package org.thingsboard.server.service.security.auth.oauth2;

import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.stereotype.Component;
import org.thingsboard.server.common.data.StringUtils;
import org.thingsboard.server.common.data.id.CustomerId;
import org.thingsboard.server.common.data.id.EntityId;
import org.thingsboard.server.common.data.id.TenantId;
import org.thingsboard.server.queue.util.TbCoreComponent;
import org.thingsboard.server.service.security.system.SystemSecurityService;

@TbCoreComponent
@Component("oauth2AuthenticationFailureHandler")
/* loaded from: input_file:org/thingsboard/server/service/security/auth/oauth2/Oauth2AuthenticationFailureHandler.class */
public class Oauth2AuthenticationFailureHandler extends SimpleUrlAuthenticationFailureHandler {
    private final HttpCookieOAuth2AuthorizationRequestRepository httpCookieOAuth2AuthorizationRequestRepository;
    private final SystemSecurityService systemSecurityService;

    @Autowired
    public Oauth2AuthenticationFailureHandler(HttpCookieOAuth2AuthorizationRequestRepository httpCookieOAuth2AuthorizationRequestRepository, SystemSecurityService systemSecurityService) {
        this.httpCookieOAuth2AuthorizationRequestRepository = httpCookieOAuth2AuthorizationRequestRepository;
        this.systemSecurityService = systemSecurityService;
    }

    public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        String baseUrl;
        Object obj;
        String str = null;
        OAuth2AuthorizationRequest loadAuthorizationRequest = this.httpCookieOAuth2AuthorizationRequestRepository.loadAuthorizationRequest(httpServletRequest);
        if (loadAuthorizationRequest != null) {
            str = (String) loadAuthorizationRequest.getAttribute(TbOAuth2ParameterNames.CALLBACK_URL_SCHEME);
        }
        if (StringUtils.isEmpty(str)) {
            baseUrl = this.systemSecurityService.getBaseUrl(TenantId.SYS_TENANT_ID, new CustomerId(EntityId.NULL_UUID), httpServletRequest);
            obj = "/login?loginError=";
        } else {
            baseUrl = str + ":";
            obj = "/?error=";
        }
        this.httpCookieOAuth2AuthorizationRequestRepository.removeAuthorizationRequestCookies(httpServletRequest, httpServletResponse);
        getRedirectStrategy().sendRedirect(httpServletRequest, httpServletResponse, baseUrl + obj + URLEncoder.encode(authenticationException.getMessage(), StandardCharsets.UTF_8.toString()));
    }
}
