package org.gatein.security.oauth.twitter;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.exoplatform.container.ExoContainerContext;
import org.exoplatform.container.xml.InitParams;
import org.exoplatform.services.organization.UserProfile;
import org.gatein.common.logging.Logger;
import org.gatein.common.logging.LoggerFactory;
import org.gatein.security.oauth.common.OAuthConstants;
import org.gatein.security.oauth.exception.OAuthException;
import org.gatein.security.oauth.exception.OAuthExceptionCode;
import org.gatein.security.oauth.spi.InteractionState;
import org.gatein.security.oauth.spi.OAuthCodec;
import org.gatein.security.oauth.utils.OAuthPersistenceUtils;
import twitter4j.Twitter;
import twitter4j.TwitterException;
import twitter4j.TwitterFactory;
import twitter4j.auth.AccessToken;
import twitter4j.auth.RequestToken;
import twitter4j.conf.ConfigurationBuilder;

/* loaded from: input_file:org/gatein/security/oauth/twitter/TwitterProcessorImpl.class */
public class TwitterProcessorImpl implements TwitterProcessor {
    private static Logger log = LoggerFactory.getLogger(TwitterProcessorImpl.class);
    private final String redirectURL;
    private final String clientID;
    private final String clientSecret;
    private final TwitterFactory twitterFactory;
    private final int chunkLength;

    public TwitterProcessorImpl(ExoContainerContext exoContainerContext, InitParams initParams) {
        this.clientID = initParams.getValueParam("clientId").getValue();
        this.clientSecret = initParams.getValueParam("clientSecret").getValue();
        String value = initParams.getValueParam("redirectURL").getValue();
        if (this.clientID == null || this.clientID.length() == 0 || this.clientID.trim().equals("<<to be replaced>>")) {
            throw new IllegalArgumentException("Property 'clientId' needs to be provided. The value should be clientId of your Twitter application");
        }
        if (this.clientSecret == null || this.clientSecret.length() == 0 || this.clientSecret.trim().equals("<<to be replaced>>")) {
            throw new IllegalArgumentException("Property 'clientSecret' needs to be provided. The value should be clientSecret of your Twitter application");
        }
        if (value == null || value.length() == 0) {
            this.redirectURL = "http://localhost:8080/" + exoContainerContext.getName() + OAuthConstants.TWITTER_AUTHENTICATION_URL_PATH;
        } else {
            this.redirectURL = value.replaceAll("@@portal.container.name@@", exoContainerContext.getName());
        }
        this.chunkLength = OAuthPersistenceUtils.getChunkLength(initParams);
        if (log.isDebugEnabled()) {
            log.debug("configuration: clientId=" + this.clientID + ", clientSecret=" + this.clientSecret + ", redirectURL=" + this.redirectURL + ", chunkLength=" + this.chunkLength);
        }
        ConfigurationBuilder configurationBuilder = new ConfigurationBuilder();
        configurationBuilder.setOAuthConsumerKey(this.clientID).setOAuthConsumerSecret(this.clientSecret);
        this.twitterFactory = new TwitterFactory(configurationBuilder.build());
    }

    @Override // org.gatein.security.oauth.spi.OAuthProviderProcessor
    public InteractionState<TwitterAccessTokenContext> processOAuthInteraction(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, OAuthException {
        Twitter twitterFactory = this.twitterFactory.getInstance();
        HttpSession session = httpServletRequest.getSession();
        RequestToken requestToken = (RequestToken) session.getAttribute(OAuthConstants.ATTRIBUTE_TWITTER_REQUEST_TOKEN);
        try {
            if (requestToken == null) {
                RequestToken oAuthRequestToken = twitterFactory.getOAuthRequestToken(this.redirectURL);
                session.setAttribute(OAuthConstants.ATTRIBUTE_TWITTER_REQUEST_TOKEN, oAuthRequestToken);
                if (log.isTraceEnabled()) {
                    log.trace("RequestToken obtained from twitter. Redirecting to Twitter for authorization");
                }
                httpServletResponse.sendRedirect(oAuthRequestToken.getAuthenticationURL());
                return new InteractionState<>(InteractionState.State.AUTH, null);
            }
            String parameter = httpServletRequest.getParameter(OAuthConstants.OAUTH_VERIFIER);
            if (httpServletRequest.getParameter(OAuthConstants.OAUTH_DENIED) != null) {
                throw new OAuthException(OAuthExceptionCode.USER_DENIED_SCOPE, "User denied scope on Twitter authorization page");
            }
            AccessToken oAuthAccessToken = twitterFactory.getOAuthAccessToken(requestToken, parameter);
            if (log.isTraceEnabled()) {
                log.trace("Twitter accessToken: " + oAuthAccessToken);
            }
            session.removeAttribute(OAuthConstants.ATTRIBUTE_TWITTER_REQUEST_TOKEN);
            return new InteractionState<>(InteractionState.State.FINISH, new TwitterAccessTokenContext(oAuthAccessToken.getToken(), oAuthAccessToken.getTokenSecret()));
        } catch (TwitterException e) {
            throw new OAuthException(OAuthExceptionCode.TWITTER_ERROR, (Throwable) e);
        }
    }

