend.Context;
import com.logicbus.backend.server.http.HttpContext;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.HashMap;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:com/alogic/oauth/server/OAuthHandler.class */
public class OAuthHandler implements ServletHandler, XMLConfigurable, Configurable, OAuthConstants {
    protected static final String DEFAULT = "java:///conf/alogic.oauth.server.xml#App";
    protected String encoding = "utf-8";
    protected String cmdPrefix = "/oauth";
    protected String returnURL = "returnUrl";
    protected String arguRedirectURI = OAuthConstants.ARGU_REDIRECT_URI;
    protected String sessionGroup = "$oauth-server";
    protected String contentType = "application/json;charset=utf-8";
    protected String loginURL = "/login";
    protected Logiclet onAuthorize = null;
    protected Logiclet onAccessToken = null;
    protected Logiclet onRefreshToken = null;
    protected static final Logger LOG = LoggerFactory.getLogger(OAuthHandler.class);
    protected static JsonProvider provider = JsonProviderFactory.createProvider();

    public void configure(Properties properties) {
        this.cmdPrefix = PropertiesConstants.getString(properties, "cmdPrefix", this.cmdPrefix);
        this.returnURL = PropertiesConstants.getString(properties, "auth.para.url", this.returnURL);
        this.loginURL = PropertiesConstants.getString(properties, "auth.page.login", this.loginURL);
        this.arguRedirectURI = PropertiesConstants.getString(properties, "oauth.para.redirectURI", this.arguRedirectURI);
        this.encoding = PropertiesConstants.getString(properties, "http.encoding", this.encoding);
        this.sessionGroup = PropertiesConstants.getString(properties, "oauth.server.group", this.sessionGroup);
    }

    public void configure(Element element, Properties properties) {
        XmlElementProperties xmlElementProperties = new XmlElementProperties(element, properties);
        configure(xmlElementProperties);
        Element firstElementByPath = XmlTools.getFirstElementByPath(element, "on-authorize");
        if (firstElementByPath != null) {
            this.onAuthorize = Script.create(firstElementByPath, xmlElementProperties);
        }
        Element firstElementByPath2 = XmlTools.getFirstElementByPath(element, "on-access-token");
        if (firstElementByPath2 != null) {
            this.onAccessToken = Script.create(firstElementByPath2, xmlElementProperties);
        }
        Element firstElementByPath3 = XmlTools.getFirstElementByPath(element, "on-refresh-token");
        if (firstElementByPath3 != null) {
            this.onRefreshToken = Script.create(firstElementByPath3, xmlElementProperties);
        }
    }

    public void init(ServletConfig servletConfig) throws ServletException {
        ServletConfigProperties servletConfigProperties = new ServletConfigProperties(servletConfig);
        String string = PropertiesConstants.getString(servletConfigProperties, "oauth.server.master", DEFAULT);
        InputStream inputStream = null;
        try {
            try {
                inputStream = Settings.getResourceFactory().load(string, PropertiesConstants.getString(servletConfigProperties, "oauth.server.secondary", DEFAULT), (Object) null);
                Document loadFromInputStream = XmlTools.loadFromInputStream(inputStream);
                if (loadFromInputStream != null) {
                    configure(loadFromInputStream.getDocumentElement(), servletConfigProperties);
                }
                IOTools.close(new Closeable[]{inputStream});
            } catch (Exception e) {
                LOG.error("Can not init gateway with file : " + string);
                IOTools.close(new Closeable[]{inputStream});
            }
        } catch (Throwable th) {
            IOTools.close(new Closeable[]{inputStream});
            throw th;
        }
    }

    public void doService(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws ServletException, IOException {
        SessionManager sessionManager = SessionManagerFactory.getDefault();
        Session session = sessionManager.getSession(httpServletRequest, httpServletResponse, true);
        try {
            String command = getCommand(httpServletRequest.getRequestURI());
            if (StringUtils.isNotEmpty(command)) {
                if (command.startsWith("/authorize")) {
                    doAuthorize(httpServletRequest, httpServletResponse, sessionManager, session);
                    return;
                } else if (command.startsWith("/access_token")) {
                    doAccessToken(httpServletRequest, httpServletResponse, sessionManager, session);
                    return;
                } else if (command.startsWith("/refresh_token")) {
                    doRefreshToken(httpServletRequest, httpServletResponse, sessionManager, session);
                    return;
                }
            }
            doDefault(httpServletRequest, httpServletResponse, sessionManager, session);
        } catch (BaseException e) {
            httpServletResponse.sendError(Constants.E404, String.format("%s:%s", e.getCode(), e.getMessage()));
        }
    }

