package com.atlassian.oauth.serviceprovider.internal.servlet;

import aQute.bnd.annotation.component.Component;
import com.atlassian.annotations.VisibleForTesting;
import com.atlassian.oauth.Consumer;
import com.atlassian.oauth.serviceprovider.ServiceProviderConsumerStore;
import com.atlassian.oauth.serviceprovider.ServiceProviderToken;
import com.atlassian.oauth.serviceprovider.ServiceProviderTokenStore;
import com.atlassian.oauth.serviceprovider.internal.OAuthConverter;
import com.atlassian.oauth.serviceprovider.internal.TokenFactory;
import com.atlassian.sal.api.ApplicationProperties;
import com.atlassian.sal.api.transaction.TransactionTemplate;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Objects;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.oauth.OAuth;
import net.oauth.OAuthAccessor;
import net.oauth.OAuthMessage;
import net.oauth.OAuthProblemException;
import net.oauth.OAuthValidator;
import net.oauth.server.OAuthServlet;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;

/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-oauth-service-provider-plugin-5.0.7.jar:com/atlassian/oauth/serviceprovider/internal/servlet/RequestTokenServlet.class */
public class RequestTokenServlet extends TransactionalServlet {

    @VisibleForTesting
    static final String INVALID_CALLBACK_ADVICE = "As per OAuth spec version 1.0 Revision A Section 6.1 <http://oauth.net/core/1.0a#auth_step1>, the oauth_callback parameter is required and must be either a valid, absolute URI using the http or https scheme, or 'oob' if the callback has been established out of band. The following invalid URI was supplied '%s'";
    private final Logger log;
    private final ApplicationProperties applicationProperties;
    private final TokenFactory factory;
    private final OAuthValidator validator;
    private final OAuthConverter converter;
    private final ServiceProviderConsumerStore consumerStore;
    private final ServiceProviderTokenStore tokenStore;

    public RequestTokenServlet(ServiceProviderConsumerStore serviceProviderConsumerStore, @Qualifier("tokenStore") ServiceProviderTokenStore serviceProviderTokenStore, TokenFactory tokenFactory, OAuthValidator oAuthValidator, OAuthConverter oAuthConverter, ApplicationProperties applicationProperties, TransactionTemplate transactionTemplate) {
        super(transactionTemplate);
        this.log = LoggerFactory.getLogger(getClass());
        this.consumerStore = (ServiceProviderConsumerStore) Objects.requireNonNull(serviceProviderConsumerStore, "consumerStore");
        this.tokenStore = (ServiceProviderTokenStore) Objects.requireNonNull(serviceProviderTokenStore, "tokenStore");
        this.factory = (TokenFactory) Objects.requireNonNull(tokenFactory, Component.FACTORY);
        this.validator = (OAuthValidator) Objects.requireNonNull(oAuthValidator, "validator");
        this.converter = (OAuthConverter) Objects.requireNonNull(oAuthConverter, "converter");
        this.applicationProperties = (ApplicationProperties) Objects.requireNonNull(applicationProperties, "applicationProperties");
    }

    @Override // com.atlassian.oauth.serviceprovider.internal.servlet.TransactionalServlet
    public void doPostInTransaction(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        URI uri;
        ServiceProviderToken.Version version;
        try {
            OAuthMessage message = OAuthServlet.getMessage(httpServletRequest, null);
            message.requireParameters(OAuth.OAUTH_CONSUMER_KEY);
            Consumer consumer = this.consumerStore.get(message.getConsumerKey());
            if (consumer == null) {
                throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_UNKNOWN);
            }
            if (!consumer.getThreeLOAllowed()) {
                throw new OAuthProblemException(OAuth.Problems.PERMISSION_DENIED);
            }
            if (message.getParameter(OAuth.OAUTH_CALLBACK) != null) {
                uri = callbackToUri(message.getParameter(OAuth.OAUTH_CALLBACK));
                version = ServiceProviderToken.Version.V_1_0_A;
            } else {
                uri = null;
                version = ServiceProviderToken.Version.V_1_0;
            }
            try {
                this.validator.validateMessage(message, new OAuthAccessor(this.converter.toOAuthConsumer(consumer)));
                ServiceProviderToken put = this.tokenStore.put(this.factory.generateRequestToken(consumer, uri, message, version));
                httpServletResponse.setContentType("text/plain");
                ServletOutputStream outputStream = httpServletResponse.getOutputStream();
                ArrayList arrayList = new ArrayList();
                arrayList.add(new OAuth.Parameter(OAuth.OAUTH_TOKEN, put.getToken()));
                arrayList.add(new OAuth.Parameter(OAuth.OAUTH_TOKEN_SECRET, put.getTokenSecret()));
                if (ServiceProviderToken.Version.V_1_0_A.equals(version)) {
                    arrayList.add(new OAuth.Parameter(OAuth.OAUTH_CALLBACK_CONFIRMED, "true"));
                }
                OAuth.formEncode(arrayList, outputStream);
            } catch (OAuthProblemException e) {
                OAuthProblemUtils.logOAuthProblem(message, e, this.log);
                throw e;
            }
        } catch (Exception e2) {
            OAuthServlet.handleException(httpServletResponse, e2, this.applicationProperties.getBaseUrl(), true);
        }
    }

    private URI callbackToUri(String str) throws IOException, OAuthProblemException {
        if (str.equals("oob")) {
            return null;
        }
        try {
            URI uri = new URI(str);
            if (ServiceProviderToken.isValidCallback(uri)) {
                return uri;
            }
            this.log.error("Invalid callback URI '{}'", str);
            OAuthProblemException oAuthProblemException = new OAuthProblemException(OAuth.Problems.PARAMETER_REJECTED);
            oAuthProblemException.setParameter(OAuth.Problems.OAUTH_PARAMETERS_REJECTED, OAuth.OAUTH_CALLBACK);
            oAuthProblemException.setParameter(OAuth.Problems.OAUTH_PROBLEM_ADVICE, String.format(INVALID_CALLBACK_ADVICE, str));
            throw oAuthProblemException;
        } catch (URISyntaxException e) {
            this.log.error("Unable to parse callback URI '{}'", str);
            OAuthProblemException oAuthProblemException2 = new OAuthProblemException(OAuth.Problems.PARAMETER_REJECTED);
            oAuthProblemException2.setParameter(OAuth.Problems.OAUTH_PARAMETERS_REJECTED, OAuth.OAUTH_CALLBACK);
            oAuthProblemException2.setParameter(OAuth.Problems.OAUTH_PROBLEM_ADVICE, String.format(INVALID_CALLBACK_ADVICE, str));
            throw oAuthProblemException2;
        }
    }
}
