package at.letto.lti.controller;

import at.letto.lti.endpoints.LtiEndpoint;
import at.letto.lti.model.dto.LoginInitiationDTO;
import at.letto.lti.model.lti.Nonce;
import at.letto.lti.model.lti.PlatformDeployment;
import at.letto.lti.repository.NonceRepository;
import at.letto.lti.repository.PlatformDeploymentRepository;
import at.letto.lti.service.LTIDataService;
import at.letto.lti.utils.lti.LtiOidcUtils;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.view.RedirectView;

@RequestMapping({LtiEndpoint.OIDC})
@Controller
/* loaded from: input_file:BOOT-INF/classes/at/letto/lti/controller/OIDCController.class */
public class OIDCController {
    static final Logger log = LoggerFactory.getLogger((Class<?>) OIDCController.class);
    private static final String none = "none";
    private static final String formPost = "form_post";
    private static final String idToken = "id_token";
    private static final String openId = "openid";

    @Autowired
    PlatformDeploymentRepository platformDeploymentRepository;

    @Autowired
    NonceRepository nonceRepository;

    @Autowired
    LTIDataService ltiDataService;

    @RequestMapping({"/login_initiations"})
    public RedirectView loginInitiations(HttpServletRequest httpServletRequest, Model model) {
        LoginInitiationDTO loginInitiationDTO = new LoginInitiationDTO(httpServletRequest);
        List<PlatformDeployment> findByIss = this.platformDeploymentRepository.findByIss(loginInitiationDTO.getIss());
        if (findByIss.isEmpty()) {
            model.addAttribute("error_type", "iss_nonexisting");
            return new RedirectView("error");
        }
        try {
            Map<String, String> generateAuthRequestPayload = generateAuthRequestPayload(findByIss.get(0), loginInitiationDTO);
            model.addAllAttributes(generateAuthRequestPayload);
            model.addAttribute("initiation_dto", loginInitiationDTO);
            return new RedirectView(generateAuthRequestPayload.get("oicdEndpointComplete"));
        } catch (Exception e) {
            model.addAttribute("Error", e.getMessage());
            return new RedirectView("lti3Error");
        }
    }

    private Map<String, String> generateAuthRequestPayload(PlatformDeployment platformDeployment, LoginInitiationDTO loginInitiationDTO) throws GeneralSecurityException, IOException {
        HashMap hashMap = new HashMap();
        hashMap.put("client_id", platformDeployment.getClientId());
        hashMap.put("login_hint", loginInitiationDTO.getLoginHint());
        hashMap.put("lti_message_hint", loginInitiationDTO.getLtiMessageHint());
        hashMap.put("nonce", ((Nonce) this.nonceRepository.save(new Nonce())).getNonce());
        hashMap.put("prompt", "none");
        hashMap.put("redirect_uri", loginInitiationDTO.getTargetLinkUri());
        hashMap.put("response_mode", formPost);
        hashMap.put("response_type", "id_token");
        hashMap.put("scope", "openid");
        hashMap.put("state", LtiOidcUtils.generateState(this.ltiDataService, platformDeployment, hashMap, loginInitiationDTO));
        hashMap.put("oicdEndpoint", platformDeployment.getOidcEndpoint());
        hashMap.put("oicdEndpointComplete", generateCompleteUrl(hashMap));
        return hashMap;
    }

    private String generateCompleteUrl(Map<String, String> map) {
        return map.get("oicdEndpoint") + "?client_id=" + map.get("client_id") + "&login_hint=" + map.get("login_hint") + "&lti_message_hint=" + map.get("lti_message_hint") + "&nonce=" + map.get("nonce") + "&prompt=" + map.get("prompt") + "&redirect_uri=" + map.get("redirect_uri") + "&response_mode=" + map.get("response_mode") + "&response_type=" + map.get("response_type") + "&scope=" + map.get("scope") + "&state=" + map.get("state");
    }
}
