package org.keycloak.servlet;

import java.io.IOException;
import java.net.URI;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.InternalServerErrorException;
import javax.ws.rs.core.UriBuilder;
import org.jboss.resteasy.plugins.server.servlet.ServletUtil;
import org.keycloak.AbstractOAuthClient;

/* loaded from: input_file:org/keycloak/servlet/ServletOAuthClient.class */
public class ServletOAuthClient extends AbstractOAuthClient {
    public void redirectRelative(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        redirect(ServletUtil.extractUriInfo(httpServletRequest, (String) null).getBaseUriBuilder().path(str).toTemplate(), httpServletRequest, httpServletResponse);
    }

    public void redirect(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String stateCode = getStateCode();
        URI build = UriBuilder.fromUri(this.authUrl).queryParam("client_id", new Object[]{this.clientId}).queryParam("redirect_uri", new Object[]{str}).queryParam("state", new Object[]{stateCode}).build(new Object[0]);
        String str2 = this.stateCookiePath;
        if (str2 == null) {
            str2 = httpServletRequest.getContextPath();
        }
        if (str2.equals("")) {
            str2 = "/";
        }
        Cookie cookie = new Cookie(this.stateCookieName, stateCode);
        cookie.setSecure(this.isSecure);
        cookie.setPath(str2);
        httpServletResponse.addCookie(cookie);
        httpServletResponse.sendRedirect(build.toString());
    }

    protected String getCookieValue(String str, HttpServletRequest httpServletRequest) {
        if (httpServletRequest.getCookies() == null) {
            return null;
        }
        for (Cookie cookie : httpServletRequest.getCookies()) {
            if (cookie.getName().equals(str)) {
                return cookie.getValue();
            }
        }
        return null;
    }

    protected String getCode(HttpServletRequest httpServletRequest) {
        String queryString = httpServletRequest.getQueryString();
        if (queryString == null) {
            return null;
        }
        for (String str : queryString.split("&")) {
            int indexOf = str.indexOf(61);
            if (indexOf != -1 && str.substring(0, indexOf).equals("code")) {
                return str.substring(indexOf + 1);
            }
        }
        return null;
    }

    public String getBearerToken(HttpServletRequest httpServletRequest) throws BadRequestException, InternalServerErrorException {
        String parameter = httpServletRequest.getParameter("error");
        if (parameter != null) {
            throw new BadRequestException(new Exception("OAuth error: " + parameter));
        }
        String stringBuffer = httpServletRequest.getRequestURL().append("?").append(httpServletRequest.getQueryString()).toString();
        String cookieValue = getCookieValue(this.stateCookieName, httpServletRequest);
        if (cookieValue == null) {
            throw new BadRequestException(new Exception("state cookie not set"));
        }
        String parameter2 = httpServletRequest.getParameter("state");
        String parameter3 = httpServletRequest.getParameter("code");
        if (parameter2 == null) {
            throw new BadRequestException(new Exception("state parameter was null"));
        }
        if (!parameter2.equals(cookieValue)) {
            throw new BadRequestException(new Exception("state parameter invalid"));
        }
        if (parameter3 == null) {
            throw new BadRequestException(new Exception("code parameter was null"));
        }
        return resolveBearerToken(stringBuffer, parameter3);
    }
}
