package com.erudika.para.server.security.filters;

import ch.qos.logback.classic.spi.CallerData;
import com.erudika.para.core.App;
import com.erudika.para.core.User;
import com.erudika.para.core.utils.Config;
import com.erudika.para.core.utils.ParaObjectUtils;
import com.erudika.para.core.utils.Utils;
import com.erudika.para.server.security.AuthenticatedUserDetails;
import com.erudika.para.server.security.SecurityUtils;
import com.erudika.para.server.security.UserAuthentication;
import com.fasterxml.jackson.databind.ObjectReader;
import com.nimbusds.jwt.JWTClaimNames;
import java.io.IOException;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import org.apache.commons.lang3.StringUtils;
import org.apache.hc.client5.http.classic.methods.HttpGet;
import org.apache.hc.client5.http.config.RequestConfig;
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
import org.apache.hc.client5.http.impl.classic.CloseableHttpResponse;
import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
import org.apache.hc.core5.http.ClassicHttpRequest;
import org.apache.hc.core5.http.HttpEntity;
import org.apache.hc.core5.http.io.entity.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;

/* loaded from: input_file:BOOT-INF/lib/para-server-1.46.1.jar:com/erudika/para/server/security/filters/GoogleAuthFilter.class */
public class GoogleAuthFilter extends AbstractAuthenticationProcessingFilter {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) GoogleAuthFilter.class);
    private final CloseableHttpClient httpclient;
    private final ObjectReader jreader;
    private static final String PROFILE_URL = "https://www.googleapis.com/oauth2/v3/userinfo";
    private static final String TOKEN_URL = "https://www.googleapis.com/oauth2/v4/token";
    private static final String PAYLOAD = "code={0}&redirect_uri={1}&client_id={2}&client_secret={3}&grant_type=authorization_code";
    public static final String GOOGLE_ACTION = "google_auth";

    public GoogleAuthFilter(String str) {
        super(str);
        this.jreader = ParaObjectUtils.getJsonReader(Map.class);
        this.httpclient = HttpClientBuilder.create().setDefaultRequestConfig(RequestConfig.custom().setConnectTimeout(30, TimeUnit.SECONDS).setConnectionRequestTimeout(30, TimeUnit.SECONDS).build()).build();
    }

    /* JADX WARN: Removed duplicated region for block: B:17:0x013b  */
    @Override // org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.springframework.security.core.Authentication attemptAuthentication(javax.servlet.http.HttpServletRequest r8, javax.servlet.http.HttpServletResponse r9) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 362
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.erudika.para.server.security.filters.GoogleAuthFilter.attemptAuthentication(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse):org.springframework.security.core.Authentication");
    }

    public UserAuthentication getOrCreateUser(App app, String str) throws IOException {
        UserAuthentication userAuthentication = null;
        User user = new User();
        if (str != null) {
            HttpGet httpGet = new HttpGet(PROFILE_URL);
            httpGet.setHeader("Authorization", "Bearer " + str);
            Map map = null;
            CloseableHttpResponse execute = this.httpclient.execute((ClassicHttpRequest) httpGet);
            try {
                HttpEntity entity = execute.getEntity();
                if (entity != null) {
                    map = (Map) this.jreader.readValue(entity.getContent());
                    EntityUtils.consumeQuietly(entity);
                }
                if (execute != null) {
                    execute.close();
                }
                if (map == null || !map.containsKey(JWTClaimNames.SUBJECT)) {
                    logger.info("Authentication request failed because user profile doesn't contain the expected attributes");
                } else {
                    String str2 = (String) map.get(JWTClaimNames.SUBJECT);
                    String str3 = (String) map.get("picture");
                    String str4 = (String) map.get("email");
                    String str5 = (String) map.get("name");
                    user.setAppid(getAppid(app));
                    user.setIdentifier(Config.GPLUS_PREFIX.concat(str2));
                    user.setEmail(str4);
                    user = User.readUserForIdentifier(user);
                    if (user == null) {
                        user = new User();
                        user.setActive(true);
                        user.setAppid(getAppid(app));
                        user.setEmail(StringUtils.isBlank(str4) ? Utils.getNewId() + "@google.com" : str4);
                        user.setName(StringUtils.isBlank(str5) ? "No Name" : str5);
                        user.setPassword(Utils.generateSecurityToken());
                        user.setPicture(getPicture(str3));
                        user.setIdentifier(Config.GPLUS_PREFIX.concat(str2));
                        if (user.create() == null) {
                            throw new AuthenticationServiceException("Authentication failed: cannot create new user.");
                        }
                    } else if (updateUserInfo(user, str3, str4, str5)) {
                        user.update();
                    }
                    userAuthentication = new UserAuthentication(new AuthenticatedUserDetails(user));
                }
            } catch (Throwable th) {
                if (execute != null) {
                    try {
                        execute.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
        return SecurityUtils.checkIfActive(userAuthentication, user, false);
    }

    private boolean updateUserInfo(User user, String str, String str2, String str3) {
        String picture = getPicture(str);
        boolean z = false;
        if (!StringUtils.equals(user.getPicture(), picture)) {
            user.setPicture(picture);
            z = true;
        }
        if (!StringUtils.isBlank(str2) && !StringUtils.equals(user.getEmail(), str2)) {
            user.setEmail(str2);
            z = true;
        }
        if (!StringUtils.isBlank(str3) && !StringUtils.equals(user.getName(), str3)) {
            user.setName(str3);
            z = true;
        }
        return z;
    }

    private static String getPicture(String str) {
        if (str != null) {
            return str.contains(CallerData.NA) ? str.substring(0, str.indexOf(63)) : str;
        }
        return null;
    }

    private String getAppid(App app) {
        if (app == null) {
            return null;
        }
        return app.getAppIdentifier();
    }
}
