package fi.foyt.fni.auth;

import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.api.client.googleapis.auth.oauth2.GoogleOAuthConstants;
import fi.foyt.fni.persistence.model.auth.AuthSource;
import fi.foyt.fni.persistence.model.system.SystemSettingKey;
import fi.foyt.fni.persistence.model.users.UserToken;
import fi.foyt.fni.system.SystemSettingsController;
import fi.foyt.fni.utils.auth.OAuthUtils;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.Arrays;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.Locale;
import java.util.Map;
import javax.inject.Inject;
import org.apache.commons.codec.net.URLCodec;
import org.apache.oltu.oauth2.common.OAuth;
import org.scribe.builder.api.Api;
import org.scribe.builder.api.DefaultApi20;
import org.scribe.extractors.AccessTokenExtractor;
import org.scribe.extractors.JsonTokenExtractor;
import org.scribe.model.OAuthConfig;
import org.scribe.model.OAuthRequest;
import org.scribe.model.Response;
import org.scribe.model.Token;
import org.scribe.model.Verb;
import org.scribe.model.Verifier;
import org.scribe.oauth.OAuth20ServiceImpl;
import org.scribe.oauth.OAuthService;

/* loaded from: input_file:WEB-INF/classes/fi/foyt/fni/auth/GoogleAuthenticationStrategy.class */
public class GoogleAuthenticationStrategy extends OAuthAuthenticationStrategy {

    @Inject
    private SystemSettingsController systemSettingsController;

    @JsonIgnoreProperties(ignoreUnknown = true)
    /* loaded from: input_file:WEB-INF/classes/fi/foyt/fni/auth/GoogleAuthenticationStrategy$GoogleAccessToken.class */
    private static class GoogleAccessToken {

        @JsonProperty(OAuth.OAUTH_EXPIRES_IN)
        private Integer expiresIn;

        private GoogleAccessToken() {
        }

        public Integer getExpiresIn() {
            return this.expiresIn;
        }

        public void setExpiresIn(Integer num) {
            this.expiresIn = num;
        }
    }

    /* loaded from: input_file:WEB-INF/classes/fi/foyt/fni/auth/GoogleAuthenticationStrategy$GoogleApi20.class */
    public static class GoogleApi20 extends DefaultApi20 {
        private static final String AUTHORIZATION_URL = "https://accounts.google.com/o/oauth2/auth?client_id=%s&response_type=code&redirect_uri=%s&scope=%s";

        @Override // org.scribe.builder.api.DefaultApi20
        public String getAccessTokenEndpoint() {
            return GoogleOAuthConstants.TOKEN_SERVER_URL;
        }

        @Override // org.scribe.builder.api.DefaultApi20
        public String getAuthorizationUrl(OAuthConfig oAuthConfig) {
            try {
                return String.format(AUTHORIZATION_URL, oAuthConfig.getApiKey(), new String(URLCodec.encodeUrl(null, oAuthConfig.getCallback().getBytes("UTF-8")), "UTF-8"), new String(URLCodec.encodeUrl(null, oAuthConfig.getScope().getBytes("UTF-8")), "UTF-8"));
            } catch (UnsupportedEncodingException e) {
                return null;
            }
        }

        @Override // org.scribe.builder.api.DefaultApi20
        public AccessTokenExtractor getAccessTokenExtractor() {
            return new JsonTokenExtractor();
        }

        @Override // org.scribe.builder.api.DefaultApi20
        public Verb getAccessTokenVerb() {
            return Verb.POST;
        }

        @Override // org.scribe.builder.api.DefaultApi20, org.scribe.builder.api.Api
        public OAuthService createService(OAuthConfig oAuthConfig) {
            return new GoogleService(this, oAuthConfig);
        }
    }

    /* loaded from: input_file:WEB-INF/classes/fi/foyt/fni/auth/GoogleAuthenticationStrategy$GoogleService.class */
    public static class GoogleService extends OAuth20ServiceImpl {
        private OAuthConfig config;
        private DefaultApi20 api;

        public GoogleService(DefaultApi20 defaultApi20, OAuthConfig oAuthConfig) {
            super(defaultApi20, oAuthConfig);
            this.api = defaultApi20;
            this.config = oAuthConfig;
        }

