package com.elitescloud.cloudt.authorization.api.provider.config.servlet.oauth2.handler;

import com.elitescloud.cloudt.authorization.api.provider.config.servlet.oauth2.OAuth2AuthorizationCodeRequestCache;
import com.elitescloud.cloudt.authorization.sdk.resolver.UniqueRequestResolver;
import java.io.IOException;
import java.time.Duration;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationToken;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2AuthorizationCodeRequestAuthenticationConverter;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/elitescloud/cloudt/authorization/api/provider/config/servlet/oauth2/handler/OAuth2ServerLoginUrlAuthenticationEntryPointHandler.class */
public class OAuth2ServerLoginUrlAuthenticationEntryPointHandler extends LoginUrlAuthenticationEntryPoint {
    private static final Duration CODE_REQUEST_TTL = Duration.ofMinutes(20);
    private final RegisteredClientRepository registeredClientRepository;
    private final OAuth2AuthorizationCodeRequestCache authorizationCodeRequestCache;
    private UniqueRequestResolver uniqueRequestResolver;
    private final ThreadLocal<String> seqLocal;

    public OAuth2ServerLoginUrlAuthenticationEntryPointHandler(String str, RegisteredClientRepository registeredClientRepository, OAuth2AuthorizationCodeRequestCache oAuth2AuthorizationCodeRequestCache) {
        super(str);
        this.uniqueRequestResolver = null;
        this.seqLocal = new ThreadLocal<>();
        this.registeredClientRepository = registeredClientRepository;
        this.authorizationCodeRequestCache = oAuth2AuthorizationCodeRequestCache;
    }

    public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        if (this.uniqueRequestResolver != null) {
            OAuth2AuthorizationCodeRequestAuthenticationToken convert = new OAuth2AuthorizationCodeRequestAuthenticationConverter().convert(httpServletRequest);
            String signRequest = this.uniqueRequestResolver.signRequest(httpServletResponse);
            this.seqLocal.set(signRequest);
            this.authorizationCodeRequestCache.setAuthenticationToken(signRequest, convert, CODE_REQUEST_TTL);
        }
        try {
            super.commence(httpServletRequest, httpServletResponse, authenticationException);
            this.seqLocal.remove();
        } catch (Throwable th) {
            this.seqLocal.remove();
            throw th;
        }
    }

    protected String determineUrlToUseForThisRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) {
        String obtainClientLoginPage = obtainClientLoginPage(httpServletRequest);
        if (!StringUtils.hasText(obtainClientLoginPage)) {
            return super.determineUrlToUseForThisRequest(httpServletRequest, httpServletResponse, authenticationException);
        }
        String str = this.seqLocal.get();
        if (StringUtils.hasText(str)) {
            obtainClientLoginPage = (obtainClientLoginPage.contains("?") ? obtainClientLoginPage + "&" : obtainClientLoginPage + "?") + "Urq=" + str;
        }
        return obtainClientLoginPage;
    }

    public void setUniqueRequestResolver(UniqueRequestResolver uniqueRequestResolver) {
        this.uniqueRequestResolver = uniqueRequestResolver;
    }

    private String obtainClientLoginPage(HttpServletRequest httpServletRequest) {
        RegisteredClient findByClientId;
        String[] parameterValues = httpServletRequest.getParameterValues("client_id");
        if (parameterValues == null || parameterValues.length == 0 || (findByClientId = this.registeredClientRepository.findByClientId(parameterValues[0])) == null) {
            return null;
        }
        return (String) findByClientId.getClientSettings().getSetting("loginUrl");
    }
}
