package com.elitescloud.boot.auth.provider.config.servlet.oauth2.handler;

import com.elitescloud.cloudt.common.base.ApiCode;
import com.elitescloud.cloudt.common.base.ApiResult;
import com.elitescloud.cloudt.context.util.HttpServletUtil;
import java.io.IOException;
import java.util.HashMap;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationException;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AuthorizationCodeRequestAuthenticationToken;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.util.StringUtils;
import org.springframework.web.util.UriComponentsBuilder;

/* loaded from: input_file:com/elitescloud/boot/auth/provider/config/servlet/oauth2/handler/OAuth2AuthorizationErrorResponseHandler.class */
public class OAuth2AuthorizationErrorResponseHandler extends AbstractOAuth2ServerHandler implements AuthenticationFailureHandler {
    private static final Logger log = LogManager.getLogger(OAuth2AuthorizationErrorResponseHandler.class);

    public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        log.info("OAuth2认证异常：", authenticationException);
        if (super.supportRedirect(httpServletRequest)) {
            sendErrorResponse(httpServletRequest, httpServletResponse, authenticationException);
        } else {
            sendErrorResponseByJson(httpServletRequest, httpServletResponse, authenticationException);
        }
    }

    private void sendErrorResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException {
        OAuth2AuthorizationCodeRequestAuthenticationException oAuth2AuthorizationCodeRequestAuthenticationException = (OAuth2AuthorizationCodeRequestAuthenticationException) authenticationException;
        OAuth2Error error = oAuth2AuthorizationCodeRequestAuthenticationException.getError();
        OAuth2AuthorizationCodeRequestAuthenticationToken authorizationCodeRequestAuthentication = oAuth2AuthorizationCodeRequestAuthenticationException.getAuthorizationCodeRequestAuthentication();
        if (authorizationCodeRequestAuthentication == null || !StringUtils.hasText(authorizationCodeRequestAuthentication.getRedirectUri())) {
            HttpServletUtil.writeJsonIgnoreException(httpServletResponse, error);
            return;
        }
        UriComponentsBuilder queryParam = UriComponentsBuilder.fromUriString(authorizationCodeRequestAuthentication.getRedirectUri()).queryParam("error", new Object[]{error.getErrorCode()});
        if (StringUtils.hasText(error.getDescription())) {
            queryParam.queryParam("error_description", new Object[]{error.getDescription()});
        }
        if (StringUtils.hasText(error.getUri())) {
            queryParam.queryParam("error_uri", new Object[]{error.getUri()});
        }
        if (StringUtils.hasText(authorizationCodeRequestAuthentication.getState())) {
            queryParam.queryParam("state", new Object[]{authorizationCodeRequestAuthentication.getState()});
        }
        ((AbstractOAuth2ServerHandler) this).redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, queryParam.toUriString());
    }

    private void sendErrorResponseByJson(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException {
        OAuth2AuthorizationCodeRequestAuthenticationException oAuth2AuthorizationCodeRequestAuthenticationException = (OAuth2AuthorizationCodeRequestAuthenticationException) authenticationException;
        OAuth2Error error = oAuth2AuthorizationCodeRequestAuthenticationException.getError();
        OAuth2AuthorizationCodeRequestAuthenticationToken authorizationCodeRequestAuthentication = oAuth2AuthorizationCodeRequestAuthenticationException.getAuthorizationCodeRequestAuthentication();
        if (authorizationCodeRequestAuthentication == null) {
            writeResponse(httpServletResponse, ApiResult.fail("请求方式或参数有误"), HttpStatus.BAD_REQUEST);
            return;
        }
        HashMap hashMap = new HashMap();
        hashMap.put("error", error.getErrorCode());
        if (StringUtils.hasText(error.getDescription())) {
            hashMap.put("error_description", error.getDescription());
        }
        if (StringUtils.hasText(error.getUri())) {
            hashMap.put("error_uri", error.getUri());
        }
        if (StringUtils.hasText(authorizationCodeRequestAuthentication.getState())) {
            hashMap.put("state", authorizationCodeRequestAuthentication.getState());
        }
        writeResponse(httpServletResponse, ApiResult.fail(ApiCode.UNAUTHORIZED, hashMap), HttpStatus.UNAUTHORIZED);
    }
}
