package eu.dnetlib.loginservice.security.oidc;

import com.google.gson.JsonParser;
import eu.dnetlib.loginservice.properties.Properties;
import java.io.IOException;
import java.util.Base64;
import java.util.Date;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.session.FindByIndexNameSessionRepository;

@Configuration
/* loaded from: input_file:WEB-INF/classes/eu/dnetlib/loginservice/security/oidc/OpenAIREAuthenticationSuccessHandler.class */
public class OpenAIREAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
    private static final Logger logger = Logger.getLogger(OpenAIREAuthenticationSuccessHandler.class);
    private final Properties properties;

    @Autowired
    public OpenAIREAuthenticationSuccessHandler(Properties properties) {
        this.properties = properties;
    }

    @Override // org.springframework.security.web.authentication.AuthenticationSuccessHandler
    public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException {
        OIDCAuthenticationToken oIDCAuthenticationToken = (OIDCAuthenticationToken) authentication;
        HttpSession session = httpServletRequest.getSession();
        String str = (String) session.getAttribute("redirect");
        session.setAttribute(FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME, oIDCAuthenticationToken.getUserInfo().getSub());
        try {
            Cookie cookie = new Cookie("AccessToken", oIDCAuthenticationToken.getAccessTokenValue());
            Matcher matcher = Pattern.compile("^([A-Za-z0-9-_=]+)\\.([A-Za-z0-9-_=]+)\\.?([A-Za-z0-9-_.+=]*)$").matcher(oIDCAuthenticationToken.getAccessTokenValue());
            if (matcher.find()) {
                cookie.setMaxAge((int) (new JsonParser().parse(new String(Base64.getDecoder().decode(matcher.group(2)))).getAsJsonObject().get("exp").getAsLong() - (new Date().getTime() / 1000)));
            } else {
                cookie.setMaxAge(3600);
            }
            cookie.setPath("/");
            cookie.setDomain(this.properties.getDomain());
            httpServletResponse.addCookie(cookie);
            if (str != null) {
                httpServletResponse.sendRedirect(str);
                session.removeAttribute("redirect");
            } else {
                httpServletResponse.sendRedirect(this.properties.getRedirect());
            }
        } catch (IOException e) {
            logger.error("IOException in redirection ", e);
            throw new IOException(e);
        }
    }
}
