package cn.herodotus.engine.oauth2.management.controller;

import cn.herodotus.engine.oauth2.authentication.properties.OAuth2AuthenticationProperties;
import cn.herodotus.engine.oauth2.core.utils.SymmetricUtils;
import cn.herodotus.engine.rest.core.utils.WebUtils;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import java.util.Collections;
import java.util.Map;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpMethod;
import org.springframework.security.web.csrf.CsrfToken;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.util.HtmlUtils;

@Controller
/* loaded from: input_file:cn/herodotus/engine/oauth2/management/controller/LoginController.class */
public class LoginController {
    private static final String DEFAULT_LOGIN_PAGE_VIEW = "login";
    private static final String DEFAULT_ERROR_PAGE_VIEW = "error";
    private final OAuth2AuthenticationProperties authenticationProperties;

    @Autowired
    public LoginController(OAuth2AuthenticationProperties oAuth2AuthenticationProperties) {
        this.authenticationProperties = oAuth2AuthenticationProperties;
    }

    @RequestMapping(value = {"/login"}, method = {RequestMethod.GET})
    public ModelAndView login(Map<String, Object> map, HttpServletRequest httpServletRequest) {
        ModelAndView modelAndView = new ModelAndView(DEFAULT_LOGIN_PAGE_VIEW);
        boolean isErrorPage = isErrorPage(httpServletRequest);
        boolean isLogoutSuccess = isLogoutSuccess(httpServletRequest);
        String errorMessage = getErrorMessage(httpServletRequest);
        Map<String, String> hiddenInputs = hiddenInputs(httpServletRequest);
        modelAndView.addObject("vulgar_tycoon", getFormLogin().getUsernameParameter());
        modelAndView.addObject("beast", getFormLogin().getPasswordParameter());
        modelAndView.addObject("anubis", getFormLogin().getRememberMeParameter());
        modelAndView.addObject("graphic", getFormLogin().getCaptchaParameter());
        modelAndView.addObject("hide_verification_code", getFormLogin().getCloseCaptcha());
        modelAndView.addObject("soup_spoon", SymmetricUtils.getEncryptedSymmetricKey());
        modelAndView.addObject("verification_category", getFormLogin().getCategory());
        modelAndView.addObject("hidden_inputs", hiddenInputs);
        modelAndView.addObject("login_error", Boolean.valueOf(isErrorPage));
        modelAndView.addObject("logout_success", Boolean.valueOf(isLogoutSuccess));
        modelAndView.addObject("message", StringUtils.isNotBlank(errorMessage) ? HtmlUtils.htmlEscape(errorMessage) : null);
        modelAndView.addObject("contentPath", httpServletRequest.getContextPath());
        modelAndView.addObject("sessionId", WebUtils.getSessionId(httpServletRequest, true));
        return modelAndView;
    }

    private OAuth2AuthenticationProperties.FormLogin getFormLogin() {
        return this.authenticationProperties.getFormLogin();
    }

    private boolean isErrorPage(HttpServletRequest httpServletRequest) {
        return matches(httpServletRequest, "login?error");
    }

    private boolean isLogoutSuccess(HttpServletRequest httpServletRequest) {
        return matches(httpServletRequest, "login?logout");
    }

    private Map<String, String> hiddenInputs(HttpServletRequest httpServletRequest) {
        CsrfToken csrfToken = (CsrfToken) httpServletRequest.getAttribute(CsrfToken.class.getName());
        return csrfToken != null ? Collections.singletonMap(csrfToken.getParameterName(), csrfToken.getToken()) : Collections.emptyMap();
    }

    private String getErrorMessage(HttpServletRequest httpServletRequest) {
        HttpSession session = WebUtils.getSession(httpServletRequest);
        if (!ObjectUtils.isNotEmpty(session)) {
            return null;
        }
        String str = (String) session.getAttribute("SPRING_SECURITY_LAST_EXCEPTION");
        if (ObjectUtils.isNotEmpty(str)) {
            return str;
        }
        return null;
    }

    private boolean matches(HttpServletRequest httpServletRequest, String str) {
        if (!HttpMethod.GET.name().equals(httpServletRequest.getMethod()) || str == null) {
            return false;
        }
        String requestURI = httpServletRequest.getRequestURI();
        int indexOf = requestURI.indexOf(59);
        if (indexOf > 0) {
            requestURI = requestURI.substring(0, indexOf);
        }
        if (httpServletRequest.getQueryString() != null) {
            requestURI = requestURI + "?" + httpServletRequest.getQueryString();
        }
        return "".equals(httpServletRequest.getContextPath()) ? requestURI.equals(str) : requestURI.equals(httpServletRequest.getContextPath() + str);
    }
}
