package com.erudika.para.security;

import com.eaio.uuid.UUID;
import com.erudika.para.core.ParaObjectUtils;
import com.erudika.para.core.User;
import com.erudika.para.utils.Config;
import com.erudika.para.utils.Utils;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;

/* loaded from: input_file:com/erudika/para/security/TwitterAuthFilter.class */
public class TwitterAuthFilter extends AbstractAuthenticationProcessingFilter {
    private static final String FLOW_URL1 = "https://api.twitter.com/oauth/request_token";
    private static final String FLOW_URL2 = "https://api.twitter.com/oauth/authenticate?";
    private static final String FLOW_URL3 = "https://api.twitter.com/oauth/access_token";
    private static final String PROFILE_URL = "https://api.twitter.com/1.1/account/verify_credentials.json";
    public static final String TWITTER_ACTION = "twitter_auth";

    public TwitterAuthFilter(String str) {
        super(str);
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Map map;
        String requestURI = httpServletRequest.getRequestURI();
        UserAuthentication userAuthentication = null;
        User user = new User();
        if (requestURI.endsWith(TWITTER_ACTION)) {
            String parameter = httpServletRequest.getParameter("oauth_verifier");
            CloseableHttpClient createDefault = HttpClients.createDefault();
            if (parameter == null) {
                String urlEncode = Utils.urlEncode(httpServletRequest.getRequestURL().toString());
                HashMap hashMap = new HashMap();
                hashMap.put("oauth_callback", new String[]{urlEncode});
                HttpPost httpPost = new HttpPost(FLOW_URL1);
                httpPost.setHeader("Authorization", OAuth1HmacSigner.sign("POST", FLOW_URL1, hashMap, Config.TWITTER_APP_ID, Config.TWITTER_SECRET, null, null));
                httpPost.setHeader("Content-Type", "application/x-www-form-urlencoded");
                CloseableHttpResponse execute = createDefault.execute(httpPost);
                if (execute.getStatusLine().getStatusCode() == 200) {
                    for (String str : EntityUtils.toString(execute.getEntity()).split("&")) {
                        if (str.startsWith("oauth_token")) {
                            httpServletResponse.sendRedirect(FLOW_URL2 + str);
                            return null;
                        }
                    }
                }
            } else {
                String parameter2 = httpServletRequest.getParameter("oauth_token");
                HashMap hashMap2 = new HashMap();
                hashMap2.put("oauth_verifier", new String[]{parameter});
                HttpPost httpPost2 = new HttpPost(FLOW_URL3);
                httpPost2.setEntity(new StringEntity("oauth_verifier=" + parameter));
                httpPost2.setHeader("Authorization", OAuth1HmacSigner.sign("POST", FLOW_URL3, hashMap2, Config.TWITTER_APP_ID, Config.TWITTER_SECRET, parameter2, null));
                httpPost2.setHeader("Content-Type", "application/x-www-form-urlencoded");
                CloseableHttpResponse execute2 = createDefault.execute(httpPost2);
                if (execute2.getStatusLine().getStatusCode() == 200) {
                    String str2 = null;
                    String str3 = null;
                    for (String str4 : EntityUtils.toString(execute2.getEntity()).split("&")) {
                        if (str4.startsWith("oauth_token_secret")) {
                            str3 = str4.substring(19);
                        } else if (str4.startsWith("oauth_token")) {
                            str2 = str4.substring(12);
                        } else if (str4.startsWith("user_id")) {
                            str4.substring(8);
                        }
                    }
                    if (str2 != null && str3 != null) {
                        HashMap hashMap3 = new HashMap();
                        HttpGet httpGet = new HttpGet(PROFILE_URL);
                        httpGet.setHeader("Authorization", OAuth1HmacSigner.sign("GET", PROFILE_URL, hashMap3, Config.TWITTER_APP_ID, Config.TWITTER_SECRET, str2, str3));
                        CloseableHttpResponse execute3 = createDefault.execute(httpGet);
                        if (execute3.getStatusLine().getStatusCode() == 200 && (map = (Map) ParaObjectUtils.getJsonReader(Map.class).readValue(execute3.getEntity().getContent())) != null && map.containsKey("id_str")) {
                            String str5 = (String) map.get("id_str");
                            String str6 = (String) map.get("profile_image_url_https");
                            String str7 = (String) map.get("screen_name");
                            String str8 = (String) map.get("name");
                            user.setIdentifier(Config.TWITTER_PREFIX + str5);
                            user = User.readUserForIdentifier(user);
                            if (user == null) {
                                user = new User();
                                user.setActive(true);
                                user.setEmail(str7 + "@twitter.com");
                                user.setName(StringUtils.isBlank(str8) ? "No Name" : str8);
                                user.setPassword(new UUID().toString());
                                user.setIdentifier(Config.TWITTER_PREFIX + str5);
                                if (str6 != null) {
                                    String replace = str6.replace("_normal", "");
                                    if (replace.indexOf("?") > 0) {
                                        user.setPicture(replace.substring(0, replace.indexOf("?")));
                                    } else {
                                        user.setPicture(replace);
                                    }
                                }
                                if (user.create() == null) {
                                    throw new AuthenticationServiceException("Authentication failed: cannot create new user.");
                                }
                            }
                            userAuthentication = new UserAuthentication(new AuthenticatedUserDetails(user));
                        }
                    }
                }
            }
        }
        if (userAuthentication == null || user == null || user.getIdentifier() == null) {
            throw new BadCredentialsException("Bad credentials.");
        }
        if (user.getActive().booleanValue()) {
            return userAuthentication;
        }
        throw new LockedException("Account is locked.");
    }
}
