package org.keycloak.social.facebook;

import java.util.UUID;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import org.jboss.resteasy.client.jaxrs.ResteasyClient;
import org.jboss.resteasy.client.jaxrs.ResteasyClientBuilder;
import org.keycloak.social.AuthCallback;
import org.keycloak.social.AuthRequest;
import org.keycloak.social.SocialProvider;
import org.keycloak.social.SocialProviderConfig;
import org.keycloak.social.SocialProviderException;
import org.keycloak.social.SocialUser;

/* loaded from: input_file:org/keycloak/social/facebook/FacebookProvider.class */
public class FacebookProvider implements SocialProvider {
    private static final String AUTHENTICATION_ENDPOINT_URL = "https://graph.facebook.com/oauth/authorize";
    private static final String ACCESS_TOKEN_ENDPOINT_URL = "https://graph.facebook.com/oauth/access_token";
    private static final String PROFILE_ENDPOINT_URL = "https://graph.facebook.com/me";
    private static final String DEFAULT_RESPONSE_TYPE = "code";
    private static final String DEFAULT_SCOPE = "email";

    public String getId() {
        return "facebook";
    }

    public AuthRequest getAuthUrl(SocialProviderConfig socialProviderConfig) throws SocialProviderException {
        String uuid = UUID.randomUUID().toString();
        return AuthRequest.create(uuid, AUTHENTICATION_ENDPOINT_URL).setQueryParam("client_id", socialProviderConfig.getKey()).setQueryParam("response_type", DEFAULT_RESPONSE_TYPE).setQueryParam("scope", DEFAULT_SCOPE).setQueryParam("redirect_uri", socialProviderConfig.getCallbackUrl().replace("//localhost", "//127.0.0.1")).setQueryParam("state", uuid).setAttribute("state", uuid).build();
    }

    public String getRequestIdParamName() {
        return "state";
    }

    public String getName() {
        return "Facebook";
    }

    public SocialUser processCallback(SocialProviderConfig socialProviderConfig, AuthCallback authCallback) throws SocialProviderException {
        String queryParam = authCallback.getQueryParam(DEFAULT_RESPONSE_TYPE);
        try {
            if (!authCallback.getQueryParam("state").equals(authCallback.getAttribute("state"))) {
                throw new SocialProviderException("Invalid state");
            }
            ResteasyClient build = new ResteasyClientBuilder().hostnameVerification(ResteasyClientBuilder.HostnameVerificationPolicy.ANY).build();
            FacebookUser loadUser = loadUser(loadAccessToken(queryParam, socialProviderConfig, build), build);
            SocialUser socialUser = new SocialUser(loadUser.getId());
            socialUser.setUsername(loadUser.getUsername());
            if (loadUser.getUsername() == null || loadUser.getUsername().length() == 0) {
                socialUser.setUsername(loadUser.getId());
            }
            socialUser.setEmail(loadUser.getEmail());
            socialUser.setLastName(loadUser.getLastName());
            socialUser.setFirstName(loadUser.getFirstName());
            return socialUser;
        } catch (Exception e) {
            throw new SocialProviderException(e);
        } catch (SocialProviderException e2) {
            throw e2;
        }
    }

    protected String loadAccessToken(String str, SocialProviderConfig socialProviderConfig, ResteasyClient resteasyClient) throws SocialProviderException {
        Form form = new Form();
        form.param("grant_type", "authorization_code").param(DEFAULT_RESPONSE_TYPE, str).param("client_id", socialProviderConfig.getKey()).param("client_secret", socialProviderConfig.getSecret()).param("redirect_uri", socialProviderConfig.getCallbackUrl());
        Response post = resteasyClient.target(ACCESS_TOKEN_ENDPOINT_URL).request().post(Entity.form(form));
        if (post.getStatus() == 200) {
            return parseParameter((String) post.readEntity(String.class), "access_token");
        }
        throw new SocialProviderException("Access token request to Facebook failed. Status: " + post.getStatus() + ", response: " + ((String) post.readEntity(String.class)));
    }

    protected FacebookUser loadUser(String str, ResteasyClient resteasyClient) throws SocialProviderException {
        Response response = resteasyClient.target(UriBuilder.fromUri(PROFILE_ENDPOINT_URL).queryParam("access_token", new Object[]{str}).queryParam("fields", new Object[]{"id,name,username,first_name,last_name,email"}).build(new Object[0])).request().header("Accept", "application/json").get();
        if (response.getStatus() != 200) {
            throw new SocialProviderException("Request to Facebook for obtaining user failed. Status: " + response.getStatus() + ", response: " + ((String) response.readEntity(String.class)));
        }
        return (FacebookUser) response.readEntity(FacebookUser.class);
    }

    private String parseParameter(String str, String str2) {
        int indexOf = str.indexOf(str2 + "=");
        if (indexOf == -1) {
            throw new IllegalArgumentException("Parameter " + str2 + " not available in response " + str);
        }
        String substring = str.substring(indexOf + str2.length() + 1);
        int indexOf2 = substring.indexOf("&");
        return indexOf2 == -1 ? substring : substring.substring(0, indexOf2);
    }
}
