package sk.eset.era.g3webserver.servlets;

import com.google.gwt.dom.client.BrowserEvents;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.Map;
import javax.inject.Inject;
import javax.inject.Provider;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.json.JSONObject;
import sk.eset.era.commons.common.constants.ActionTypes;
import sk.eset.era.commons.common.model.exceptions.AddressBlockedException;
import sk.eset.era.commons.common.model.exceptions.SessionNotValidException;
import sk.eset.era.g2webconsole.common.model.exceptions.EraRequestHandlingException;
import sk.eset.era.g2webconsole.server.modules.authorization.ServerSideSessionData;
import sk.eset.era.g2webconsole.server.modules.authorization.ServerSideSessionManager;
import sk.eset.phoenix.common.logger.Logger;

/* loaded from: input_file:WEB-INF/lib/g3-server-0.0.1-SNAPSHOT.jar:sk/eset/era/g3webserver/servlets/EraIntuneServlet.class */
public class EraIntuneServlet extends HttpServlet {
    static final String RESPONSE_HTML_TEMPLATE = "<html><body><script>window.opener.EraIntuneSetCodeOnComplete($result)</script></body></html>";
    static final int MAX_STATE_LENGTH = 1024;
    static final int MAX_ERROR_LENGTH = 1024;
    static final int MAX_CODE_LENGTH = 524288;

    @Inject
    static Provider<Logger> logger;

    @Inject
    static Provider<ServerSideSessionManager> sessionManagerProvider;

    private ServerSideSessionManager getSessionManager() {
        return sessionManagerProvider.get();
    }

    private static String getParamFromMap(Map<String, String[]> map, String str) {
        String str2 = map.containsKey(str) ? map.get(str)[0] : null;
        return str2 == null ? "" : str2;
    }

    private String decodeUriComponent(String str) {
        try {
            return URLDecoder.decode(str, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            logError(e);
            return str;
        }
    }

    private void sendResponse(HttpServletResponse httpServletResponse, boolean z) throws IOException {
        httpServletResponse.setContentType("text/html;charset=UTF-8");
        httpServletResponse.setCharacterEncoding("UTF-8");
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("success", z);
        httpServletResponse.getWriter().write(RESPONSE_HTML_TEMPLATE.replace("$result", jSONObject.toString()));
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        Map<String, String[]> parameterMap = httpServletRequest.getParameterMap();
        String paramFromMap = getParamFromMap(parameterMap, "code");
        String paramFromMap2 = getParamFromMap(parameterMap, "state");
        String paramFromMap3 = getParamFromMap(parameterMap, BrowserEvents.ERROR);
        if (paramFromMap2.isEmpty() || (paramFromMap.isEmpty() && paramFromMap3.isEmpty())) {
            logWarning(new RuntimeException("Missing parameters"));
            httpServletResponse.sendError(404, "MESSAGE: Resource not found.");
            return;
        }
        try {
            if (paramFromMap2.length() > 1024 || paramFromMap3.length() > 1024 || paramFromMap.length() > 524288) {
                throw new ServletException("Invalid parameters");
            }
            ServerSideSessionData sessionDataByIntuneLoginId = getSessionManager().getSessionDataByIntuneLoginId(decodeUriComponent(paramFromMap2), httpServletRequest);
            ServerSideSessionData validateSession = getSessionManager().validateSession(sessionDataByIntuneLoginId != null ? sessionDataByIntuneLoginId.getSessionID() : null, httpServletRequest);
            if (sessionDataByIntuneLoginId == null || validateSession != sessionDataByIntuneLoginId) {
                throw new SessionNotValidException();
            }
            String intuneRedirectURI = sessionDataByIntuneLoginId.getIntuneRedirectURI();
            if (intuneRedirectURI == null || intuneRedirectURI.isEmpty()) {
                throw new ServletException("Invalid redirect URI");
            }
            if (!paramFromMap3.isEmpty()) {
                logger.get().info("Intune redirect finished with error=" + paramFromMap3, new Object[0]);
            }
            if (paramFromMap.isEmpty()) {
                sendResponse(httpServletResponse, false);
            } else {
                sendResponse(httpServletResponse, sessionDataByIntuneLoginId.getModuleFactory().getMobileModule().intuneSetAuthCode(sessionDataByIntuneLoginId, paramFromMap, intuneRedirectURI));
            }
        } catch (ServletException e) {
            logError(e);
            httpServletResponse.sendError(500, ActionTypes.START_DELIMITER + e.getMessage() + ActionTypes.END_DELIMITER);
        } catch (AddressBlockedException e2) {
            logError(e2);
            httpServletResponse.sendError(401, "MESSAGE: Address blocked.");
        } catch (SessionNotValidException e3) {
            logError(e3);
            httpServletResponse.sendError(401, "MESSAGE: Unauthorized.");
        } catch (EraRequestHandlingException e4) {
            logError(e4);
            httpServletResponse.sendError(500, "MESSAGE: Failed to process code by server: " + e4.getLocalizedMessage() + ActionTypes.END_DELIMITER);
        }
    }

    private void logError(Exception exc) {
        logger.get().error("intuneServlet", exc);
    }

    private void logWarning(Exception exc) {
        logger.get().warn("intuneServlet", exc);
    }
}
