package eu.openanalytics.containerproxy.ui;

import eu.openanalytics.containerproxy.api.BaseController;
import eu.openanalytics.containerproxy.auth.IAuthenticationBackend;
import eu.openanalytics.containerproxy.auth.impl.OpenIDAuthenticationBackend;
import eu.openanalytics.containerproxy.auth.impl.SAMLAuthenticationBackend;
import eu.openanalytics.containerproxy.event.AuthFailedEvent;
import jakarta.servlet.http.HttpServletRequest;
import java.util.Optional;
import javax.inject.Inject;
import org.springframework.context.ApplicationEvent;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.core.env.Environment;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
import org.springframework.web.servlet.view.RedirectView;

@Controller
/* loaded from: input_file:BOOT-INF/lib/containerproxy-1.2.0.jar:eu/openanalytics/containerproxy/ui/AuthController.class */
public class AuthController extends BaseController {
    public static final String AUTH_SUCCESS_URL = "/auth-success";
    public static final String AUTH_SUCCESS_URL_SESSION_ATTR = "AUTH_SUCCESS_URL_SESSION_ATTR";

    @Inject
    private Environment environment;

    @Inject
    private IAuthenticationBackend auth;

    @Inject
    private ApplicationEventPublisher applicationEventPublisher;

    @RequestMapping(value = {DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL}, method = {RequestMethod.GET})
    public Object getLoginPage(@RequestParam Optional<String> optional, ModelMap modelMap) {
        prepareMap(modelMap);
        if (optional.isPresent()) {
            if (optional.get().equals("expired")) {
                modelMap.put("error", "You took too long to login, please try again");
            } else {
                modelMap.put("error", "Invalid user name or password");
            }
        }
        return this.auth instanceof OpenIDAuthenticationBackend ? new RedirectView(((OpenIDAuthenticationBackend) this.auth).getLoginRedirectURI()) : this.auth instanceof SAMLAuthenticationBackend ? new RedirectView(((SAMLAuthenticationBackend) this.auth).getLoginRedirectURI()) : "login";
    }

    @RequestMapping(value = {AUTH_SUCCESS_URL}, method = {RequestMethod.GET})
    public String authSuccess(ModelMap modelMap, HttpServletRequest httpServletRequest) {
        prepareMap(modelMap);
        modelMap.put("url", ServletUriComponentsBuilder.fromCurrentContextPath().path("/").build().toUriString());
        Object attribute = httpServletRequest.getSession().getAttribute(AUTH_SUCCESS_URL_SESSION_ATTR);
        if (!(attribute instanceof String)) {
            return "auth-success";
        }
        String str = (String) attribute;
        httpServletRequest.getSession().removeAttribute(AUTH_SUCCESS_URL_SESSION_ATTR);
        if (!str.startsWith(ServletUriComponentsBuilder.fromCurrentContextPath().build().toUriString())) {
            return "auth-success";
        }
        modelMap.put("url", attribute);
        return "auth-success";
    }

    @RequestMapping(value = {"/auth-error"}, method = {RequestMethod.GET})
    public String getAuthErrorPage(ModelMap modelMap) {
        this.applicationEventPublisher.publishEvent((ApplicationEvent) new AuthFailedEvent(this, "user-unknown-reported-by-auth-error-page"));
        prepareMap(modelMap);
        modelMap.put("application_name", this.environment.getProperty("spring.application.name"));
        modelMap.put("mainPage", ServletUriComponentsBuilder.fromCurrentContextPath().build().toUriString());
        return "auth-error";
    }

    @RequestMapping(value = {"/app-access-denied"}, method = {RequestMethod.GET})
    public String getAppAccessDeniedPage(ModelMap modelMap) {
        prepareMap(modelMap);
        return "app-access-denied";
    }

    @RequestMapping(value = {"/logout-success"}, method = {RequestMethod.GET})
    public String getLogoutSuccessPage(ModelMap modelMap) {
        prepareMap(modelMap);
        return "logout-success";
    }
}
