package org.apache.shindig.gadgets.oauth;

import com.google.inject.Inject;
import java.net.URI;
import java.net.URISyntaxException;
import net.oauth.OAuthServiceProvider;
import org.apache.commons.lang.StringUtils;
import org.apache.shindig.auth.SecurityToken;
import org.apache.shindig.gadgets.GadgetException;
import org.apache.shindig.gadgets.GadgetSpecFactory;
import org.apache.shindig.gadgets.oauth.AccessorInfo;
import org.apache.shindig.gadgets.oauth.OAuthResponseParams;
import org.apache.shindig.gadgets.oauth.OAuthStore;
import org.apache.shindig.gadgets.spec.GadgetSpec;
import org.apache.shindig.gadgets.spec.OAuthService;
import org.apache.shindig.gadgets.spec.OAuthSpec;

/* loaded from: input_file:org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.class */
public class GadgetOAuthTokenStore {
    private final OAuthStore store;
    private final GadgetSpecFactory specFactory;

    @Inject
    public GadgetOAuthTokenStore(OAuthStore oAuthStore, GadgetSpecFactory gadgetSpecFactory) {
        this.store = oAuthStore;
        this.specFactory = gadgetSpecFactory;
    }

    public AccessorInfo getOAuthAccessor(SecurityToken securityToken, OAuthArguments oAuthArguments, OAuthClientState oAuthClientState, OAuthResponseParams oAuthResponseParams) throws OAuthResponseParams.OAuthRequestException {
        AccessorInfoBuilder accessorInfoBuilder = new AccessorInfoBuilder();
        OAuthServiceProvider oAuthServiceProvider = null;
        if (oAuthArguments.mayUseToken()) {
            oAuthServiceProvider = lookupSpecInfo(securityToken, oAuthArguments, accessorInfoBuilder, oAuthResponseParams);
        } else {
            accessorInfoBuilder.setParameterLocation(AccessorInfo.OAuthParamLocation.URI_QUERY);
        }
        try {
            OAuthStore.ConsumerInfo consumerKeyAndSecret = this.store.getConsumerKeyAndSecret(securityToken, oAuthArguments.getServiceName(), oAuthServiceProvider);
            accessorInfoBuilder.setConsumer(consumerKeyAndSecret);
            if (oAuthArguments.mayUseToken() && securityToken.getOwnerId() != null && securityToken.getViewerId().equals(securityToken.getOwnerId())) {
                lookupToken(securityToken, consumerKeyAndSecret, oAuthArguments, oAuthClientState, accessorInfoBuilder, oAuthResponseParams);
            }
            return accessorInfoBuilder.create(oAuthResponseParams);
        } catch (GadgetException e) {
            throw oAuthResponseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "Unable to retrieve consumer key", e);
        }
    }

    private OAuthServiceProvider lookupSpecInfo(SecurityToken securityToken, OAuthArguments oAuthArguments, AccessorInfoBuilder accessorInfoBuilder, OAuthResponseParams oAuthResponseParams) throws OAuthResponseParams.OAuthRequestException {
        OAuthSpec oAuthSpec = findSpec(securityToken, oAuthArguments, oAuthResponseParams).getModulePrefs().getOAuthSpec();
        if (oAuthSpec == null) {
            throw oAuthResponseParams.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION, "Failed to retrieve OAuth URLs, spec for gadget " + securityToken.getAppUrl() + " does not contain OAuth element.");
        }
        OAuthService oAuthService = oAuthSpec.getServices().get(oAuthArguments.getServiceName());
        if (oAuthService == null) {
            throw oAuthResponseParams.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION, "Failed to retrieve OAuth URLs, spec for gadget does not contain OAuth service " + oAuthArguments.getServiceName() + ".  Known services: " + StringUtils.join(oAuthSpec.getServices().keySet(), ',') + '.');
        }
        accessorInfoBuilder.setParameterLocation(getStoreLocation(oAuthService.getRequestUrl().location, oAuthResponseParams));
        accessorInfoBuilder.setMethod(getStoreMethod(oAuthService.getRequestUrl().method, oAuthResponseParams));
        return new OAuthServiceProvider(oAuthService.getRequestUrl().url.toJavaUri().toASCIIString(), oAuthService.getAuthorizationUrl().toJavaUri().toASCIIString(), oAuthService.getAccessUrl().url.toJavaUri().toASCIIString());
    }

