package org.mitre.oauth2.web;

import com.google.gson.Gson;
import org.mitre.oauth2.model.SystemScope;
import org.mitre.oauth2.service.SystemScopeService;
import org.mitre.openid.connect.view.HttpCodeView;
import org.mitre.openid.connect.view.JsonEntityView;
import org.mitre.openid.connect.view.JsonErrorView;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

@RequestMapping({"/api/scopes"})
@Controller
@PreAuthorize("hasRole('ROLE_USER')")
/* loaded from: input_file:WEB-INF/lib/openid-connect-server-1.2.0.jar:org/mitre/oauth2/web/ScopeAPI.class */
public class ScopeAPI {
    public static final String URL = "api/scopes";

    @Autowired
    private SystemScopeService scopeService;
    private static final Logger logger = LoggerFactory.getLogger(ScopeAPI.class);
    private Gson gson = new Gson();

    @RequestMapping(value = {""}, method = {RequestMethod.GET}, produces = {"application/json"})
    public String getAll(ModelMap modelMap) {
        modelMap.put(JsonEntityView.ENTITY, this.scopeService.getAll());
        return JsonEntityView.VIEWNAME;
    }

    @RequestMapping(value = {"/{id}"}, method = {RequestMethod.GET}, produces = {"application/json"})
    public String getScope(@PathVariable("id") Long l, ModelMap modelMap) {
        SystemScope byId = this.scopeService.getById(l);
        if (byId != null) {
            modelMap.put(JsonEntityView.ENTITY, byId);
            return JsonEntityView.VIEWNAME;
        }
        logger.error("getScope failed; scope not found: " + l);
        modelMap.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
        modelMap.put(JsonErrorView.ERROR_MESSAGE, "The requested scope with id " + l + " could not be found.");
        return JsonErrorView.VIEWNAME;
    }

    @RequestMapping(value = {"/{id}"}, method = {RequestMethod.PUT}, produces = {"application/json"}, consumes = {"application/json"})
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    public String updateScope(@PathVariable("id") Long l, @RequestBody String str, ModelMap modelMap) {
        SystemScope byId = this.scopeService.getById(l);
        SystemScope systemScope = (SystemScope) this.gson.fromJson(str, SystemScope.class);
        if (byId == null || systemScope == null) {
            logger.error("updateScope failed; scope with id " + l + " not found.");
            modelMap.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
            modelMap.put(JsonErrorView.ERROR_MESSAGE, "Could not update scope. The scope with id " + l + " could not be found.");
            return JsonErrorView.VIEWNAME;
        }
        if (byId.getId().equals(systemScope.getId())) {
            modelMap.put(JsonEntityView.ENTITY, this.scopeService.save(systemScope));
            return JsonEntityView.VIEWNAME;
        }
        logger.error("updateScope failed; scope ids to not match: got " + byId.getId() + " and " + systemScope.getId());
        modelMap.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
        modelMap.put(JsonErrorView.ERROR_MESSAGE, "Could not update scope. Scope ids to not match: got " + byId.getId() + " and " + systemScope.getId());
        return JsonErrorView.VIEWNAME;
    }

    @RequestMapping(value = {""}, method = {RequestMethod.POST}, produces = {"application/json"}, consumes = {"application/json"})
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    public String createScope(@RequestBody String str, ModelMap modelMap) {
        SystemScope systemScope = (SystemScope) this.gson.fromJson(str, SystemScope.class);
        if (this.scopeService.getByValue(systemScope.getValue()) != null) {
            logger.error("Error: attempting to save a scope with a value that already exists: " + systemScope.getValue());
            modelMap.put(HttpCodeView.CODE, HttpStatus.CONFLICT);
            modelMap.put(JsonErrorView.ERROR_MESSAGE, "A scope with value " + systemScope.getValue() + " already exists, please choose a different value.");
            return JsonErrorView.VIEWNAME;
        }
        SystemScope save = this.scopeService.save(systemScope);
        if (save != null && save.getId() != null) {
            modelMap.put(JsonEntityView.ENTITY, save);
            return JsonEntityView.VIEWNAME;
        }
        logger.error("createScope failed; JSON was invalid: " + str);
        modelMap.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
        modelMap.put(JsonErrorView.ERROR_MESSAGE, "Could not save new scope " + save + ". The scope service failed to return a saved entity.");
        return JsonErrorView.VIEWNAME;
    }

    @RequestMapping(value = {"/{id}"}, method = {RequestMethod.DELETE})
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    public String deleteScope(@PathVariable("id") Long l, ModelMap modelMap) {
        SystemScope byId = this.scopeService.getById(l);
        if (byId != null) {
            this.scopeService.remove(byId);
            return HttpCodeView.VIEWNAME;
        }
        logger.error("deleteScope failed; scope with id " + l + " not found.");
        modelMap.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
        modelMap.put(JsonErrorView.ERROR_MESSAGE, "Could not delete scope. The requested scope with id " + l + " could not be found.");
        return JsonErrorView.VIEWNAME;
    }
}
