package org.glassfish.soteria.mechanisms.openid.controller;

import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import jakarta.security.enterprise.AuthenticationStatus;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.ws.rs.core.UriBuilder;
import java.io.IOException;
import java.util.Map;
import java.util.Objects;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.glassfish.soteria.Utils;
import org.glassfish.soteria.mechanisms.OpenIdAuthenticationMechanism;
import org.glassfish.soteria.mechanisms.openid.OpenIdState;
import org.glassfish.soteria.mechanisms.openid.domain.OpenIdConfiguration;
import org.glassfish.soteria.mechanisms.openid.domain.OpenIdNonce;
import org.glassfish.soteria.servlet.HttpStorageController;
import org.glassfish.soteria.servlet.RequestData;

@ApplicationScoped
/* loaded from: input_file:org/glassfish/soteria/mechanisms/openid/controller/AuthenticationController.class */
public class AuthenticationController {

    @Inject
    private StateController stateController;

    @Inject
    private NonceController nonceController;

    @Inject
    private OpenIdConfiguration configuration;
    private static final Logger LOGGER = Logger.getLogger(AuthenticationController.class.getName());

    public AuthenticationStatus authenticateUser(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        UriBuilder queryParam = UriBuilder.fromUri(this.configuration.getProviderMetadata().getAuthorizationEndpoint()).queryParam("scope", this.configuration.getScopes()).queryParam("response_type", this.configuration.getResponseType()).queryParam("client_id", this.configuration.getClientId()).queryParam("redirect_uri", this.configuration.buildRedirectURI(httpServletRequest));
        OpenIdState openIdState = new OpenIdState();
        queryParam.queryParam("state", openIdState.getValue());
        this.stateController.store(openIdState, this.configuration, httpServletRequest, httpServletResponse);
        storeRequestURL(httpServletRequest, httpServletResponse);
        if (this.configuration.isUseNonce()) {
            OpenIdNonce openIdNonce = new OpenIdNonce();
            queryParam.queryParam("nonce", this.nonceController.getNonceHash(openIdNonce));
            this.nonceController.store(openIdNonce, this.configuration, httpServletRequest, httpServletResponse);
        }
        if (!Utils.isEmpty(this.configuration.getResponseMode())) {
            queryParam.queryParam("response_mode", this.configuration.getResponseMode());
        }
        if (!Utils.isEmpty(this.configuration.getDisplay())) {
            queryParam.queryParam("display", this.configuration.getDisplay());
        }
        if (!Utils.isEmpty(this.configuration.getPrompt())) {
            queryParam.queryParam("prompt", this.configuration.getPrompt());
        }
        Map<String, String> extraParameters = this.configuration.getExtraParameters();
        Objects.requireNonNull(queryParam);
        extraParameters.forEach((str, obj) -> {
            queryParam.queryParam(str, obj);
        });
        String uri = queryParam.build(new Object[0]).toString();
        LOGGER.log(Level.FINEST, "Redirecting for authentication to {0}", uri);
        try {
            httpServletResponse.sendRedirect(uri);
            return AuthenticationStatus.SEND_CONTINUE;
        } catch (IOException e) {
            throw new IllegalStateException(e);
        }
    }

    private void storeRequestURL(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpStorageController httpStorageController = HttpStorageController.getInstance(this.configuration, httpServletRequest, httpServletResponse);
        httpStorageController.store("oidc.original.request", getFullURL(httpServletRequest));
        if (this.configuration.isRedirectToOriginalResource()) {
            httpStorageController.store(OpenIdAuthenticationMechanism.ORIGINAL_REQUEST_DATA_JSON, RequestData.of(httpServletRequest).toJson());
        }
    }

    private String getFullURL(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder(httpServletRequest.getRequestURL().toString());
        String queryString = httpServletRequest.getQueryString();
        return queryString == null ? sb.toString() : sb.append('?').append(queryString).toString();
    }
}
