package com.atlassian.plugins.authentication.sso.web;

import com.atlassian.plugin.spring.scanner.annotation.imports.ComponentImport;
import com.atlassian.plugins.authentication.api.config.IdpConfig;
import com.atlassian.plugins.authentication.api.config.IdpConfigService;
import com.atlassian.sal.api.message.I18nResolver;
import com.nimbusds.oauth2.sdk.http.HTTPResponse;
import java.io.IOException;
import java.io.Serializable;
import java.util.Optional;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/plugins/authentication/sso/web/LoginServlet.class */
public class LoginServlet extends HttpServlet {
    public static final String URL = "/plugins/servlet/external-login";
    private final Logger log = LoggerFactory.getLogger(LoginServlet.class);
    private final AuthenticationHandlerProvider authenticationHandlerProvider;
    private final IdpConfigService idpConfigService;
    private final I18nResolver i18nResolver;

    public LoginServlet(AuthenticationHandlerProvider authenticationHandlerProvider, IdpConfigService idpConfigService, @ComponentImport I18nResolver i18nResolver) {
        this.authenticationHandlerProvider = authenticationHandlerProvider;
        this.idpConfigService = idpConfigService;
        this.i18nResolver = i18nResolver;
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            long extractIdpIdPathParam = extractIdpIdPathParam(httpServletRequest);
            IdpConfig idpConfig = this.idpConfigService.getIdpConfig(Long.valueOf(extractIdpIdPathParam));
            if (idpConfig == null || !idpConfig.isEnabled()) {
                this.log.error("External login request: could not find enabled IDP configuration with ID '{}'", Long.valueOf(extractIdpIdPathParam));
                httpServletResponse.sendError(HTTPResponse.SC_NOT_FOUND, this.i18nResolver.getText("authentication.config.fail.idp.not.found", new Serializable[]{Long.valueOf(extractIdpIdPathParam)}));
            } else {
                this.authenticationHandlerProvider.getAuthenticationHandler(idpConfig.getSsoType()).processAuthenticationRequest(httpServletRequest, httpServletResponse, extractDestinationParam(httpServletRequest).orElse(null), idpConfig);
            }
        } catch (IllegalArgumentException e) {
            httpServletResponse.sendError(400, e.getMessage());
        }
    }

    private long extractIdpIdPathParam(HttpServletRequest httpServletRequest) {
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo == null) {
            this.log.error("External login request is missing IDP ID path param");
            throw new IllegalArgumentException("Identity Provider ID was not provided in request path");
        }
        String[] split = pathInfo.split("/");
        if (split.length == 2) {
            return parseIdpIdParam(split[1]);
        }
        this.log.error("External login request has unexpected path params: {}", pathInfo);
        throw new IllegalArgumentException("Unexpected path parameters in request");
    }

    private long parseIdpIdParam(String str) {
        try {
            return Long.parseLong(str);
        } catch (NumberFormatException e) {
            this.log.error("External login request IDP ID param not parsable to Long. Was '{}'", str);
            throw new IllegalArgumentException("Invalid Identity Provider ID path parameter");
        }
    }

    private Optional<String> extractDestinationParam(HttpServletRequest httpServletRequest) {
        return Optional.ofNullable(httpServletRequest.getParameter("authDest"));
    }
}
