package it.geosolutions.geostore.services.rest.security.oauth2.openid_connect;

import it.geosolutions.geostore.services.rest.IdPLoginRest;
import it.geosolutions.geostore.services.rest.security.oauth2.OAuth2Utils;
import it.geosolutions.geostore.services.rest.security.oauth2.Oauth2LoginService;
import it.geosolutions.geostore.services.rest.security.oauth2.TokenDetails;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.core.Response;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;

/* loaded from: input_file:it/geosolutions/geostore/services/rest/security/oauth2/openid_connect/OpenIdConnectLoginService.class */
public class OpenIdConnectLoginService extends Oauth2LoginService {
    static final /* synthetic */ boolean $assertionsDisabled;

    public OpenIdConnectLoginService(IdPLoginRest idPLoginRest) {
        idPLoginRest.registerService("oidc", this);
    }

    @Override // it.geosolutions.geostore.services.rest.security.oauth2.Oauth2LoginService
    public Response doInternalRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        Authentication authentication;
        String accessToken = OAuth2Utils.getAccessToken();
        String refreshAccessToken = OAuth2Utils.getRefreshAccessToken();
        RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        if (accessToken == null && SecurityContextHolder.getContext() != null && requestAttributes != null && (authentication = SecurityContextHolder.getContext().getAuthentication()) != null && authentication.getDetails() != null && (authentication.getDetails() instanceof TokenDetails)) {
            TokenDetails tokenDetails = (TokenDetails) authentication.getDetails();
            OAuth2AccessToken accessToken2 = tokenDetails.getAccessToken();
            if (accessToken2 != null) {
                accessToken = accessToken2.getValue();
                requestAttributes.setAttribute(OAuth2Utils.ACCESS_TOKEN_PARAM, accessToken2, 0);
                requestAttributes.setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_VALUE, accessToken, 0);
                if (accessToken2.getRefreshToken().getValue() != null) {
                    refreshAccessToken = accessToken2.getRefreshToken().getValue();
                    requestAttributes.setAttribute(OAuth2Utils.REFRESH_TOKEN_PARAM, accessToken2.getRefreshToken().getValue(), 0);
                }
            }
            if (tokenDetails.getIdToken() != null) {
                requestAttributes.setAttribute(OAuth2Utils.ID_TOKEN_PARAM, tokenDetails.getIdToken(), 0);
                requestAttributes.setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_VALUE, tokenDetails.getIdToken(), 0);
            }
        }
        if (!$assertionsDisabled && requestAttributes == null) {
            throw new AssertionError();
        }
        requestAttributes.setAttribute("PROVIDER", str, 0);
        return buildCallbackResponse(httpServletResponse, accessToken, refreshAccessToken, str);
    }

    static {
        $assertionsDisabled = !OpenIdConnectLoginService.class.desiredAssertionStatus();
    }
}
