package org.apache.sling.auth.oauth_client.support;

import java.io.IOException;
import java.util.Objects;
import javax.servlet.ServletException;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.servlets.SlingAllMethodsServlet;
import org.apache.sling.auth.oauth_client.ClientConnection;
import org.apache.sling.auth.oauth_client.OAuthTokenAccess;
import org.apache.sling.auth.oauth_client.OAuthTokenResponse;
import org.apache.sling.auth.oauth_client.impl.OAuthCookieValue;
import org.apache.sling.auth.oauth_client.impl.OAuthToken;
import org.apache.sling.auth.oauth_client.impl.TokenState;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/sling/auth/oauth_client/support/OAuthEnabledSlingServlet.class */
public abstract class OAuthEnabledSlingServlet extends SlingAllMethodsServlet {
    private static final long serialVersionUID = 1;
    private final Logger logger = LoggerFactory.getLogger(getClass());
    private final ClientConnection connection;
    private final OAuthTokenAccess tokenAccess;

    protected OAuthEnabledSlingServlet(@NotNull ClientConnection clientConnection, @NotNull OAuthTokenAccess oAuthTokenAccess) {
        this.connection = (ClientConnection) Objects.requireNonNull(clientConnection, "connection may not null");
        this.tokenAccess = (OAuthTokenAccess) Objects.requireNonNull(oAuthTokenAccess, "tokenAccess may not null");
    }

    protected void doGet(@NotNull SlingHttpServletRequest slingHttpServletRequest, @NotNull SlingHttpServletResponse slingHttpServletResponse) throws ServletException, IOException {
        handleRequestWithToken(slingHttpServletRequest, slingHttpServletResponse, "GET");
    }

    protected void doPost(@NotNull SlingHttpServletRequest slingHttpServletRequest, @NotNull SlingHttpServletResponse slingHttpServletResponse) throws ServletException, IOException {
        handleRequestWithToken(slingHttpServletRequest, slingHttpServletResponse, "POST");
    }

    protected void doDelete(@NotNull SlingHttpServletRequest slingHttpServletRequest, @NotNull SlingHttpServletResponse slingHttpServletResponse) throws ServletException, IOException {
        handleRequestWithToken(slingHttpServletRequest, slingHttpServletResponse, "DELETE");
    }

    protected void doPut(@NotNull SlingHttpServletRequest slingHttpServletRequest, @NotNull SlingHttpServletResponse slingHttpServletResponse) throws ServletException, IOException {
        handleRequestWithToken(slingHttpServletRequest, slingHttpServletResponse, "PUT");
    }

    protected void doGeneric(@NotNull SlingHttpServletRequest slingHttpServletRequest, @NotNull SlingHttpServletResponse slingHttpServletResponse) throws ServletException, IOException {
        handleRequestWithToken(slingHttpServletRequest, slingHttpServletResponse, slingHttpServletRequest.getMethod());
    }

    private void handleRequestWithToken(@NotNull SlingHttpServletRequest slingHttpServletRequest, @NotNull SlingHttpServletResponse slingHttpServletResponse, String str) throws ServletException, IOException {
        if (slingHttpServletRequest.getRemoteUser() == null) {
            slingHttpServletResponse.sendError(401, "User is not authenticated");
            return;
        }
        String str2 = (String) Objects.requireNonNull(getRedirectPath(slingHttpServletRequest), "getRedirectPath() may not return null");
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Configured with connection (name={}) and redirectPath={}", this.connection.name(), str2);
        }
        OAuthTokenResponse accessToken = this.tokenAccess.getAccessToken(this.connection, slingHttpServletRequest, str2);
        if (!accessToken.hasValidToken()) {
            slingHttpServletResponse.sendRedirect(accessToken.getRedirectUri().toString());
            return;
        }
        OAuthToken oAuthToken = new OAuthToken(TokenState.VALID, accessToken.getTokenValue());
        try {
            boolean z = -1;
            switch (str.hashCode()) {
                case 70454:
                    if (str.equals("GET")) {
                        z = false;
                        break;
                    }
                    break;
                case 79599:
                    if (str.equals("PUT")) {
                        z = 2;
                        break;
                    }
                    break;
                case 2461856:
                    if (str.equals("POST")) {
                        z = true;
                        break;
                    }
                    break;
                case 2012838315:
                    if (str.equals("DELETE")) {
                        z = 3;
                        break;
                    }
                    break;
            }
            switch (z) {
                case OAuthCookieValue.STATE_INDEX /* 0 */:
                    doGetWithToken(slingHttpServletRequest, slingHttpServletResponse, oAuthToken.getValue());
                    break;
                case OAuthCookieValue.CONNECTION_NAME_INDEX /* 1 */:
                    doPostWithToken(slingHttpServletRequest, slingHttpServletResponse, oAuthToken.getValue());
                    break;
                case OAuthCookieValue.REDIRECT_INDEX /* 2 */:
                    doPutWithToken(slingHttpServletRequest, slingHttpServletResponse, oAuthToken.getValue());
                    break;
                case OAuthCookieValue.NONCE_INDEX /* 3 */:
                    doDeleteWithToken(slingHttpServletRequest, slingHttpServletResponse, oAuthToken.getValue());
                    break;
                default:
                    doGenericWithToken(slingHttpServletRequest, slingHttpServletResponse, oAuthToken.getValue());
                    break;
            }
        } catch (IOException | ServletException e) {
            if (!isInvalidAccessTokenException(e)) {
                throw e;
            }
            this.logger.warn("Invalid access token, clearing exiting token and restarting OAuth flow", e);
            slingHttpServletResponse.sendRedirect(this.tokenAccess.clearAccessToken(this.connection, slingHttpServletRequest, str2).getRedirectUri().toString());
        }
    }

    @NotNull
    protected String getRedirectPath(@NotNull SlingHttpServletRequest slingHttpServletRequest) {
        return slingHttpServletRequest.getRequestURI();
    }

    protected void doGetWithToken(@NotNull SlingHttpServletRequest slingHttpServletRequest, @NotNull SlingHttpServletResponse slingHttpServletResponse, String str) throws IOException, ServletException {
        handleMethodNotImplemented(slingHttpServletRequest, slingHttpServletResponse);
    }

    protected void doPostWithToken(@NotNull SlingHttpServletRequest slingHttpServletRequest, @NotNull SlingHttpServletResponse slingHttpServletResponse, String str) throws IOException, ServletException {
        handleMethodNotImplemented(slingHttpServletRequest, slingHttpServletResponse);
    }

    protected void doPutWithToken(@NotNull SlingHttpServletRequest slingHttpServletRequest, @NotNull SlingHttpServletResponse slingHttpServletResponse, String str) throws IOException, ServletException {
        handleMethodNotImplemented(slingHttpServletRequest, slingHttpServletResponse);
    }

    protected void doDeleteWithToken(@NotNull SlingHttpServletRequest slingHttpServletRequest, @NotNull SlingHttpServletResponse slingHttpServletResponse, String str) throws IOException, ServletException {
        handleMethodNotImplemented(slingHttpServletRequest, slingHttpServletResponse);
    }

    protected void doGenericWithToken(@NotNull SlingHttpServletRequest slingHttpServletRequest, @NotNull SlingHttpServletResponse slingHttpServletResponse, String str) throws IOException, ServletException {
        handleMethodNotImplemented(slingHttpServletRequest, slingHttpServletResponse);
    }

    protected boolean isInvalidAccessTokenException(Exception exc) {
        return false;
    }
}