    private void lookupToken(SecurityToken securityToken, OAuthStore.ConsumerInfo consumerInfo, OAuthArguments oAuthArguments, OAuthClientState oAuthClientState, AccessorInfoBuilder accessorInfoBuilder, OAuthResponseParams oAuthResponseParams) throws OAuthResponseParams.OAuthRequestException {
        if (oAuthClientState.getRequestToken() != null) {
            accessorInfoBuilder.setRequestToken(oAuthClientState.getRequestToken());
            accessorInfoBuilder.setTokenSecret(oAuthClientState.getRequestTokenSecret());
            return;
        }
        if (oAuthClientState.getAccessToken() != null) {
            accessorInfoBuilder.setAccessToken(oAuthClientState.getAccessToken());
            accessorInfoBuilder.setTokenSecret(oAuthClientState.getAccessTokenSecret());
            accessorInfoBuilder.setSessionHandle(oAuthClientState.getSessionHandle());
            accessorInfoBuilder.setTokenExpireMillis(oAuthClientState.getTokenExpireMillis());
            return;
        }
        try {
            OAuthStore.TokenInfo tokenInfo = this.store.getTokenInfo(securityToken, consumerInfo, oAuthArguments.getServiceName(), oAuthArguments.getTokenName());
            if (tokenInfo == null || tokenInfo.getAccessToken() == null) {
                accessorInfoBuilder.setRequestToken(oAuthArguments.getRequestToken());
                accessorInfoBuilder.setTokenSecret(oAuthArguments.getRequestTokenSecret());
            } else {
                accessorInfoBuilder.setAccessToken(tokenInfo.getAccessToken());
                accessorInfoBuilder.setTokenSecret(tokenInfo.getTokenSecret());
                accessorInfoBuilder.setSessionHandle(tokenInfo.getSessionHandle());
                accessorInfoBuilder.setTokenExpireMillis(tokenInfo.getTokenExpireMillis());
            }
        } catch (GadgetException e) {
            throw oAuthResponseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "Unable to retrieve access token", e);
        }
    }

    private AccessorInfo.OAuthParamLocation getStoreLocation(OAuthService.Location location, OAuthResponseParams oAuthResponseParams) throws OAuthResponseParams.OAuthRequestException {
        switch (location) {
            case HEADER:
                return AccessorInfo.OAuthParamLocation.AUTH_HEADER;
            case URL:
                return AccessorInfo.OAuthParamLocation.URI_QUERY;
            case BODY:
                return AccessorInfo.OAuthParamLocation.POST_BODY;
            default:
                throw oAuthResponseParams.oauthRequestException(OAuthError.INVALID_REQUEST, "Unknown parameter location " + location);
        }
    }

    private AccessorInfo.HttpMethod getStoreMethod(OAuthService.Method method, OAuthResponseParams oAuthResponseParams) throws OAuthResponseParams.OAuthRequestException {
        switch (method) {
            case GET:
                return AccessorInfo.HttpMethod.GET;
            case POST:
                return AccessorInfo.HttpMethod.POST;
            default:
                throw oAuthResponseParams.oauthRequestException(OAuthError.INVALID_REQUEST, "Unknown method " + method);
        }
    }

    private GadgetSpec findSpec(SecurityToken securityToken, OAuthArguments oAuthArguments, OAuthResponseParams oAuthResponseParams) throws OAuthResponseParams.OAuthRequestException {
        try {
            return this.specFactory.getGadgetSpec(new URI(securityToken.getAppUrl()), oAuthArguments.getBypassSpecCache());
        } catch (URISyntaxException e) {
            throw oAuthResponseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "Could not fetch gadget spec, gadget URI invalid.", e);
        } catch (GadgetException e2) {
            throw oAuthResponseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "Could not fetch gadget spec", e2);
        }
    }

    public void storeTokenKeyAndSecret(SecurityToken securityToken, OAuthStore.ConsumerInfo consumerInfo, OAuthArguments oAuthArguments, OAuthStore.TokenInfo tokenInfo, OAuthResponseParams oAuthResponseParams) throws OAuthResponseParams.OAuthRequestException {
        try {
            this.store.setTokenInfo(securityToken, consumerInfo, oAuthArguments.getServiceName(), oAuthArguments.getTokenName(), tokenInfo);
        } catch (GadgetException e) {
            throw oAuthResponseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "Unable to store access token", e);
        }
    }

    public void removeToken(SecurityToken securityToken, OAuthStore.ConsumerInfo consumerInfo, OAuthArguments oAuthArguments, OAuthResponseParams oAuthResponseParams) throws OAuthResponseParams.OAuthRequestException {
        try {
            this.store.removeToken(securityToken, consumerInfo, oAuthArguments.getServiceName(), oAuthArguments.getTokenName());
        } catch (GadgetException e) {
            throw oAuthResponseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "Unable to remove access token", e);
        }
    }
}
