package com.atlassian.oauth.serviceprovider.internal.servlet.authorize;

import com.atlassian.oauth.serviceprovider.ServiceProviderToken;
import com.atlassian.oauth.serviceprovider.ServiceProviderTokenStore;
import com.atlassian.oauth.serviceprovider.internal.Randomizer;
import com.atlassian.sal.api.user.UserManager;
import com.atlassian.templaterenderer.TemplateRenderer;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableMap;
import java.io.IOException;
import java.net.URI;
import java.security.Principal;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.oauth.OAuth;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Qualifier;

/* loaded from: input_file:com/atlassian/oauth/serviceprovider/internal/servlet/authorize/PostAuthorization.class */
final class PostAuthorization implements AuthorizationRequestProcessor {
    private static final String AUTH_NO_CALLBACK_APPROVAL_V1_TEMPLATE = "templates/auth/no-callback-approval-v1.vm";
    private static final String AUTH_NO_CALLBACK_APPROVAL_V1A_TEMPLATE = "templates/auth/no-callback-approval-v1a.vm";
    private static final String AUTH_NO_CALLBACK_DENIED_TEMPLATE = "templates/auth/no-callback-denied.vm";
    private final ServiceProviderTokenStore store;
    private final Randomizer randomizer;
    private final UserManager userManager;
    private final AuthorizationRenderer renderer;
    private final TemplateRenderer templateRenderer;

    public PostAuthorization(@Qualifier("tokenStore") ServiceProviderTokenStore serviceProviderTokenStore, Randomizer randomizer, UserManager userManager, AuthorizationRenderer authorizationRenderer, TemplateRenderer templateRenderer) {
        this.store = (ServiceProviderTokenStore) Preconditions.checkNotNull(serviceProviderTokenStore, "store");
        this.randomizer = (Randomizer) Preconditions.checkNotNull(randomizer, "randomizer");
        this.userManager = (UserManager) Preconditions.checkNotNull(userManager, "userManager");
        this.renderer = (AuthorizationRenderer) Preconditions.checkNotNull(authorizationRenderer, "renderer");
        this.templateRenderer = (TemplateRenderer) Preconditions.checkNotNull(templateRenderer, "templateRenderer");
    }

    @Override // com.atlassian.oauth.serviceprovider.internal.servlet.authorize.AuthorizationRequestProcessor
    public void process(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServiceProviderToken serviceProviderToken) throws IOException {
        ServiceProviderToken deny;
        if (httpServletRequest.getParameter("approve") != null) {
            deny = serviceProviderToken.authorize(getLoggedInUser(httpServletRequest), this.randomizer.randomAlphanumericString(6));
        } else {
            if (httpServletRequest.getParameter("deny") == null) {
                this.renderer.render(httpServletRequest, httpServletResponse, serviceProviderToken);
                return;
            }
            deny = serviceProviderToken.deny(getLoggedInUser(httpServletRequest));
        }
        redirectBackToConsumer(httpServletRequest, httpServletResponse, this.store.put(deny));
    }

    private Principal getLoggedInUser(HttpServletRequest httpServletRequest) {
        return this.userManager.resolve(this.userManager.getRemoteUsername(httpServletRequest));
    }

    private void redirectBackToConsumer(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServiceProviderToken serviceProviderToken) throws IOException {
        if (ServiceProviderToken.Version.V_1_0_A.equals(serviceProviderToken.getVersion())) {
            redirectBackToConsumerVersion1a(httpServletRequest, httpServletResponse, serviceProviderToken);
        } else {
            redirectBackToConsumerVersion1(httpServletRequest, httpServletResponse, serviceProviderToken);
        }
    }

    private void redirectBackToConsumerVersion1(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServiceProviderToken serviceProviderToken) throws IOException {
        String parameter = httpServletRequest.getParameter(OAuth.OAUTH_CALLBACK);
        if (StringUtils.isEmpty(parameter) && serviceProviderToken.getConsumer().getCallback() != null) {
            parameter = serviceProviderToken.getConsumer().getCallback().toString();
        }
        if (!StringUtils.isEmpty(parameter)) {
            if (serviceProviderToken.getToken() != null) {
                parameter = OAuth.addParameters(parameter, OAuth.OAUTH_TOKEN, serviceProviderToken.getToken());
            }
            httpServletResponse.sendRedirect(parameter);
        } else {
            httpServletResponse.setContentType("text/html");
            if (serviceProviderToken.getAuthorization() == ServiceProviderToken.Authorization.AUTHORIZED) {
                this.templateRenderer.render(AUTH_NO_CALLBACK_APPROVAL_V1_TEMPLATE, ImmutableMap.of("token", serviceProviderToken), httpServletResponse.getWriter());
            } else {
                this.templateRenderer.render(AUTH_NO_CALLBACK_DENIED_TEMPLATE, ImmutableMap.of("token", serviceProviderToken), httpServletResponse.getWriter());
            }
        }
    }

    private void redirectBackToConsumerVersion1a(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ServiceProviderToken serviceProviderToken) throws IOException {
        URI callback = serviceProviderToken.getCallback() == null ? serviceProviderToken.getConsumer().getCallback() : serviceProviderToken.getCallback();
        if (callback == null) {
            httpServletResponse.setContentType("text/html");
            if (serviceProviderToken.getAuthorization() == ServiceProviderToken.Authorization.AUTHORIZED) {
                this.templateRenderer.render(AUTH_NO_CALLBACK_APPROVAL_V1A_TEMPLATE, ImmutableMap.of("token", serviceProviderToken), httpServletResponse.getWriter());
                return;
            } else {
                this.templateRenderer.render(AUTH_NO_CALLBACK_DENIED_TEMPLATE, ImmutableMap.of("token", serviceProviderToken), httpServletResponse.getWriter());
                return;
            }
        }
        String uri = callback.toString();
        String[] strArr = new String[4];
        strArr[0] = OAuth.OAUTH_TOKEN;
        strArr[1] = serviceProviderToken.getToken();
        strArr[2] = OAuth.OAUTH_VERIFIER;
        strArr[3] = serviceProviderToken.getAuthorization() == ServiceProviderToken.Authorization.AUTHORIZED ? serviceProviderToken.getVerifier() : "denied";
        httpServletResponse.sendRedirect(OAuth.addParameters(uri, strArr));
    }
}
