package com.toremote;

import com.google.gson.Gson;
import com.toremote.gateway.connection.User;
import com.toremote.gateway.connection.UserDataManager;
import com.toremote.gateway.connection.UserListInterface;
import com.toremote.gateway.oauth2.AccessToken;
import com.toremote.gateway.oauth2.JsonWebTokenPayload;
import com.toremote.gateway.oauth2.Profile;
import com.toremote.gateway.oauth2.Provider;
import com.toremote.gateway.oauth2.Providers;
import com.toremote.http.HttpTool;
import com.toremote.http.handler.AbstractGetHandler;
import com.toremote.http.handler.HttpRequest;
import com.toremote.http.handler.HttpResponse;
import com.toremote.tools.Base64;
import com.toremote.tools.Hex;
import com.toremote.tools.file.FileTool;
import java.io.DataOutputStream;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URLEncoder;
import java.security.MessageDigest;
import java.util.Random;
import java.util.Scanner;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.HttpsURLConnection;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpHeaders;

/* loaded from: input_file:lib/spark-gateway-0.0.1.jar:com/toremote/bw.class */
public class bw extends AbstractGetHandler {
    private static final Logger a = Logger.getLogger(bw.class.getName());

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.toremote.http.handler.AbstractGetHandler
    public void doGet(HttpRequest httpRequest, HttpResponse httpResponse) throws bv {
        String str;
        if (httpRequest.getParameter("error") != null) {
            httpResponse.sendRedirect("/login.html");
            a.warning("Error found, redirected to login.html");
            return;
        }
        String parameter = httpRequest.getParameter(Provider.STATE);
        if (parameter == null) {
            a.warning("No state in url");
            throw new bv("No state value");
        }
        String decode = HttpTool.decode(parameter);
        int indexOf = decode.indexOf(64);
        if (indexOf < 0) {
            a.warning("Invalid state info:" + decode);
            throw new bv("Invalid state");
        }
        String substring = decode.substring(0, indexOf);
        String substring2 = decode.substring(indexOf + 1);
        Provider provider = Providers.getProvider(substring2);
        if (provider == null) {
            a.severe("Invalid provider:" + substring2);
            throw new bv("Invalid provider");
        }
        if (!provider.isValidSession(substring)) {
            a.warning("Session expired for OAuth");
            throw new bv("Session is invalid has expired");
        }
        provider.removeSession(substring);
        String str2 = provider.access_token_uri;
        try {
            String str3 = "code=" + httpRequest.getParameter("code") + "&client_id=" + provider.client_id + "&client_secret=" + provider.client_secret + "&redirect_uri=" + provider.redirect_uri + "&grant_type=authorization_code";
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(str2).openConnection();
            httpsURLConnection.setRequestMethod("POST");
            httpsURLConnection.setRequestProperty("Content-length", String.valueOf(str3.length()));
            httpsURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            httpsURLConnection.setRequestProperty("User-Agent", "Mozilla/4.0 (compatible; MSIE 5.0;Windows98;DigExt)");
            httpsURLConnection.setDoOutput(true);
            httpsURLConnection.setDoInput(true);
            DataOutputStream dataOutputStream = new DataOutputStream(httpsURLConnection.getOutputStream());
            dataOutputStream.writeBytes(str3);
            dataOutputStream.close();
            InputStream inputStream = httpsURLConnection.getInputStream();
            try {
                String scannerToString = FileTool.scannerToString(new Scanner(inputStream, "utf-8"));
                if (a.isLoggable(Level.FINE)) {
                    a.finer("Access token:" + scannerToString);
                }
                Gson gson = new Gson();
                AccessToken accessToken = (AccessToken) gson.fromJson(scannerToString, AccessToken.class);
                if (accessToken.id_token == null || accessToken.id_token.length() <= 0) {
                    if (a.isLoggable(Level.FINER)) {
                        a.finer("Getting id from access_token");
                    }
                    String str4 = accessToken.access_token;
                    String profileURI = provider.getProfileURI(str4);
                    String str5 = profileURI;
                    if (profileURI == null) {
                        a.severe("profile_uri needed for " + provider.name);
                        throw new bv("profile_uri needed for " + provider.name);
                    }
                    boolean equals = "Yahoo".equals(provider.name);
                    if (equals) {
                        str5 = str5 + "&format=json";
                    }
                    if (a.isLoggable(Level.FINER)) {
                        a.finer("id from access_token:" + str5);
                    }
                    HttpsURLConnection httpsURLConnection2 = (HttpsURLConnection) new URL(str5).openConnection();
                    httpsURLConnection2.setRequestMethod("GET");
                    httpsURLConnection2.setRequestProperty("User-Agent", "Mozilla/4.0 (compatible; MSIE 5.0;Windows98;DigExt)");
                    if (equals) {
                        httpsURLConnection2.setRequestProperty("Authorization", "Bearer " + str4);
                    }
                    httpsURLConnection2.setDoOutput(false);
                    httpsURLConnection2.setDoInput(true);
                    String scannerToString2 = FileTool.scannerToString(new Scanner(httpsURLConnection2.getInputStream(), "utf-8"));
                    if (a.isLoggable(Level.FINER)) {
                        a.finer("Id from access_token outptu:" + scannerToString2);
                    }
                    Profile profile = (Profile) gson.fromJson(scannerToString2, Profile.class);
                    String str6 = null;
                    if (profile.email != null) {
                        str6 = profile.email;
                    } else if (profile.emails != null) {
                        str6 = profile.emails.account != null ? profile.emails.account : profile.emails.preferred;
                    } else if (profile.name != null) {
                        str = profile.name;
                    } else if (profile.first_name != null) {
                        str = profile.first_name + StringUtils.SPACE + profile.last_name;
                    } else if (profile.firstName != null) {
                        str = profile.firstName + StringUtils.SPACE + profile.lastName;
                    }
                    str = str6;
                } else {
                    if (a.isLoggable(Level.FINER)) {
                        a.finer("Getting id from id_token:" + accessToken.id_token);
                    }
                    str = a(accessToken, gson);
                }
                String str7 = str;
                if (str == null) {
                    a.severe("Failed to get id from OAuth");
                    throw new bv("Can not get id from OAuth");
                }
                if (a.isLoggable(Level.FINER)) {
                    a.finer("Id from OAuthe:" + str7);
                }
                UserListInterface userList = UserDataManager.getUserList();
                if (!userList.hasUsers()) {
                    httpResponse.sendText("No user in database.", 500);
                    return;
                }
                User userByName = userList.getUserByName(str7);
                if (userByName == null) {
                    httpResponse.sendText("No such user.", 500);
                    return;
                }
                userByName.ip = this.clientIp;
                userByName.startSession();
                httpResponse.addCookie("svSession", userByName.session, null, "/", 30L);
                httpResponse.addCookie("svEmail", str7, null, "/", 30L);
                httpResponse.sendRedirect("/login.html");
                if (a.isLoggable(Level.FINE)) {
                    a.fine("OAuth OK");
                }
            } finally {
                inputStream.close();
            }
        } catch (Exception e) {
            a.log(Level.SEVERE, e.getMessage(), (Throwable) e);
        }
    }

