package ru.curs.showcase.security.oauth;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.type.TypeFactory;
import com.fasterxml.jackson.module.jaxb.JaxbAnnotationIntrospector;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.Properties;
import org.springframework.http.MediaType;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import ru.curs.showcase.runtime.UserDataUtils;
import ru.curs.showcase.util.TextUtils;
import ru.curs.showcase.util.UserAndSessionDetails;

/* loaded from: input_file:WEB-INF/classes/ru/curs/showcase/security/oauth/Oauth2AuthenticationProvider.class */
public class Oauth2AuthenticationProvider implements AuthenticationProvider {
    private final int startErrorCode = 400;

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) {
        String streamToString;
        Properties generalOauth2Properties = UserDataUtils.getGeneralOauth2Properties();
        if (generalOauth2Properties == null) {
            throw new BadCredentialsException("Oauth2 setting in app.properties not found");
        }
        String str = (String) authentication.getPrincipal();
        if (str == null || str.isEmpty()) {
            throw new BadCredentialsException("Code is null or empty.");
        }
        try {
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(generalOauth2Properties.getProperty(UserDataUtils.OAUTH_TOLEN_URL)).openConnection();
            httpURLConnection.setRequestMethod("POST");
            httpURLConnection.setDoInput(true);
            httpURLConnection.setDoOutput(true);
            httpURLConnection.setInstanceFollowRedirects(false);
            httpURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            httpURLConnection.setRequestProperty("charset", "utf-8");
            String str2 = "grant_type=authorization_code&client_id=" + generalOauth2Properties.getProperty(UserDataUtils.OAUTH_CLIENT_ID) + "&client_secret=" + generalOauth2Properties.getProperty(UserDataUtils.OAUTH_CLIENT_SECRET) + "&code=" + str;
            OutputStream outputStream = httpURLConnection.getOutputStream();
            try {
                outputStream.write(str2.getBytes());
                outputStream.flush();
                ObjectMapper objectMapper = new ObjectMapper();
                objectMapper.setAnnotationIntrospector(new JaxbAnnotationIntrospector(TypeFactory.defaultInstance()));
                if (httpURLConnection.getResponseCode() < 400) {
                    Oauth2Token oauth2Token = (Oauth2Token) objectMapper.readValue(httpURLConnection.getInputStream(), Oauth2Token.class);
                    authentication.setAuthenticated(true);
                    ((UserAndSessionDetails) authentication.getDetails()).setOauth2Token(oauth2Token);
                    outputStream.close();
                    return authentication;
                }
                InputStream errorStream = httpURLConnection.getErrorStream();
                MediaType valueOf = httpURLConnection.getContentType() != null ? MediaType.valueOf(httpURLConnection.getContentType()) : null;
                if (valueOf == null || !MediaType.APPLICATION_JSON.isCompatibleWith(valueOf)) {
                    streamToString = TextUtils.streamToString(errorStream);
                } else {
                    Oauth2TokenError oauth2TokenError = (Oauth2TokenError) objectMapper.readValue(httpURLConnection.getErrorStream(), Oauth2TokenError.class);
                    streamToString = "error: " + oauth2TokenError.getError() + ", description:" + oauth2TokenError.getErrorDescription();
                }
                throw new BadCredentialsException("Bad credentials. Detail: " + streamToString);
            } catch (Throwable th) {
                outputStream.close();
                throw th;
            }
        } catch (Exception e) {
            throw new BadCredentialsException("Authentication oauth2 server is not available: " + e.getMessage(), (Throwable) e);
        }
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return Oauth2AuthenticationToken.class.isAssignableFrom(cls);
    }
}
