package com.networknt.auth;

import ch.qos.logback.classic.ClassicConstants;
import com.google.api.client.googleapis.auth.oauth2.GoogleAuthorizationCodeTokenRequest;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
import com.google.api.client.googleapis.auth.oauth2.GoogleOAuthConstants;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.api.client.json.jackson2.JacksonFactory;
import com.networknt.client.oauth.ClientAuthenticatedUserRequest;
import com.networknt.client.oauth.OauthHelper;
import com.networknt.client.oauth.TokenResponse;
import com.networknt.config.Config;
import com.networknt.config.JsonMapper;
import com.networknt.handler.MiddlewareHandler;
import com.networknt.monad.Result;
import com.networknt.oas.model.impl.ContactImpl;
import com.networknt.oas.model.impl.OAuthFlowImpl;
import com.networknt.status.Status;
import com.networknt.utility.Util;
import io.undertow.server.HttpServerExchange;
import io.undertow.server.handlers.ForwardedHandler;
import java.util.Deque;
import java.util.HashMap;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/networknt/auth/GoogleAuthHandler.class */
public class GoogleAuthHandler extends StatelessAuthHandler implements MiddlewareHandler {
    private static final String CODE = "code";
    private static final String AUTHORIZATION_CODE_MISSING = "ERR10035";
    private static final String EMAIL_REGISTERED = "ERR11350";
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) GoogleAuthHandler.class);
    public static StatelessAuthConfig config = (StatelessAuthConfig) Config.getInstance().getJsonObjectConfig(StatelessAuthConfig.CONFIG_NAME, StatelessAuthConfig.class);

    @Override // com.networknt.auth.StatelessAuthHandler, io.undertow.server.HttpHandler
    public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
        if (logger.isDebugEnabled()) {
            logger.debug("exchange path = " + httpServerExchange.getRelativePath() + " config path = " + config.getGooglePath());
        }
        if (httpServerExchange.getRelativePath().equals(config.getGooglePath())) {
            Deque<String> deque = httpServerExchange.getQueryParameters().get("code");
            String first = deque == null ? null : deque.getFirst();
            if (logger.isDebugEnabled()) {
                logger.debug("auth code = " + first);
            }
            if (first == null || first.trim().length() == 0) {
                setExchangeStatus(httpServerExchange, AUTHORIZATION_CODE_MISSING, new Object[0]);
                return;
            }
            GoogleIdToken.Payload payload = new GoogleAuthorizationCodeTokenRequest(new NetHttpTransport(), JacksonFactory.getDefaultInstance(), GoogleOAuthConstants.TOKEN_SERVER_URL, config.getGoogleClientId(), config.getGoogleClientSecret(), first, config.getGoogleRedirectUri()).execute().parseIdToken().getPayload();
            String email = payload.getEmail();
            Boolean.valueOf(payload.getEmailVerified().booleanValue()).booleanValue();
            String str = ((String) payload.get("name")).replaceAll("\\s+", "") + "@go";
            String str2 = (String) payload.get("family_name");
            String str3 = (String) payload.get("given_name");
            Result<String> userByEmail = PortalClient.getUserByEmail(email, config.getBootstrapToken());
            if (userByEmail.isSuccess()) {
                Object obj = (String) JsonMapper.string2Map(userByEmail.getResult()).get("userId");
                if (logger.isTraceEnabled()) {
                    logger.trace("userId from query service: " + obj + " userId from google: " + str);
                }
                if (!str.equals(obj)) {
                    setExchangeStatus(httpServerExchange, EMAIL_REGISTERED, email, obj);
                    return;
                }
            } else {
                HashMap hashMap = new HashMap();
                hashMap.put(ForwardedHandler.HOST, "lightapi.net");
                hashMap.put(ContactImpl.F_email, email);
                hashMap.put("userId", str);
                hashMap.put("language", "en");
                hashMap.put("firstName", str3);
                hashMap.put("lastName", str2);
                PortalClient.createSocialUser(hashMap, config.getBootstrapToken());
            }
            String uuid = Util.getUUID();
            ClientAuthenticatedUserRequest clientAuthenticatedUserRequest = new ClientAuthenticatedUserRequest("social", email, ClassicConstants.USER_MDC_KEY);
            clientAuthenticatedUserRequest.setCsrf(uuid);
            Result<TokenResponse> tokenResult = OauthHelper.getTokenResult(clientAuthenticatedUserRequest);
            if (tokenResult.isFailure()) {
                Status error = tokenResult.getError();
                httpServerExchange.setStatusCode(error.getStatusCode());
                httpServerExchange.getResponseSender().send(error.toString());
                logger.error(error.toString());
                return;
            }
            List<String> cookies = setCookies(httpServerExchange, tokenResult.getResult(), uuid);
            if (config.getRedirectUri() == null || config.getRedirectUri().length() <= 0) {
                httpServerExchange.setStatusCode(200);
                httpServerExchange.endExchange();
                return;
            }
            httpServerExchange.setStatusCode(200);
            HashMap hashMap2 = new HashMap();
            hashMap2.put(OAuthFlowImpl.F_scopes, cookies);
            hashMap2.put("redirectUri", config.redirectUri);
            hashMap2.put("denyUri", config.denyUri != null ? config.denyUri : config.redirectUri);
            httpServerExchange.getResponseSender().send(JsonMapper.toJson(hashMap2));
        }
    }
}
