package it.nerdammer.oauthentication.web;

import it.nerdammer.oauthentication.Gender;
import it.nerdammer.oauthentication.OauthProvider;
import it.nerdammer.oauthentication.User;
import it.nerdammer.oauthentication.UserID;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.util.Date;
import java.util.Map;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.type.TypeReference;

/* loaded from: input_file:it/nerdammer/oauthentication/web/FacebookLoginCallbackServlet.class */
public class FacebookLoginCallbackServlet extends HttpServlet {
    private static final long serialVersionUID = 1;

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String parameter = httpServletRequest.getParameter("code");
        String parameter2 = httpServletRequest.getParameter("state");
        Logger.getAnonymousLogger().finer("Code: " + parameter);
        Logger.getAnonymousLogger().finer("State: " + parameter2);
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            throw new SecurityException("No session active");
        }
        String str = (String) session.getAttribute("it.nerdammer.oauthentication.FACEBOOK_STATE");
        Logger.getAnonymousLogger().finer("Session state: " + str);
        if (str == null || !str.equals(parameter2)) {
            throw new SecurityException("CSRF attack prevented");
        }
        OauthConfig config = CommonUtils.getConfig();
        if (parameter == null) {
            httpServletResponse.sendRedirect(CommonUtils.buildCompleteUrl(httpServletRequest, config.getLoginErrorPage()));
            return;
        }
        String facebookAppID = config.getFacebookAppID();
        String facebookAppSecret = config.getFacebookAppSecret();
        String buildCompleteUrl = CommonUtils.buildCompleteUrl(httpServletRequest, "/oauthentication/facebook_login_callback");
        if (facebookAppID == null || facebookAppSecret == null) {
            throw new IllegalStateException("Facebook config not set");
        }
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL("https://graph.facebook.com/oauth/access_token?client_id=" + URLEncoder.encode(facebookAppID, "UTF-8") + "&redirect_uri=" + URLEncoder.encode(buildCompleteUrl, "UTF-8") + "&client_secret=" + URLEncoder.encode(facebookAppSecret, "UTF-8") + "&code=" + parameter).openConnection();
        String contentEncoding = httpURLConnection.getContentEncoding();
        if (contentEncoding == null) {
            contentEncoding = "UTF-8";
        }
        String readLine = new BufferedReader(new InputStreamReader(httpURLConnection.getInputStream(), contentEncoding)).readLine();
        httpURLConnection.disconnect();
        Logger.getAnonymousLogger().finer("Response from Facebook: " + readLine);
        Map<String, String> parseQueryString = CommonUtils.parseQueryString(readLine);
        String str2 = parseQueryString.get("access_token");
        String str3 = parseQueryString.get("expires");
        Long l = null;
        if (str3 != null) {
            l = Long.valueOf(System.currentTimeMillis() + Long.valueOf(Long.parseLong(str3)).longValue());
            Logger.getAnonymousLogger().info("Token expiration " + new Date(l.longValue()));
        }
        Map map = (Map) new ObjectMapper().readValue(((HttpURLConnection) new URL("https://graph.facebook.com/me?access_token=" + URLEncoder.encode(str2, "UTF-8")).openConnection()).getInputStream(), new TypeReference<Map<String, Object>>() { // from class: it.nerdammer.oauthentication.web.FacebookLoginCallbackServlet.1
        });
        httpURLConnection.disconnect();
        Logger.getAnonymousLogger().finer("Facebook profile: " + map);
        String str4 = (String) map.get("id");
        String str5 = (String) map.get("first_name");
        String str6 = (String) map.get("middle_name");
        String str7 = (String) map.get("last_name");
        String str8 = (String) map.get("username");
        String str9 = (String) map.get("gender");
        Gender gender = null;
        Gender[] values = Gender.values();
        int length = values.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            Gender gender2 = values[i];
            if (gender2.name().equalsIgnoreCase(str9)) {
                gender = gender2;
                break;
            }
            i++;
        }
        String str10 = (String) map.get("locale");
        String str11 = (String) map.get("email");
        String str12 = "https://graph.facebook.com/" + URLEncoder.encode(str4, "UTF-8") + "/picture";
        UserID userID = new UserID(OauthProvider.FACEBOOK, str4);
        User user = new User();
        user.setUserID(userID);
        user.setFirstName(str5);
        user.setMiddleName(str6);
        user.setLastName(str7);
        user.setNickName(str8);
        user.setGender(gender);
        user.setEmail(str11);
        user.setLocale(str10);
        user.setPictureUrl(str12);
        user.setAccessToken(str2);
        user.setAccessTokenExpiration(l);
        CommonUtils.putUserInSession(session, user);
        CommonUtils.putProviderAsCookie(httpServletRequest, httpServletResponse, OauthProvider.FACEBOOK);
        httpServletResponse.sendRedirect(CommonUtils.getRequestedUrlFromSession(session));
    }
}