    protected void doAuthorize(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SessionManager sessionManager, Session session) {
        if (this.onAuthorize == null) {
            throw new BaseException("core.e1000", "onAuthorize is not defined");
        }
        Context.ServantLogicletContext servantLogicletContext = new Context.ServantLogicletContext(new HttpContext(httpServletRequest, httpServletResponse, this.encoding));
        CookieManager.Default r0 = new CookieManager.Default(sessionManager, httpServletRequest, httpServletResponse);
        try {
            servantLogicletContext.setObject(Constants.ID_SESSION, session);
            servantLogicletContext.setObject(Constants.ID_COOKIES, r0);
            JsonObject jsonObject = new JsonObject("root", new HashMap());
            this.onAuthorize.execute(jsonObject, jsonObject, servantLogicletContext, (ExecuteWatcher) null);
            try {
                String string = PropertiesConstants.getString(servantLogicletContext, "$redirectUrl", "");
                if (StringUtils.isEmpty(string)) {
                    httpServletResponse.sendError(Constants.E404, "core.e1000:redirect url is unknown.");
                } else {
                    httpServletResponse.sendRedirect(string);
                }
            } catch (IOException e) {
                LOG.error(e.getMessage());
            }
        } finally {
            servantLogicletContext.removeObject(Constants.ID_SESSION);
            servantLogicletContext.removeObject(Constants.ID_COOKIES);
        }
    }

    protected void doAccessToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SessionManager sessionManager, Session session) {
        if (this.onAccessToken == null) {
            throw new BaseException("core.e1000", "onAccessToken is not defined");
        }
        HttpContext httpContext = new HttpContext(httpServletRequest, httpServletResponse, this.encoding);
        Context.ServantLogicletContext servantLogicletContext = new Context.ServantLogicletContext(httpContext);
        CookieManager.Default r0 = new CookieManager.Default(sessionManager, httpServletRequest, httpServletResponse);
        try {
            servantLogicletContext.setObject(Constants.ID_SESSION, session);
            servantLogicletContext.setObject(Constants.ID_COOKIES, r0);
            JsonObject jsonObject = new JsonObject("root", new HashMap());
            this.onAccessToken.execute(jsonObject, jsonObject, servantLogicletContext, (ExecuteWatcher) null);
            OutputStream outputStream = null;
            try {
                try {
                    String json = provider.toJson(jsonObject.getContent());
                    httpContext.setResponseContentType(this.contentType);
                    outputStream = httpContext.getOutputStream();
                    byte[] bytes = json.getBytes(httpContext.getEncoding());
                    httpContext.setResponseContentLength(bytes.length);
                    Context.writeToOutpuStream(outputStream, bytes);
                    outputStream.flush();
                    IOTools.close(new Closeable[]{outputStream});
                } catch (Exception e) {
                    LOG.error("Error when writing data to outputstream", e);
                    IOTools.close(new Closeable[]{outputStream});
                }
            } catch (Throwable th) {
                IOTools.close(new Closeable[]{outputStream});
                throw th;
            }
        } finally {
            servantLogicletContext.removeObject(Constants.ID_SESSION);
            servantLogicletContext.removeObject(Constants.ID_COOKIES);
        }
    }

    protected void doRefreshToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SessionManager sessionManager, Session session) {
        if (this.onRefreshToken == null) {
            throw new BaseException("core.e1000", "onAccessToken is not defined");
        }
        HttpContext httpContext = new HttpContext(httpServletRequest, httpServletResponse, this.encoding);
        Context.ServantLogicletContext servantLogicletContext = new Context.ServantLogicletContext(httpContext);
        CookieManager.Default r0 = new CookieManager.Default(sessionManager, httpServletRequest, httpServletResponse);
        try {
            servantLogicletContext.setObject(Constants.ID_SESSION, session);
            servantLogicletContext.setObject(Constants.ID_COOKIES, r0);
            JsonObject jsonObject = new JsonObject("root", new HashMap());
            this.onRefreshToken.execute(jsonObject, jsonObject, servantLogicletContext, (ExecuteWatcher) null);
            OutputStream outputStream = null;
            try {
                try {
                    String json = provider.toJson(jsonObject.getContent());
                    httpContext.setResponseContentType(this.contentType);
                    outputStream = httpContext.getOutputStream();
                    byte[] bytes = json.getBytes(httpContext.getEncoding());
                    httpContext.setResponseContentLength(bytes.length);
                    Context.writeToOutpuStream(outputStream, bytes);
                    outputStream.flush();
                    IOTools.close(new Closeable[]{outputStream});
                } catch (Exception e) {
                    LOG.error("Error when writing data to outputstream", e);
                    IOTools.close(new Closeable[]{outputStream});
                }
            } catch (Throwable th) {
                IOTools.close(new Closeable[]{outputStream});
                throw th;
            }
        } finally {
            servantLogicletContext.removeObject(Constants.ID_SESSION);
            servantLogicletContext.removeObject(Constants.ID_COOKIES);
        }
    }

    protected void doDefault(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SessionManager sessionManager, Session session) {
        try {
            httpServletResponse.sendError(Constants.E404, "core.e1000:Function is not supported now.");
        } catch (IOException e) {
            LOG.error(e.getMessage());
        }
    }

    public void destroy() {
    }

    protected String getCommand(String str) {
        return str.startsWith(this.cmdPrefix) ? str.substring(this.cmdPrefix.length()) : "";
    }

    protected String getParameter(HttpServletRequest httpServletRequest, String str, String str2) {
        String parameter = httpServletRequest.getParameter(str);
        return StringUtils.isEmpty(parameter) ? str2 : parameter;
    }
}
