package com.atlassian.oauth.serviceprovider.internal.servlet.authorize;

import com.atlassian.oauth.serviceprovider.ServiceProviderToken;
import com.atlassian.oauth.serviceprovider.internal.servlet.OAuthProblemUtils;
import com.atlassian.oauth.serviceprovider.internal.servlet.TokenLoader;
import com.atlassian.oauth.serviceprovider.internal.servlet.TransactionalServlet;
import com.atlassian.oauth.shared.servlet.ResponseHeaderUtil;
import com.atlassian.sal.api.ApplicationProperties;
import com.atlassian.sal.api.message.I18nResolver;
import com.atlassian.sal.api.transaction.TransactionTemplate;
import com.atlassian.templaterenderer.TemplateRenderer;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableMap;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.oauth.OAuth;
import net.oauth.OAuthException;
import net.oauth.OAuthProblemException;
import net.oauth.server.OAuthServlet;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;

/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-oauth-service-provider-plugin-2.0.4.jar:com/atlassian/oauth/serviceprovider/internal/servlet/authorize/AuthorizeServlet.class */
public final class AuthorizeServlet extends TransactionalServlet {
    static final int VERIFIER_LENGTH = 6;
    private static final String AUTH_ERROR_TEMPLATE = "templates/auth/authorize-error.vm";
    private final Logger log;
    private final AuthorizationRequestProcessor get;
    private final AuthorizationRequestProcessor post;
    private final TokenLoader loader;
    private final LoginRedirector loginRedirector;
    private final ApplicationProperties applicationProperties;
    private final TemplateRenderer templateRenderer;
    private final I18nResolver i18nResolver;

    public AuthorizeServlet(@Qualifier("getAuthorizationProcessor") AuthorizationRequestProcessor authorizationRequestProcessor, @Qualifier("postAuthorizationProcessor") AuthorizationRequestProcessor authorizationRequestProcessor2, TokenLoader tokenLoader, LoginRedirector loginRedirector, ApplicationProperties applicationProperties, TransactionTemplate transactionTemplate, TemplateRenderer templateRenderer, I18nResolver i18nResolver) {
        super(transactionTemplate);
        this.log = LoggerFactory.getLogger(getClass());
        this.get = (AuthorizationRequestProcessor) Preconditions.checkNotNull(authorizationRequestProcessor, "get");
        this.post = (AuthorizationRequestProcessor) Preconditions.checkNotNull(authorizationRequestProcessor2, "post");
        this.loader = (TokenLoader) Preconditions.checkNotNull(tokenLoader, "loader");
        this.loginRedirector = (LoginRedirector) Preconditions.checkNotNull(loginRedirector, "loginRedirector");
        this.applicationProperties = (ApplicationProperties) Preconditions.checkNotNull(applicationProperties, "applicationProperties");
        this.templateRenderer = (TemplateRenderer) Preconditions.checkNotNull(templateRenderer, "templateRenderer");
        this.i18nResolver = (I18nResolver) Preconditions.checkNotNull(i18nResolver, "i18nResolver");
    }

    @Override // com.atlassian.oauth.serviceprovider.internal.servlet.TransactionalServlet
    public void doGetInTransaction(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        process(this.get, httpServletRequest, httpServletResponse);
        ResponseHeaderUtil.preventCrossFrameClickJacking(httpServletResponse);
    }

    @Override // com.atlassian.oauth.serviceprovider.internal.servlet.TransactionalServlet
    public void doPostInTransaction(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        process(this.post, httpServletRequest, httpServletResponse);
        ResponseHeaderUtil.preventCrossFrameClickJacking(httpServletResponse);
    }

    private void process(AuthorizationRequestProcessor authorizationRequestProcessor, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        try {
            ServiceProviderToken tokenForAuthorization = this.loader.getTokenForAuthorization(httpServletRequest);
            if (this.loginRedirector.isLoggedIn(httpServletRequest)) {
                authorizationRequestProcessor.process(httpServletRequest, httpServletResponse, tokenForAuthorization);
            } else {
                this.loginRedirector.redirectToLogin(httpServletRequest, httpServletResponse);
            }
        } catch (OAuthException e) {
            if (e instanceof OAuthProblemException) {
                OAuthProblemUtils.logOAuthProblem(OAuthServlet.getMessage(httpServletRequest, null), (OAuthProblemException) e, this.log);
            }
            OAuthServlet.handleException(httpServletResponse, e, this.applicationProperties.getBaseUrl(), false);
            httpServletResponse.setContentType("text/html");
            httpServletResponse.setCharacterEncoding("UTF-8");
            ImmutableMap.Builder builder = ImmutableMap.builder();
            builder.put("message", getMessage(e));
            builder.put("applicationProperties", this.applicationProperties);
            this.templateRenderer.render(AUTH_ERROR_TEMPLATE, builder.build(), httpServletResponse.getWriter());
        }
    }

    private String getMessage(OAuthException oAuthException) {
        if (oAuthException instanceof OAuthProblemException) {
            OAuthProblemException oAuthProblemException = (OAuthProblemException) oAuthException;
            if (OAuth.Problems.TOKEN_REJECTED.equals(oAuthProblemException.getProblem())) {
                return this.i18nResolver.getText("com.atlassian.oauth.serviceprovider.authorize.error.token.rejected");
            }
            if (OAuth.Problems.TOKEN_USED.equals(oAuthProblemException.getProblem())) {
                return this.i18nResolver.getText("com.atlassian.oauth.serviceprovider.authorize.error.token.used");
            }
            if (OAuth.Problems.TOKEN_EXPIRED.equals(oAuthProblemException.getProblem())) {
                return this.i18nResolver.getText("com.atlassian.oauth.serviceprovider.authorize.error.token.expired");
            }
        }
        return this.i18nResolver.getText("com.atlassian.oauth.serviceprovider.authorize.error.generic");
    }
}
