package org.jasig.cas.support.oauth.web;

import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.jasig.cas.services.RegisteredService;
import org.jasig.cas.services.ServicesManager;
import org.jasig.cas.support.oauth.OAuthConstants;
import org.jasig.cas.support.oauth.OAuthUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.AbstractController;

/* loaded from: input_file:org/jasig/cas/support/oauth/web/OAuth20AuthorizeController.class */
public final class OAuth20AuthorizeController extends AbstractController {
    private static Logger log = LoggerFactory.getLogger(OAuth20AuthorizeController.class);
    private final String loginUrl;
    private final ServicesManager servicesManager;

    public OAuth20AuthorizeController(ServicesManager servicesManager, String str) {
        this.servicesManager = servicesManager;
        this.loginUrl = str;
    }

    protected ModelAndView handleRequestInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        String parameter = httpServletRequest.getParameter(OAuthConstants.CLIENT_ID);
        log.debug("clientId : {}", parameter);
        String parameter2 = httpServletRequest.getParameter(OAuthConstants.REDIRECT_URI);
        log.debug("redirect_uri : {}", parameter2);
        String parameter3 = httpServletRequest.getParameter(OAuthConstants.STATE);
        log.debug("state : {}", parameter3);
        if (StringUtils.isBlank(parameter)) {
            log.error("missing clientId");
            return new ModelAndView(OAuthConstants.ERROR_VIEW);
        }
        if (StringUtils.isBlank(parameter2)) {
            log.error("missing redirectUri");
            return new ModelAndView(OAuthConstants.ERROR_VIEW);
        }
        RegisteredService registeredService = null;
        Iterator it = this.servicesManager.getAllServices().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            RegisteredService registeredService2 = (RegisteredService) it.next();
            if (StringUtils.equals(registeredService2.getName(), parameter)) {
                registeredService = registeredService2;
                break;
            }
        }
        if (registeredService == null) {
            log.error("Unknown clientId : {}", parameter);
            return new ModelAndView(OAuthConstants.ERROR_VIEW);
        }
        String serviceId = registeredService.getServiceId();
        if (!StringUtils.startsWith(parameter2, serviceId)) {
            log.error("Unsupported redirectUri : {} for serviceId : {}", parameter2, serviceId);
            return new ModelAndView(OAuthConstants.ERROR_VIEW);
        }
        HttpSession session = httpServletRequest.getSession();
        session.setAttribute(OAuthConstants.OAUTH20_CALLBACKURL, parameter2);
        session.setAttribute(OAuthConstants.OAUTH20_SERVICE_NAME, registeredService.getTheme());
        session.setAttribute(OAuthConstants.OAUTH20_STATE, parameter3);
        String replace = httpServletRequest.getRequestURL().toString().replace("/authorize", "/callbackAuthorize");
        log.debug("callbackAuthorizeUrl : {}", replace);
        String addParameter = OAuthUtils.addParameter(this.loginUrl, OAuthConstants.SERVICE, replace);
        log.debug("loginUrlWithService : {}", addParameter);
        return OAuthUtils.redirectTo(addParameter);
    }

    static void setLogger(Logger logger) {
        log = logger;
    }
}