    private static String a(AccessToken accessToken, Gson gson) throws UnsupportedEncodingException {
        String str = new String(Base64.decode(accessToken.id_token.substring(accessToken.id_token.indexOf(46) + 1, accessToken.id_token.lastIndexOf(46))), "utf-8");
        if (a.isLoggable(Level.FINER)) {
            a.finer("payload from id_token:" + str);
        }
        JsonWebTokenPayload jsonWebTokenPayload = (JsonWebTokenPayload) gson.fromJson(str, JsonWebTokenPayload.class);
        if (jsonWebTokenPayload.email_verified == null || !jsonWebTokenPayload.email_verified.booleanValue()) {
            return null;
        }
        return jsonWebTokenPayload.email;
    }

    public static String a(String str, String str2) {
        byte[] bArr;
        Provider provider = Providers.getProvider("okta");
        if (provider == null) {
            a.severe("okta oauther provider not found");
            return null;
        }
        String str3 = provider.access_token_uri;
        try {
            String str4 = "grant_type=password&username=" + URLEncoder.encode(str, "UTF-8") + "&password=" + URLEncoder.encode(str2, "UTF-8") + "&scope=openid";
            String encode = Base64.encode((provider.client_id + ":" + provider.client_secret).getBytes());
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(str3).openConnection();
            httpsURLConnection.setRequestMethod("POST");
            httpsURLConnection.setRequestProperty(HttpHeaders.ACCEPT, "application/json");
            httpsURLConnection.setRequestProperty("Authorization", "Basic " + encode);
            httpsURLConnection.setRequestProperty("Content-length", String.valueOf(str4.length()));
            httpsURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            httpsURLConnection.setDoOutput(true);
            httpsURLConnection.setDoInput(true);
            DataOutputStream dataOutputStream = new DataOutputStream(httpsURLConnection.getOutputStream());
            dataOutputStream.writeBytes(str4);
            dataOutputStream.close();
            InputStream inputStream = httpsURLConnection.getInputStream();
            try {
                String scannerToString = FileTool.scannerToString(new Scanner(inputStream, "utf-8"));
                if (a.isLoggable(Level.FINE)) {
                    a.finer("Access token:" + scannerToString);
                }
                Gson gson = new Gson();
                AccessToken accessToken = (AccessToken) gson.fromJson(scannerToString, AccessToken.class);
                String str5 = null;
                if (accessToken.id_token != null && accessToken.id_token.length() > 0) {
                    if (a.isLoggable(Level.FINER)) {
                        a.finer("Getting id from id_token:" + accessToken.id_token);
                    }
                    str5 = a(accessToken, gson);
                }
                if (str5 != null && a.isLoggable(Level.FINER)) {
                    a.finer("Id from okata OAuthe:" + str5);
                }
                String str6 = accessToken.access_token != null ? accessToken.access_token : accessToken.id_token;
                String str7 = str6;
                if (str6 != null) {
                    bArr = str7.getBytes();
                } else {
                    bArr = new byte[32];
                    new Random().nextBytes(bArr);
                }
                return new String(Hex.encodeHex(MessageDigest.getInstance("SHA-256").digest(bArr)));
            } finally {
                inputStream.close();
            }
        } catch (Exception e) {
            a.log(Level.SEVERE, e.getMessage(), (Throwable) e);
            return null;
        }
    }
}
