package edu.ksu.lti.launch.controller;

import com.google.gson.Gson;
import com.google.gson.JsonObject;
import edu.ksu.canvas.oauth.OauthTokenRefresher;
import edu.ksu.canvas.oauth.RefreshableOauthToken;
import edu.ksu.lti.launch.exception.CookieUnavailableException;
import edu.ksu.lti.launch.exception.NoLtiSessionException;
import edu.ksu.lti.launch.model.LtiSession;
import edu.ksu.lti.launch.service.ConfigService;
import edu.ksu.lti.launch.service.LtiSessionService;
import edu.ksu.lti.launch.service.OauthTokenService;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
/* loaded from: input_file:edu/ksu/lti/launch/controller/OauthController.class */
public class OauthController {
    private static final Logger LOG = Logger.getLogger(OauthController.class);
    private final ConfigService configService;
    private final OauthTokenService oauthTokenService;
    private final LtiSessionService ltiSessionService;

    @Autowired
    private OauthController(ConfigService configService, OauthTokenService oauthTokenService, LtiSessionService ltiSessionService) {
        this.configService = configService;
        this.oauthTokenService = oauthTokenService;
        this.ltiSessionService = ltiSessionService;
    }

    @RequestMapping({"/beginOauth"})
    public String startOauth(HttpServletRequest httpServletRequest) throws NoLtiSessionException, CookieUnavailableException {
        try {
            LtiSession ltiSession = this.ltiSessionService.getLtiSession();
            LOG.debug("Sending user " + ltiSession.getEid() + " to get oauth token at " + ltiSession.getCanvasDomain());
            String configValue = this.configService.getConfigValue("oauth_client_id");
            String uuid = UUID.randomUUID().toString();
            ltiSession.setOauthTokenRequestState(uuid);
            StringBuilder sb = new StringBuilder();
            sb.append("redirect:");
            sb.append("https://");
            sb.append(ltiSession.getCanvasDomain());
            sb.append("/login/oauth2/auth");
            sb.append("?");
            sb.append("client_id=");
            sb.append(configValue);
            sb.append("&state=");
            sb.append(uuid);
            sb.append("&response_type=code");
            sb.append("&redirect_uri=");
            sb.append(getApplicationBaseUrl(httpServletRequest, true));
            sb.append("/oauthResponse");
            LOG.debug("returning from start oauth: " + sb.toString());
            return sb.toString();
        } catch (NoLtiSessionException e) {
            LOG.trace(e);
            LOG.warn("Could not get the newly created lti session, this indicates a browser is not accepting our cookies.");
            throw new CookieUnavailableException("Failed to retrieve new LTI Session from cookie. User must change their cookie settings.");
        }
    }

    @RequestMapping({"/oauthResponse"})
    public String oauthResponse(HttpServletRequest httpServletRequest, @ModelAttribute("code") String str, @ModelAttribute("state") String str2, @ModelAttribute("error") String str3) throws NoLtiSessionException {
        LtiSession ltiSession = this.ltiSessionService.getLtiSession();
        LOG.info("got oauth token for " + ltiSession.getEid());
        LOG.debug("got oauth response: " + str);
        LOG.debug("got oauth state: " + str2);
        LOG.debug("oauth error: " + str3);
        if (!ltiSession.getOauthTokenRequestState().equals(str2)) {
            throw new RuntimeException("In the OAuth Token Response, the state does not match what we sent! A Cross Site Script Forgery Request may be in progress. Aborting process!");
        }
        String configValue = this.configService.getConfigValue("canvas_url");
        String configValue2 = this.configService.getConfigValue("oauth_client_id");
        String configValue3 = this.configService.getConfigValue("oauth_client_secret");
        if (str != null && !str.trim().isEmpty()) {
            try {
                LOG.debug("got oauth code back: " + str);
                HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(configValue + "/login/oauth2/token").openConnection();
                httpURLConnection.setRequestMethod("POST");
                httpURLConnection.setDoOutput(true);
                OutputStream outputStream = httpURLConnection.getOutputStream();
                StringBuilder sb = new StringBuilder();
                sb.append("client_id=");
                sb.append(configValue2);
                sb.append("&client_secret=");
                sb.append(configValue3);
                sb.append("&code=");
                sb.append(str);
                sb.append("&redirect_uri=");
                sb.append(getApplicationBaseUrl(httpServletRequest, true));
                sb.append("/oauthResponse");
                LOG.debug("sending params to get oauth token: " + sb.toString());
                outputStream.write(sb.toString().getBytes());
                outputStream.flush();
                outputStream.close();
                LOG.debug("got response code from token request: " + httpURLConnection.getResponseCode());
                LOG.debug("response message: " + httpURLConnection.getResponseMessage());
                BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpURLConnection.getInputStream()));
                StringBuffer stringBuffer = new StringBuffer();
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    stringBuffer.append(readLine);
                }
                LOG.debug("content: " + stringBuffer.toString());
                JsonObject jsonObject = (JsonObject) new Gson().fromJson(stringBuffer.toString(), JsonObject.class);
                String asString = jsonObject.get("access_token").getAsString();
                String asString2 = jsonObject.get("refresh_token").getAsString();
                String eid = ltiSession.getEid();
                LOG.debug("access token for eid " + eid + ": " + asString);
                LOG.debug("refresh token for eid " + eid + ": " + asString2);
                if (this.oauthTokenService.getRefreshToken(eid) == null) {
                    this.oauthTokenService.storeToken(eid, asString2);
                } else {
                    this.oauthTokenService.updateToken(eid, asString2);
                }
                ltiSession.setOauthToken(new RefreshableOauthToken(new OauthTokenRefresher(configValue2, configValue3, configValue), asString2));
            } catch (IOException e) {
                LOG.error("error getting oauth token", e);
            }
        }
        return "redirect:" + ltiSession.getInitialViewPath();
    }

    public static String getApplicationBaseUrl(HttpServletRequest httpServletRequest, boolean z) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(httpServletRequest.getScheme());
        stringBuffer.append("://");
        stringBuffer.append(httpServletRequest.getServerName());
        if (httpServletRequest.getServerPort() != 80 && httpServletRequest.getServerPort() != 443) {
            stringBuffer.append(":");
            stringBuffer.append(httpServletRequest.getServerPort());
        }
        if (z) {
            LOG.debug("context path: " + httpServletRequest.getContextPath());
            stringBuffer.append(httpServletRequest.getContextPath());
        }
        return stringBuffer.toString();
    }
}
