package org.tiogasolutions.lib.security.providers;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.tiogasolutions.dev.common.StringUtils;
import org.tiogasolutions.dev.common.exceptions.ApiException;
import org.tiogasolutions.dev.domain.account.CurrentUserSource;
import org.tiogasolutions.dev.domain.account.CurrentUserStore;
import org.tiogasolutions.dev.jackson.TiogaJacksonObjectMapper;
import org.tiogasolutions.lib.security.CurrentUser;
import org.tiogasolutions.lib.security.providers.google.GoogleAuthentication;
import org.tiogasolutions.lib.security.providers.google.UserInfo;

/* loaded from: input_file:org/tiogasolutions/lib/security/providers/GooglePlusSecurityProvider.class */
public class GooglePlusSecurityProvider extends AbstractUserDetailsAuthenticationProvider {
    private static final Log log = LogFactory.getLog(GooglePlusSecurityProvider.class);
    private final String clientSecret;
    private final String clientId;
    private final CurrentUserStore store;
    private final ObjectMapper objectMapper;

    public GooglePlusSecurityProvider(CurrentUserStore currentUserStore, ObjectMapper objectMapper, String str, String str2) {
        this.store = currentUserStore;
        this.objectMapper = objectMapper;
        this.clientId = str;
        this.clientSecret = str2;
    }

    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        if (!ProviderUtils.isGoogleAuthentication(usernamePasswordAuthenticationToken) || userDetails == null) {
            throw new BadCredentialsException(CurrentUser.INVALID_USER_NAME_OR_PASSWORD);
        }
    }

    protected UserDetails retrieveUser(String str, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        try {
            if (!ProviderUtils.isGoogleAuthentication(usernamePasswordAuthenticationToken)) {
                throw new UsernameNotFoundException("Not Goolge Authentication");
            }
            CurrentUserSource currentUserSourceByEmail = this.store.getCurrentUserSourceByEmail(getUserInfo(getAuthResponse(usernamePasswordAuthenticationToken.getCredentials().toString(), this.clientId, this.clientSecret)).getEmail());
            if (currentUserSourceByEmail == null) {
                throw new BadCredentialsException(CurrentUser.INVALID_USER_NAME_OR_PASSWORD);
            }
            return new CurrentUser(currentUserSourceByEmail);
        } catch (IOException e) {
            throw ApiException.internalServerError("Exception during Google-Authentication", e, new String[0]);
        }
    }

    public static UserInfo getUserInfo(GoogleAuthentication googleAuthentication) throws IOException {
        Client build = ClientBuilder.newBuilder().build();
        UriBuilder fromUri = UriBuilder.fromUri("https://www.googleapis.com/oauth2/v1/userinfo");
        fromUri.queryParam("alt", new Object[]{"json"});
        fromUri.queryParam("access_token", new Object[]{googleAuthentication.getAccessToken()});
        return (UserInfo) new TiogaJacksonObjectMapper().readValue((String) build.target(fromUri).request(new MediaType[]{MediaType.APPLICATION_JSON_TYPE}).get().readEntity(String.class), UserInfo.class);
    }

    public GoogleAuthentication getAuthResponse(String str, String str2, String str3) throws IOException {
        Client build = ClientBuilder.newBuilder().build();
        Form form = new Form();
        form.param("code", str);
        form.param("client_id", str2);
        form.param("client_secret", str3);
        form.param("grant_type", "authorization_code");
        form.param("redirect_uri", "postmessage");
        Response post = build.target(UriBuilder.fromUri("https://accounts.google.com/o/oauth2/token")).request(new MediaType[]{MediaType.APPLICATION_JSON_TYPE}).post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE));
        post.getStatus();
        GoogleAuthentication googleAuthentication = (GoogleAuthentication) new TiogaJacksonObjectMapper().readValue((String) post.readEntity(String.class), GoogleAuthentication.class);
        if (StringUtils.isNotBlank(googleAuthentication.getError())) {
            throw ApiException.internalServerError(String.format("Authentication Error: %s", googleAuthentication.getError()), new String[0]);
        }
        return googleAuthentication;
    }
}
