package org.onebusaway.everylastlogin.server;

import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.UUID;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import oauth.signpost.OAuth;
import oauth.signpost.OAuthConsumer;
import oauth.signpost.OAuthProvider;
import oauth.signpost.basic.DefaultOAuthConsumer;
import oauth.signpost.basic.DefaultOAuthProvider;
import oauth.signpost.exception.OAuthException;
import oauth.signpost.exception.OAuthNotAuthorizedException;
import org.apache.commons.digester.Digester;
import org.onebusaway.everylastlogin.server.AuthenticationResult;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/onebusaway/everylastlogin/server/TwitterAuthenticationPlugin.class */
public class TwitterAuthenticationPlugin implements AuthenticationPlugin {
    private static final String CONSUMER = TwitterAuthenticationPlugin.class.getName() + ".consumer";
    private static final String PROVIDER = TwitterAuthenticationPlugin.class.getName() + ".provider";
    private String _consumerKey = "";
    private String _consumerSecret = "";

    public void setConsumerKey(String str) {
        this._consumerKey = str;
    }

    public void setConsumerSecret(String str) {
        this._consumerSecret = str;
    }

    @Override // org.onebusaway.everylastlogin.server.AuthenticationPlugin
    public void handleAction(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, PluginAction pluginAction) throws IOException, ServletException {
        String action = pluginAction.getAction();
        if (action == null || action.equals("default")) {
            handleAuthentication(httpServletRequest, httpServletResponse, pluginAction);
        } else if (action.equals("verify")) {
            handleVerification(httpServletRequest, httpServletResponse, pluginAction);
        }
    }

    private void handleAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, PluginAction pluginAction) throws IOException {
        DefaultOAuthConsumer defaultOAuthConsumer = new DefaultOAuthConsumer(this._consumerKey, this._consumerSecret);
        DefaultOAuthProvider defaultOAuthProvider = new DefaultOAuthProvider("http://twitter.com/oauth/request_token", "http://twitter.com/oauth/access_token", "http://twitter.com/oauth/authenticate");
        httpServletRequest.getSession().setAttribute(CONSUMER, defaultOAuthConsumer);
        httpServletRequest.getSession().setAttribute(PROVIDER, defaultOAuthProvider);
        try {
            httpServletResponse.sendRedirect(defaultOAuthProvider.retrieveRequestToken(defaultOAuthConsumer, pluginAction.getBaseUrl() + "/" + pluginAction.getPlugin() + "/verify"));
        } catch (OAuthException e) {
            throw new IllegalStateException(e);
        }
    }

    private void handleVerification(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, PluginAction pluginAction) throws IOException {
        OAuthConsumer oAuthConsumer = (OAuthConsumer) httpServletRequest.getSession().getAttribute(CONSUMER);
        OAuthProvider oAuthProvider = (OAuthProvider) httpServletRequest.getSession().getAttribute(PROVIDER);
        String parameter = httpServletRequest.getParameter(OAuth.OAUTH_VERIFIER);
        if (parameter == null) {
            LoginManager.handleResult(httpServletRequest, httpServletResponse, new AuthenticationResult(AuthenticationResult.EResultCode.AUTHENTICATION_FAILED, LoginConstants.PROVIDER_TWITTER));
            return;
        }
        try {
            oAuthProvider.retrieveAccessToken(oAuthConsumer, parameter);
            oAuthConsumer.setTokenWithSecret(oAuthConsumer.getToken(), oAuthConsumer.getTokenSecret());
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL("http://api.twitter.com/1/account/verify_credentials.xml").openConnection();
            oAuthConsumer.sign(httpURLConnection);
            httpURLConnection.connect();
            if (httpURLConnection.getResponseCode() == 200) {
                Digester digester = new Digester();
                TwitterUser twitterUser = new TwitterUser();
                digester.push(twitterUser);
                digester.addBeanPropertySetter("user/id");
                digester.addBeanPropertySetter("user/name");
                digester.addBeanPropertySetter("user/screen_name", "screenName");
                digester.parse(httpURLConnection.getInputStream());
                if (twitterUser.getId() != null) {
                    LoginManager.handleResult(httpServletRequest, httpServletResponse, new AuthenticationResult(AuthenticationResult.EResultCode.SUCCESS, LoginConstants.PROVIDER_TWITTER, twitterUser.getId(), UUID.randomUUID().toString()));
                    return;
                }
            }
        } catch (OAuthNotAuthorizedException e) {
        } catch (OAuthException e2) {
            throw new IllegalStateException(e2);
        } catch (SAXException e3) {
            throw new IOException(e3);
        }
        LoginManager.handleResult(httpServletRequest, httpServletResponse, new AuthenticationResult(AuthenticationResult.EResultCode.AUTHENTICATION_FAILED, LoginConstants.PROVIDER_TWITTER));
    }
}