        @Override // org.scribe.oauth.OAuth20ServiceImpl, org.scribe.oauth.OAuthService
        public Token getAccessToken(Token token, Verifier verifier) {
            OAuthRequest oAuthRequest = new OAuthRequest(this.api.getAccessTokenVerb(), this.api.getAccessTokenEndpoint());
            oAuthRequest.addBodyParameter("client_id", this.config.getApiKey());
            oAuthRequest.addBodyParameter("client_secret", this.config.getApiSecret());
            oAuthRequest.addBodyParameter("code", verifier.getValue());
            oAuthRequest.addBodyParameter("redirect_uri", this.config.getCallback());
            oAuthRequest.addBodyParameter(OAuth.OAUTH_GRANT_TYPE, "authorization_code");
            if (this.config.hasScope()) {
                oAuthRequest.addBodyParameter("scope", this.config.getScope());
            }
            Response send = oAuthRequest.send();
            ObjectMapper objectMapper = new ObjectMapper();
            try {
                return this.api.getAccessTokenExtractor().extract(objectMapper.writeValueAsString(objectMapper.readTree(send.getBody())));
            } catch (IOException e) {
                return null;
            }
        }
    }

    @JsonIgnoreProperties(ignoreUnknown = true)
    /* loaded from: input_file:WEB-INF/classes/fi/foyt/fni/auth/GoogleAuthenticationStrategy$GoogleUserInfo.class */
    private static class GoogleUserInfo {
        private String id;
        private String email;

        @JsonProperty("given_name")
        private String givenName;

        @JsonProperty("family_name")
        private String familyName;
        private Locale locale;

        private GoogleUserInfo() {
        }

        public String getId() {
            return this.id;
        }

        public void setId(String str) {
            this.id = str;
        }

        public String getEmail() {
            return this.email;
        }

        public void setEmail(String str) {
            this.email = str;
        }

        public String getGivenName() {
            return this.givenName;
        }

        public void setGivenName(String str) {
            this.givenName = str;
        }

        public String getFamilyName() {
            return this.familyName;
        }

        public void setFamilyName(String str) {
            this.familyName = str;
        }

        public Locale getLocale() {
            return this.locale;
        }

        public void setLocale(Locale locale) {
            this.locale = locale;
        }
    }

    @Override // fi.foyt.fni.auth.AuthenticationStrategy
    public AuthSource getAuthSource() {
        return AuthSource.GOOGLE;
    }

    @Override // fi.foyt.fni.auth.OAuthAuthenticationStrategy
    protected String getApiKey() {
        return this.systemSettingsController.getSetting(SystemSettingKey.GOOGLE_APIKEY);
    }

    @Override // fi.foyt.fni.auth.OAuthAuthenticationStrategy
    protected String getApiSecret() {
        return this.systemSettingsController.getSetting(SystemSettingKey.GOOGLE_APISECRET);
    }

    @Override // fi.foyt.fni.auth.OAuthAuthenticationStrategy
    protected String getCallbackUrl() {
        return this.systemSettingsController.getSetting(SystemSettingKey.GOOGLE_CALLBACKURL);
    }

    @Override // fi.foyt.fni.auth.OAuthAuthenticationStrategy
    protected String[] getRequiredScopes() {
        return new String[]{"https://www.googleapis.com/auth/userinfo.email", "https://www.googleapis.com/auth/userinfo.profile"};
    }

    @Override // fi.foyt.fni.auth.AuthenticationStrategy
    public boolean getSupportLogin() {
        return true;
    }

    @Override // fi.foyt.fni.auth.OAuthAuthenticationStrategy
    protected Api getApi() {
        return new GoogleApi20();
    }

    protected Class<? extends Api> getApiClass() {
        return GoogleApi20.class;
    }

    @Override // fi.foyt.fni.auth.OAuthAuthenticationStrategy
    protected String getVerifier(Map<String, String[]> map) {
        return getParameter(map, "code");
    }

    @Override // fi.foyt.fni.auth.OAuthAuthenticationStrategy
    protected UserToken handleLogin(Locale locale, OAuthService oAuthService, Token token, String[] strArr) throws MultipleEmailAccountsException, EmailDoesNotMatchLoggedUserException, IdentityBelongsToAnotherUserException, ExternalLoginFailedException {
        try {
            ObjectMapper objectMapper = new ObjectMapper();
            GoogleAccessToken googleAccessToken = (GoogleAccessToken) objectMapper.readValue(token.getRawResponse(), GoogleAccessToken.class);
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            gregorianCalendar.setTime(new Date());
            gregorianCalendar.add(13, googleAccessToken.getExpiresIn().intValue());
            Date time = gregorianCalendar.getTime();
            GoogleUserInfo googleUserInfo = (GoogleUserInfo) objectMapper.readValue(OAuthUtils.doGetRequest(oAuthService, token, "https://www.googleapis.com/oauth2/v1/userinfo?alt=json").getBody(), GoogleUserInfo.class);
            String id = googleUserInfo.getId();
            String email = googleUserInfo.getEmail();
            return loginUser(AuthSource.GOOGLE, email, token.getToken(), token.getSecret(), time, id, Arrays.asList(email), googleUserInfo.getGivenName(), googleUserInfo.getFamilyName(), null, googleUserInfo.getLocale(), strArr);
        } catch (IOException e) {
            throw new ExternalLoginFailedException();
        }
    }
}
