package org.sharextras.webscripts.connector;

import java.text.MessageFormat;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.json.JSONException;
import org.json.JSONObject;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.extensions.surf.ServletUtil;
import org.springframework.extensions.surf.exception.AuthenticationException;
import org.springframework.extensions.surf.exception.ConnectorServiceException;
import org.springframework.extensions.surf.exception.CredentialVaultProviderException;
import org.springframework.extensions.surf.support.ThreadLocalRequestContext;
import org.springframework.extensions.surf.util.URLEncoder;
import org.springframework.extensions.webscripts.WebScriptException;
import org.springframework.extensions.webscripts.connector.AbstractAuthenticator;
import org.springframework.extensions.webscripts.connector.Connector;
import org.springframework.extensions.webscripts.connector.ConnectorService;
import org.springframework.extensions.webscripts.connector.ConnectorSession;
import org.springframework.extensions.webscripts.connector.Credentials;
import org.springframework.extensions.webscripts.connector.RemoteClient;
import org.springframework.extensions.webscripts.connector.Response;
import org.springframework.extensions.webscripts.connector.User;

/* loaded from: input_file:org/sharextras/webscripts/connector/OAuth2Authenticator.class */
public class OAuth2Authenticator extends AbstractAuthenticator implements ApplicationContextAware {
    private ApplicationContext applicationContext;
    private static Log logger = LogFactory.getLog(OAuth2Authenticator.class);
    private static final String ENDPOINT_ALFRESCO = "alfresco";
    private static final String VAULT_PROVIDER_ID = "oAuth2CredentialVaultProvider";
    protected static final String POST_LOGIN = "grant_type=refresh_token&refresh_token={0}&client_id={1}";
    protected static final String MIMETYPE_URLENCODED = "x-www-form-urlencoded";
    public static final String CS_PARAM_ACCESS_TOKEN = "accessToken";
    public static final String CS_PARAM_REFRESH_TOKEN = "refreshToken";
    private String requestTokenUri;

    public OAuth2Authenticator() {
        if (logger.isDebugEnabled()) {
            logger.debug("Creating new OAuth 2.0 authenticator");
        }
    }

    public void setApplicationContext(ApplicationContext applicationContext) {
        this.applicationContext = applicationContext;
    }

    public ConnectorSession authenticate(String str, Credentials credentials, ConnectorSession connectorSession) throws AuthenticationException {
        ConnectorSession connectorSession2 = null;
        Credentials credentials2 = null;
        try {
            Connector connector = ((ConnectorService) this.applicationContext.getBean("connector.service")).getConnector(ENDPOINT_ALFRESCO);
            connector.setCredentials(credentials);
            OAuth2CredentialVault oAuth2CredentialVault = new OAuth2CredentialVault("standaloneVault");
            oAuth2CredentialVault.setAlfrescoConnector(connector);
            credentials2 = oAuth2CredentialVault.retrieve(connectorSession.getEndpointId());
        } catch (ConnectorServiceException e) {
            e.printStackTrace();
        }
        if (credentials2 != null && credentials2.getProperty("accessToken") != null) {
            credentials.setProperty("accessToken", credentials2.getProperty("accessToken"));
            connectorSession2 = connectorSession;
        } else if (credentials2 != null && credentials2.getProperty("refreshToken") != null) {
            String str2 = (String) credentials2.getProperty("refreshToken");
            RemoteClient buildRemoteClient = buildRemoteClient(str);
            buildRemoteClient.setRequestContentType(MIMETYPE_URLENCODED);
            Response call = buildRemoteClient.call(getRequestTokenUri(), MessageFormat.format(POST_LOGIN, URLEncoder.encodeUriComponent(str2), URLEncoder.encodeUriComponent(getClientId())));
            if (call.getStatus().getCode() == 200) {
                try {
                    String string = new JSONObject(call.getResponse()).getString("access_token");
                    if (logger.isDebugEnabled()) {
                        logger.debug("Parsed access token: " + string);
                    }
                    if (credentials != null) {
                        credentials.setProperty("accessToken", string);
                        connectorSession2 = connectorSession;
                    }
                } catch (JSONException e2) {
                    throw new AuthenticationException("Unable to retrieve access token from provider response", e2);
                }
            } else if (logger.isDebugEnabled()) {
                logger.debug("Token refresh failed, received response code: " + call.getStatus().getCode());
            }
        } else if (logger.isDebugEnabled()) {
            logger.debug("No user credentials available - cannot authenticate.");
        }
        return connectorSession2;
    }

    public boolean isAuthenticated(String str, ConnectorSession connectorSession) {
        return connectorSession.getParameter("accessToken") != null;
    }

    public boolean isAuthenticated(String str, Credentials credentials, ConnectorSession connectorSession) {
        return credentials.getProperty("accessToken") != null;
    }

    private String getClientId() {
        return "";
    }

    private String getRequestTokenUri() {
        return this.requestTokenUri;
    }

    private Credentials loadOAuthCredentials(String str) throws AuthenticationException {
        HttpSession session = ServletUtil.getSession();
        User user = ThreadLocalRequestContext.getRequestContext().getUser();
        ConnectorService connectorService = (ConnectorService) this.applicationContext.getBean("connector.service");
        String id = user.getId();
        try {
            if (connectorService == null) {
                throw new AuthenticationException("Unable to load connector service");
            }
            return connectorService.getCredentialVault(session, id, "oAuth2CredentialVaultProvider").retrieve(str);
        } catch (CredentialVaultProviderException e) {
            throw new WebScriptException("Unable to obtain credential vault for OAuth credentials", e);
        }
    }
}