    @Override // org.gatein.security.oauth.spi.OAuthProviderProcessor
    public InteractionState<TwitterAccessTokenContext> processOAuthInteraction(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException, OAuthException {
        throw new OAuthException(OAuthExceptionCode.TWITTER_ERROR, "This is currently not supported for Twitter");
    }

    @Override // org.gatein.security.oauth.spi.OAuthProviderProcessor
    public <C> C getAuthorizedSocialApiObject(TwitterAccessTokenContext twitterAccessTokenContext, Class<C> cls) {
        if (Twitter.class.equals(cls)) {
            return cls.cast(getAuthorizedTwitterInstance(twitterAccessTokenContext));
        }
        if (!log.isDebugEnabled()) {
            return null;
        }
        log.debug("Class '" + cls + "' not supported by this processor");
        return null;
    }

    @Override // org.gatein.security.oauth.twitter.TwitterProcessor
    public Twitter getAuthorizedTwitterInstance(TwitterAccessTokenContext twitterAccessTokenContext) {
        ConfigurationBuilder configurationBuilder = new ConfigurationBuilder();
        configurationBuilder.setOAuthConsumerKey(this.clientID).setOAuthConsumerSecret(this.clientSecret);
        configurationBuilder.setOAuthAccessToken(twitterAccessTokenContext.getAccessToken());
        configurationBuilder.setOAuthAccessTokenSecret(twitterAccessTokenContext.getAccessTokenSecret());
        return new TwitterFactory(configurationBuilder.build()).getInstance();
    }

    @Override // org.gatein.security.oauth.spi.OAuthProviderProcessor
    public void saveAccessTokenAttributesToUserProfile(UserProfile userProfile, OAuthCodec oAuthCodec, TwitterAccessTokenContext twitterAccessTokenContext) {
        String encodeString = oAuthCodec.encodeString(twitterAccessTokenContext.getAccessToken());
        String encodeString2 = oAuthCodec.encodeString(twitterAccessTokenContext.getAccessTokenSecret());
        OAuthPersistenceUtils.saveLongAttribute(encodeString, userProfile, OAuthConstants.PROFILE_TWITTER_ACCESS_TOKEN, false, this.chunkLength);
        OAuthPersistenceUtils.saveLongAttribute(encodeString2, userProfile, OAuthConstants.PROFILE_TWITTER_ACCESS_TOKEN_SECRET, false, this.chunkLength);
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.gatein.security.oauth.spi.OAuthProviderProcessor
    public TwitterAccessTokenContext getAccessTokenFromUserProfile(UserProfile userProfile, OAuthCodec oAuthCodec) {
        String longAttribute = OAuthPersistenceUtils.getLongAttribute(userProfile, OAuthConstants.PROFILE_TWITTER_ACCESS_TOKEN, false);
        String longAttribute2 = OAuthPersistenceUtils.getLongAttribute(userProfile, OAuthConstants.PROFILE_TWITTER_ACCESS_TOKEN_SECRET, false);
        String decodeString = oAuthCodec.decodeString(longAttribute);
        String decodeString2 = oAuthCodec.decodeString(longAttribute2);
        if (decodeString == null || decodeString2 == null) {
            return null;
        }
        return new TwitterAccessTokenContext(decodeString, decodeString2);
    }

    @Override // org.gatein.security.oauth.spi.OAuthProviderProcessor
    public TwitterAccessTokenContext validateTokenAndUpdateScopes(TwitterAccessTokenContext twitterAccessTokenContext) throws OAuthException {
        try {
            getAuthorizedTwitterInstance(twitterAccessTokenContext).verifyCredentials();
            return twitterAccessTokenContext;
        } catch (TwitterException e) {
            if (e.getStatusCode() == 401) {
                throw new OAuthException(OAuthExceptionCode.ACCESS_TOKEN_ERROR, "Error when verifying twitter access token: " + e.getMessage(), (Throwable) e);
            }
            throw new OAuthException(OAuthExceptionCode.IO_ERROR, "IO Error when obtaining tokenInfo: " + e.getClass() + ": " + e.getMessage(), (Throwable) e);
        }
    }

    @Override // org.gatein.security.oauth.spi.OAuthProviderProcessor
    public void removeAccessTokenFromUserProfile(UserProfile userProfile) {
        OAuthPersistenceUtils.removeLongAttribute(userProfile, OAuthConstants.PROFILE_TWITTER_ACCESS_TOKEN, false);
        OAuthPersistenceUtils.removeLongAttribute(userProfile, OAuthConstants.PROFILE_TWITTER_ACCESS_TOKEN_SECRET, false);
    }

    @Override // org.gatein.security.oauth.spi.OAuthProviderProcessor
    public void revokeToken(TwitterAccessTokenContext twitterAccessTokenContext) {
    }
}
