package org.squashtest.tm.web.backend.controller.thirdpartyserver;

import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;
import org.apache.tools.mail.MailMessage;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.squashtest.tm.domain.servers.AuthenticationStatus;
import org.squashtest.tm.service.bugtracker.BugTrackersLocalService;
import org.squashtest.tm.service.configuration.ConfigurationService;
import org.squashtest.tm.service.servers.ManageableCredentials;
import org.squashtest.tm.service.servers.OAuth1aConsumerService;
import org.squashtest.tm.service.servers.OAuth1aTemporaryTokens;
import org.squashtest.tm.service.user.UserAccountService;

@RequestMapping({"backend/servers"})
@Controller
/* loaded from: input_file:WEB-INF/classes/org/squashtest/tm/web/backend/controller/thirdpartyserver/ThirdPartyServersAuthenticationController.class */
public class ThirdPartyServersAuthenticationController {
    private static final String SQUASH_TM_CALLBACK_URL_KEY = "squashtest.tm.callbackurl";
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) ThirdPartyServersAuthenticationController.class);
    public static final String OAUTH_1_A_TEMP_TOKENS = "squashtest.servers.OAUTH_1_A_TEMP_TOKENS";

    @Value("${tm.test.automation.server.callbackurl}")
    private String baseCallbackUrl;

    @Inject
    private ConfigurationService configService;

    @Inject
    private BugTrackersLocalService btService;

    @Inject
    private OAuth1aConsumerService oauth1aService;

    @Inject
    private UserAccountService userService;

    @RequestMapping(value = {"/{serverId}/authentication"}, method = {RequestMethod.GET}, produces = {"application/json"})
    @ResponseBody
    public AuthenticationStatus getAuthenticationStatus(@PathVariable("serverId") Long l) {
        return this.btService.checkAuthenticationStatus(l);
    }

    @PostMapping({"/{serverId}/authentication"})
    @ResponseBody
    public void authenticate(@RequestBody ManageableCredentials manageableCredentials, @PathVariable("serverId") long j) {
        this.btService.validateManageableCredentials(j, manageableCredentials, false);
        this.userService.saveCurrentUserCredentials(j, manageableCredentials);
    }

    @RequestMapping(value = {"/{serverId}/authentication/oauth1a"}, method = {RequestMethod.GET})
    public String authenticateOauth1(HttpServletRequest httpServletRequest, HttpSession httpSession, @PathVariable("serverId") long j) {
        try {
            OAuth1aTemporaryTokens requestTemporaryToken = this.oauth1aService.requestTemporaryToken(j, createCallbackUrl(httpServletRequest, j));
            httpSession.setAttribute(OAUTH_1_A_TEMP_TOKENS, requestTemporaryToken);
            return "redirect:" + requestTemporaryToken.getRedirectUrl();
        } catch (Exception e) {
            LOGGER.error("Exception encountered while fetching temporary credentials : ", (Throwable) e);
            return "redirect:" + createFailureUrl(httpServletRequest);
        }
    }

    @RequestMapping(value = {"/{serverId}/authentication/oauth1a/callback"}, method = {RequestMethod.GET})
    public String callbackOAuth1(HttpSession httpSession, HttpServletRequest httpServletRequest, @PathVariable("serverId") long j, @RequestParam("oauth_token") String str, @RequestParam("oauth_verifier") String str2) {
        String createSuccessUrl = createSuccessUrl(httpServletRequest);
        try {
            OAuth1aTemporaryTokens oAuth1aTemporaryTokens = (OAuth1aTemporaryTokens) httpSession.getAttribute(OAUTH_1_A_TEMP_TOKENS);
            if (oAuth1aTemporaryTokens == null) {
                LOGGER.error("oauth callback (user '{}', server '{}') : unexpected call to the oauth1 consumer callback, no temporary tokens found user session !", findUsernameOrUndefined(), Long.valueOf(j));
                createSuccessUrl = createFailureUrl(httpServletRequest);
            } else if (str.equals(oAuth1aTemporaryTokens.getTempToken())) {
                oAuth1aTemporaryTokens.setVerifier(str2);
                this.oauth1aService.authorize(j, oAuth1aTemporaryTokens);
                httpSession.removeAttribute(OAUTH_1_A_TEMP_TOKENS);
            } else {
                LOGGER.error("oauth callback (user '{}', server '{}') : received token '{}' but expected '{}'", findUsernameOrUndefined(), Long.valueOf(j), str, oAuth1aTemporaryTokens.getTempToken());
                createSuccessUrl = createFailureUrl(httpServletRequest);
            }
        } catch (ClassCastException e) {
            LOGGER.error("oauth callback (user '{}', server '{}') : programmatic error, exception is ", findUsernameOrUndefined(), Long.valueOf(j), e);
            createSuccessUrl = createFailureUrl(httpServletRequest);
        } catch (Exception e2) {
            LOGGER.error("oauth callback (user '{}', server '{}') : unhandled error, exception is ", findUsernameOrUndefined(), Long.valueOf(j), e2);
            createSuccessUrl = createFailureUrl(httpServletRequest);
        }
        return "redirect:" + createSuccessUrl;
    }

    private String findUsernameOrUndefined() {
        try {
            String name = SecurityContextHolder.getContext().getAuthentication().getName();
            return name != null ? name : "(unknown)";
        } catch (Exception e) {
            LOGGER.debug("attempted to retrieve the current username for debugging purposes but failed to retrieve one. Probable cause is that no user context is set. It is also likely that the error reported below was caused for that same reason.", (Throwable) e);
            return "(unknown)";
        }
    }

    private String createCallbackUrl(HttpServletRequest httpServletRequest, long j) {
        return String.valueOf(getBaseUrl(httpServletRequest)) + "/backend/servers/" + j + "/authentication/oauth1a/callback";
    }

    private String createSuccessUrl(HttpServletRequest httpServletRequest) {
        return String.valueOf(getBaseUrl(httpServletRequest)) + "/oauth/success";
    }

    private String createFailureUrl(HttpServletRequest httpServletRequest) {
        return String.valueOf(getBaseUrl(httpServletRequest)) + "/oauth/failure";
    }

    private String getBaseUrl(HttpServletRequest httpServletRequest) {
        return isCallbackUrlSetInDatabase() ? this.configService.findConfiguration("squashtest.tm.callbackurl") : isCallbackUrlSetInProperties() ? this.baseCallbackUrl : UriUtils.extractBaseUrl(httpServletRequest);
    }

    private boolean isCallbackUrlSetInProperties() {
        return (StringUtils.isBlank(this.baseCallbackUrl) || this.baseCallbackUrl.contains(MailMessage.DEFAULT_HOST)) ? false : true;
    }

    private boolean isCallbackUrlSetInDatabase() {
        return this.configService.findConfiguration("squashtest.tm.callbackurl") != null;
    }
}
