package com.oxygenxml.positron.plugin.auth;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.nimbusds.oauth2.sdk.http.HTTPResponse;
import com.oxygenxml.positron.core.auth.ConnectionTokens;
import com.oxygenxml.positron.core.auth.data.Auth0User;
import com.oxygenxml.positron.core.auth.data.ConnectionDataDecoder;
import com.oxygenxml.positron.core.auth.exceptions.ServerRequestException;
import java.io.IOException;
import java.util.Objects;
import java.util.regex.Pattern;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import ro.sync.ecss.extensions.api.webapp.plugin.ServletPluginExtension;
import ro.sync.ecss.extensions.api.webapp.plugin.servlet.ServletException;
import ro.sync.ecss.extensions.api.webapp.plugin.servlet.http.HttpServletRequest;
import ro.sync.ecss.extensions.api.webapp.plugin.servlet.http.HttpServletResponse;

/* loaded from: input_file:web-author-ai-positron-enterprise-plugin-4.0.0-SNAPSHOT/lib/web-author-ai-positron-enterprise-plugin-4.0.0-SNAPSHOT.jar:com/oxygenxml/positron/plugin/auth/PositronAuthServlet.class */
public class PositronAuthServlet extends ServletPluginExtension {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) PositronAuthServlet.class);
    private Pattern callbackPattern;
    private Pattern authzUrlPattern;
    private Pattern disconnectUrlPattern;
    private Pattern userInfoPattern;
    private CredentialsManager credentialsManager;
    private Auth0Service auth0Service;

    public String getPath() {
        return "positron-auth";
    }

    public void init() throws ServletException {
        this.callbackPattern = Pattern.compile("/callback/?$");
        this.authzUrlPattern = Pattern.compile("/connect$");
        this.disconnectUrlPattern = Pattern.compile("/disconnect$");
        this.userInfoPattern = Pattern.compile("/user-info$");
        this.auth0Service = new Auth0Service();
        this.credentialsManager = CredentialsManager.getInstance();
    }

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String pathInfo = httpServletRequest.getPathInfo();
        if (log.isDebugEnabled()) {
            log.debug("GET request for: " + pathInfo);
        }
        if (this.callbackPattern.matcher(pathInfo).find()) {
            handleCallbackRequest(httpServletRequest, httpServletResponse);
            return;
        }
        if (this.authzUrlPattern.matcher(pathInfo).find()) {
            handleConnectionRequest(httpServletResponse);
        } else if (this.userInfoPattern.matcher(pathInfo).find()) {
            handleUserInfoRequest(httpServletRequest, httpServletResponse);
        } else {
            httpServletResponse.setStatus(HTTPResponse.SC_NOT_FOUND);
        }
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String pathInfo = httpServletRequest.getPathInfo();
        if (log.isDebugEnabled()) {
            log.debug("POST request for: " + pathInfo);
        }
        if (this.disconnectUrlPattern.matcher(pathInfo).find()) {
            handleDisconnectRequest(httpServletRequest, httpServletResponse);
        } else {
            httpServletResponse.setStatus(HTTPResponse.SC_NOT_FOUND);
        }
    }

    private void handleConnectionRequest(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.sendRedirect(this.auth0Service.buildAuthorizeUrl(this.credentialsManager.getAuthDomain(), this.credentialsManager.getClientId(), this.credentialsManager.getRedirectUri(), this.credentialsManager.getAudience()));
    }

    private void handleCallbackRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        boolean z = false;
        try {
            String parameter = httpServletRequest.getParameter("code");
            if (parameter != null && !parameter.trim().isEmpty()) {
                ConnectionTokens exchangeAuthCodeForToken = this.auth0Service.exchangeAuthCodeForToken(this.credentialsManager.getAuthDomain(), this.credentialsManager.getClientId(), this.credentialsManager.getClientSecret(), parameter, this.credentialsManager.getRedirectUri());
                debugLoggingForTokens(exchangeAuthCodeForToken);
                if (exchangeAuthCodeForToken != null && exchangeAuthCodeForToken.getAccessToken() != null && exchangeAuthCodeForToken.getRefreshToken() != null) {
                    Auth0User userInfo = ConnectionDataDecoder.getUserInfo(exchangeAuthCodeForToken.getIdToken());
                    debugLoggingForAuthInfo(userInfo);
                    if (userInfo != null) {
                        this.credentialsManager.storeSession(httpServletRequest.getSession().getId(), exchangeAuthCodeForToken.getAccessToken(), exchangeAuthCodeForToken.getRefreshToken(), userInfo);
                        z = true;
                    }
                }
            }
        } catch (ServerRequestException e) {
            log.debug(e.getMessage(), (Throwable) e);
        }
        if (z) {
            httpServletResponse.setStatus(200);
        } else {
            httpServletResponse.setStatus(400);
        }
        httpServletResponse.setHeader("Content-Type", "text/html");
        httpServletResponse.setHeader("Content-Security-Policy", "script-src 'sha256-srt4+YmZAgDWAXFdTxU3/IYjXdFyzk1Dum9iF8b6EG0=';");
        httpServletResponse.getWriter().write("<!DOCTYPE html>\n<html lang=\"en\"><head><meta charset=\"UTF-8\"><title>t</title><script>window.open('', '_self').close();</script></head></html>");
    }

    private void handleDisconnectRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        this.credentialsManager.invalidateSession(httpServletRequest.getSession().getId());
        httpServletResponse.setStatus(200);
    }

    private void handleUserInfoRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Auth0User userInfo = this.credentialsManager.getUserInfo(httpServletRequest.getSession().getId());
        if (userInfo != null) {
            writeUserInfo(httpServletResponse, userInfo);
        } else {
            httpServletResponse.setStatus(401);
        }
    }

    private void writeUserInfo(HttpServletResponse httpServletResponse, Auth0User auth0User) throws JsonProcessingException, IOException {
        httpServletResponse.setStatus(200);
        httpServletResponse.setHeader("Content-Type", "application/json;");
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.getWriter().write(new ObjectMapper().writeValueAsString(auth0User));
        httpServletResponse.getWriter().flush();
    }

    private void debugLoggingForAuthInfo(Auth0User auth0User) {
        if (log.isDebugEnabled()) {
            log.debug("Auth0 user info was computed: " + Objects.nonNull(auth0User));
        }
    }

    private void debugLoggingForTokens(ConnectionTokens connectionTokens) {
        if (log.isDebugEnabled()) {
            if (!Objects.nonNull(connectionTokens)) {
                log.debug("Failed to compute connection tokens.");
                return;
            }
            log.debug("Connection tokens were computed");
            log.debug("ID token was detected: " + Objects.nonNull(connectionTokens.getIdToken()));
            log.debug("Access token was detected: " + Objects.nonNull(connectionTokens.getAccessToken()));
            log.debug("Refresh token was detected: " + Objects.nonNull(connectionTokens.getRefreshToken()));
        }
    }
}
