package com.nonononoki.alovoa.rest;

import com.nonononoki.alovoa.Tools;
import com.nonononoki.alovoa.config.SecurityConfig;
import com.nonononoki.alovoa.entity.User;
import com.nonononoki.alovoa.html.IndexResource;
import com.nonononoki.alovoa.model.AlovoaException;
import com.nonononoki.alovoa.repo.UserRepository;
import com.nonononoki.alovoa.service.PublicService;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.servlet.http.HttpSession;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.view.RedirectView;

@RequestMapping({"/"})
@RestController
/* loaded from: input_file:BOOT-INF/classes/com/nonononoki/alovoa/rest/Oauth2Controller.class */
public class Oauth2Controller {

    @Autowired
    private UserRepository userRepo;

    @Autowired
    private OAuth2AuthorizedClientService clientService;

    @Autowired
    private IndexResource indexResource;

    @Autowired
    private PublicService publicService;

    @Autowired
    private HttpSession httpSession;

    @Autowired
    private SecurityConfig securityConfig;

    @Autowired
    private HttpServletRequest request;

    @Autowired
    private HttpServletResponse response;

    @Value("${app.first-name.length-max}")
    private int firstNameMaxLength;
    private static final String REDIRECT_URL = "redirect-url";
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) Oauth2Controller.class);
    private static final int REDIRECT_REGISTER = 1;
    private static final int REDIRECT_ONBOARDING = 2;
    private static final int REDIRECT_DEFAULT = 3;
    private static final int HOUR_S = 3600;

    @GetMapping({"/oauth2/authorization/google/{redirectUrlEncoded}"})
    public ModelAndView oauth2Google(@PathVariable String str) {
        this.httpSession.setAttribute("redirect-url", str);
        return new ModelAndView(new RedirectView("/oauth2/authorization/google"));
    }

    @GetMapping({"/oauth2/authorization/facebook/{redirectUrlEncoded}"})
    public ModelAndView oauth2Facebook(@PathVariable String str) {
        this.httpSession.setAttribute("redirect-url", str);
        return new ModelAndView(new RedirectView("/oauth2/authorization/facebook"));
    }

    @GetMapping({"/login/oauth2/success"})
    public ModelAndView oauth2Success() {
        try {
            OAuth2AuthenticationToken oAuth2AuthenticationToken = (OAuth2AuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
            OAuth2AuthorizedClient loadAuthorizedClient = this.clientService.loadAuthorizedClient(oAuth2AuthenticationToken.getAuthorizedClientRegistrationId(), oAuth2AuthenticationToken.getName());
            String uri = loadAuthorizedClient.getClientRegistration().getProviderDetails().getUserInfoEndpoint().getUri();
            if (!uri.isEmpty()) {
                RestTemplate restTemplate = new RestTemplate();
                HttpHeaders httpHeaders = new HttpHeaders();
                httpHeaders.add("Authorization", "Bearer " + loadAuthorizedClient.getAccessToken().getTokenValue());
                Map map = (Map) restTemplate.exchange(uri, HttpMethod.GET, new HttpEntity<>("", httpHeaders), Map.class, new Object[0]).getBody();
                if (map == null) {
                    SecurityContextHolder.clearContext();
                    throw new AlovoaException("oauth_attributes_not_found");
                }
                String str = (String) map.get("given_name");
                if (str == null) {
                    str = (String) map.get("name");
                    if (str.contains(" ")) {
                        str = str.split(" ")[0];
                        if (str.length() > this.firstNameMaxLength) {
                            str = str.substring(0, this.firstNameMaxLength);
                        }
                    }
                }
                if (map.get("email") == null) {
                    SecurityContextHolder.clearContext();
                    throw new AlovoaException(this.publicService.text("backend.error.register.oauth.email-invalid"));
                }
                String lowerCase = ((String) map.get("email")).toLowerCase();
                User findByEmail = this.userRepo.findByEmail(lowerCase);
                if (findByEmail == null) {
                    findByEmail = new User(lowerCase);
                }
                if (findByEmail.isAdmin()) {
                    SecurityContextHolder.clearContext();
                    throw new AlovoaException("not_supported_for_admin");
                }
                if (!findByEmail.isConfirmed()) {
                    if (this.httpSession.getAttribute("redirect-url") == null) {
                        return this.indexResource.index();
                    }
                    String oauthParams = getOauthParams(lowerCase, str, 1);
                    String str2 = new String(Base64.getDecoder().decode((String) this.httpSession.getAttribute("redirect-url")), StandardCharsets.UTF_8);
                    this.httpSession.removeAttribute("redirect-url");
                    return new ModelAndView(new RedirectView(str2 + oauthParams));
                }
                if (this.httpSession.getAttribute("redirect-url") == null) {
                    return new ModelAndView("redirect:/login");
                }
                int i = 3;
                if (!findByEmail.isAdmin() && findByEmail.getProfilePicture() == null && findByEmail.getDescription() == null) {
                    i = 2;
                }
                String oauthParams2 = getOauthParams(lowerCase, str, i);
                String str3 = new String(Base64.getDecoder().decode((String) this.httpSession.getAttribute("redirect-url")), StandardCharsets.UTF_8);
                this.httpSession.removeAttribute("redirect-url");
                return new ModelAndView(new RedirectView(str3 + oauthParams2));
            }
        } catch (AlovoaException e) {
            return new ModelAndView("redirect:/?register.oauth.email-invalid");
        } catch (Exception e2) {
            logger.error(e2.getMessage(), (Throwable) e2);
        }
        return new ModelAndView("redirect:/login");
    }

    @GetMapping({"/oauth2/remember-me-cookie/{rememberCookieValue}/{sessionId}"})
    public void getRememberMeCookie(@PathVariable String str, @PathVariable String str2) {
        this.response.addCookie(this.securityConfig.getOAuthRememberMeServices().getRememberMeCookie(str, this.request, this.response));
        Cookie cookie = new Cookie(SecurityConfig.COOKIE_SESSION, str2);
        cookie.setMaxAge(HOUR_S);
        cookie.setPath("/");
        cookie.setSecure(this.request.isSecure());
        cookie.setHttpOnly(true);
        this.response.addCookie(cookie);
    }

    private String getOauthParams(String str, String str2, int i) {
        return Tools.getAuthParams(this.securityConfig, this.httpSession.getId(), str, str2, i);
    }
}
