package com.supermap.services.rest.resources.impl;

import com.supermap.server.api.Server;
import com.supermap.server.common.ServerContainer;
import com.supermap.server.config.OAuthConfig;
import com.supermap.services.rest.HttpException;
import com.supermap.services.security.BuiltInToken;
import com.supermap.services.security.Constant;
import com.supermap.services.security.OAuth2Client;
import com.supermap.services.security.SecurityUtility;
import com.supermap.services.security.ShiroUtil;
import com.supermap.services.util.ProductTypeUtil;
import java.io.IOException;
import java.net.URISyntaxException;
import java.util.Map;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.GET;
import javax.ws.rs.core.Context;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.web.util.WebUtils;
import org.json.JSONException;

/* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/rest/resources/impl/OAuthLoginCallbackResource.class */
public class OAuthLoginCallbackResource {
    private OAuth2Client a;
    private String b;

    public OAuthLoginCallbackResource(OAuth2Client oAuth2Client, String str) {
        this.b = "";
        this.a = oAuth2Client;
        this.b = str;
    }

    @GET
    public Object get(@Context HttpServletRequest httpServletRequest, @Context HttpServletResponse httpServletResponse, @Context ServletContext servletContext) throws IOException, URISyntaxException, JSONException {
        Map<String, String> paramaters = OAuthLoginResource.getParamaters(httpServletRequest.getQueryString());
        if (StringUtils.isNotBlank(paramaters.get("error"))) {
            String str = httpServletRequest.getScheme() + "://" + httpServletRequest.getHeader("Host") + httpServletRequest.getContextPath();
            if (ProductTypeUtil.getProductType().equals(ProductTypeUtil.ProductType.iPortal)) {
                WebUtils.issueRedirect(httpServletRequest, httpServletResponse, str + "/web/login");
                return null;
            }
            WebUtils.issueRedirect(httpServletRequest, httpServletResponse, str + httpServletRequest.getServletPath() + "/login");
            return null;
        }
        String str2 = paramaters.get("state");
        String valueOf = String.valueOf(httpServletRequest.getSession().getAttribute(Constant.OAUTH_ATTRIBUTE_STATE));
        if (StringUtils.isNotBlank(valueOf) && !valueOf.equals(str2)) {
            throw new HttpException(401, "argument state does not match!");
        }
        String str3 = paramaters.get("code");
        String str4 = null;
        String str5 = null;
        String str6 = null;
        OAuthConfig a = a(str2.substring(0, StringUtils.indexOf(str2, "s")));
        if (a != null) {
            str4 = a.clientID;
            str5 = a.clientSecret;
            str6 = httpServletRequest.getScheme() + "://" + a.redirectDomain + ":" + httpServletRequest.getServerPort() + httpServletRequest.getRequestURI();
        }
        String accesstoken = this.a.getAccesstoken(str4, str5, str3, str6);
        String userID = this.a.getUserID(accesstoken);
        String userNameByOpenID = SecurityUtility.getOAuth2UserDAO(servletContext).getUserNameByOpenID(userID, this.b);
        String str7 = httpServletRequest.getScheme() + "://" + httpServletRequest.getHeader("Host") + httpServletRequest.getContextPath() + httpServletRequest.getServletPath();
        if (StringUtils.isNotBlank(userNameByOpenID)) {
            ShiroUtil.login(httpServletRequest, httpServletResponse, new BuiltInToken(userNameByOpenID).lookupPermission(true).lookupRole(true).save(true));
            WebUtils.issueRedirect(httpServletRequest, httpServletResponse, str7 + "/login/notfirst");
            return null;
        }
        httpServletRequest.getSession().setAttribute(Constant.OAUTH_ATTRIBUTE_TOKEN_, accesstoken);
        httpServletRequest.getSession().setAttribute(Constant.OAUTH_ATTRIBUTE_OPEN_ID, userID);
        httpServletRequest.getSession().setAttribute(Constant.OAUTH_ATTRIBUTE_CLIENT_ID, str4);
        WebUtils.issueRedirect(httpServletRequest, httpServletResponse, str7 + "/login/" + this.b.toLowerCase() + "/first");
        return null;
    }

    private static OAuthConfig a(String str) {
        Server current = ServerContainer.getCurrent();
        if (current == null) {
            return null;
        }
        for (OAuthConfig oAuthConfig : current.getConfig().getOAuthConfigs()) {
            if (String.valueOf(oAuthConfig.id).equals(str)) {
                return oAuthConfig;
            }
        }
        return null;
    }
}
