package org.springframework.security.oauth2.client.web;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.util.UrlUtils;
import org.springframework.util.Assert;
import org.springframework.util.MultiValueMap;
import org.springframework.web.util.UriComponentsBuilder;

/* loaded from: input_file:BOOT-INF/lib/spring-security-oauth2-client-5.5.5.jar:org/springframework/security/oauth2/client/web/OAuth2LoginAuthenticationFilter.class */
public class OAuth2LoginAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    public static final String DEFAULT_FILTER_PROCESSES_URI = "/login/oauth2/code/*";
    private static final String AUTHORIZATION_REQUEST_NOT_FOUND_ERROR_CODE = "authorization_request_not_found";
    private static final String CLIENT_REGISTRATION_NOT_FOUND_ERROR_CODE = "client_registration_not_found";
    private ClientRegistrationRepository clientRegistrationRepository;
    private OAuth2AuthorizedClientRepository authorizedClientRepository;
    private AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository;

    public OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientService oAuth2AuthorizedClientService) {
        this(clientRegistrationRepository, oAuth2AuthorizedClientService, DEFAULT_FILTER_PROCESSES_URI);
    }

    public OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientService oAuth2AuthorizedClientService, String str) {
        this(clientRegistrationRepository, new AuthenticatedPrincipalOAuth2AuthorizedClientRepository(oAuth2AuthorizedClientService), str);
    }

    public OAuth2LoginAuthenticationFilter(ClientRegistrationRepository clientRegistrationRepository, OAuth2AuthorizedClientRepository oAuth2AuthorizedClientRepository, String str) {
        super(str);
        this.authorizationRequestRepository = new HttpSessionOAuth2AuthorizationRequestRepository();
        Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository cannot be null");
        Assert.notNull(oAuth2AuthorizedClientRepository, "authorizedClientRepository cannot be null");
        this.clientRegistrationRepository = clientRegistrationRepository;
        this.authorizedClientRepository = oAuth2AuthorizedClientRepository;
    }

    @Override // org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
        MultiValueMap<String, String> multiMap = OAuth2AuthorizationResponseUtils.toMultiMap(httpServletRequest.getParameterMap());
        if (!OAuth2AuthorizationResponseUtils.isAuthorizationResponse(multiMap)) {
            OAuth2Error oAuth2Error = new OAuth2Error("invalid_request");
            throw new OAuth2AuthenticationException(oAuth2Error, oAuth2Error.toString());
        }
        OAuth2AuthorizationRequest removeAuthorizationRequest = this.authorizationRequestRepository.removeAuthorizationRequest(httpServletRequest, httpServletResponse);
        if (removeAuthorizationRequest == null) {
            OAuth2Error oAuth2Error2 = new OAuth2Error(AUTHORIZATION_REQUEST_NOT_FOUND_ERROR_CODE);
            throw new OAuth2AuthenticationException(oAuth2Error2, oAuth2Error2.toString());
        }
        String str = (String) removeAuthorizationRequest.getAttribute(OAuth2ParameterNames.REGISTRATION_ID);
        ClientRegistration findByRegistrationId = this.clientRegistrationRepository.findByRegistrationId(str);
        if (findByRegistrationId == null) {
            OAuth2Error oAuth2Error3 = new OAuth2Error(CLIENT_REGISTRATION_NOT_FOUND_ERROR_CODE, "Client Registration not found with Id: " + str, null);
            throw new OAuth2AuthenticationException(oAuth2Error3, oAuth2Error3.toString());
        }
        OAuth2AuthorizationResponse convert = OAuth2AuthorizationResponseUtils.convert(multiMap, UriComponentsBuilder.fromHttpUrl(UrlUtils.buildFullRequestUrl(httpServletRequest)).replaceQuery((String) null).build().toUriString());
        Object buildDetails = this.authenticationDetailsSource.buildDetails(httpServletRequest);
        OAuth2LoginAuthenticationToken oAuth2LoginAuthenticationToken = new OAuth2LoginAuthenticationToken(findByRegistrationId, new OAuth2AuthorizationExchange(removeAuthorizationRequest, convert));
        oAuth2LoginAuthenticationToken.setDetails(buildDetails);
        OAuth2LoginAuthenticationToken oAuth2LoginAuthenticationToken2 = (OAuth2LoginAuthenticationToken) getAuthenticationManager().authenticate(oAuth2LoginAuthenticationToken);
        OAuth2AuthenticationToken oAuth2AuthenticationToken = new OAuth2AuthenticationToken(oAuth2LoginAuthenticationToken2.getPrincipal(), oAuth2LoginAuthenticationToken2.getAuthorities(), oAuth2LoginAuthenticationToken2.getClientRegistration().getRegistrationId());
        oAuth2AuthenticationToken.setDetails(buildDetails);
        this.authorizedClientRepository.saveAuthorizedClient(new OAuth2AuthorizedClient(oAuth2LoginAuthenticationToken2.getClientRegistration(), oAuth2AuthenticationToken.getName(), oAuth2LoginAuthenticationToken2.getAccessToken(), oAuth2LoginAuthenticationToken2.getRefreshToken()), oAuth2AuthenticationToken, httpServletRequest, httpServletResponse);
        return oAuth2AuthenticationToken;
    }

    public final void setAuthorizationRequestRepository(AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository) {
        Assert.notNull(authorizationRequestRepository, "authorizationRequestRepository cannot be null");
        this.authorizationRequestRepository = authorizationRequestRepository;
    }
}
