package com.imcode.controllers.html;

import com.imcode.oauth2.IvisClientDetailsService;
import java.security.Principal;
import java.util.Collection;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
/* loaded from: input_file:com/imcode/controllers/html/AdminController.class */
public class AdminController {

    @Autowired
    private ConsumerTokenServices tokenServices;

    @Autowired
    private TokenStore tokenStore;

    @Autowired
    private IvisClientDetailsService clientDetailsService;

    @RequestMapping(value = {"/oauth/users/{user}/tokens/{token}"}, method = {RequestMethod.DELETE})
    public ResponseEntity<Void> revokeToken(@PathVariable String str, @PathVariable String str2, Principal principal) throws Exception {
        checkResourceOwner(str, principal);
        return this.tokenServices.revokeToken(str2) ? new ResponseEntity<>(HttpStatus.NO_CONTENT) : new ResponseEntity<>(HttpStatus.NOT_FOUND);
    }

    @RequestMapping({"/oauth/clients/{client}/tokens"})
    @ResponseBody
    public Collection<OAuth2AccessToken> listTokensForClient(@PathVariable String str) throws Exception {
        return this.tokenStore.findTokensByClientId(str);
    }

    @RequestMapping(value = {"/oauth/tokens"}, method = {RequestMethod.GET})
    public String tokenList(Model model) {
        IvisClientDetailsService ivisClientDetailsService = this.clientDetailsService;
        List listClientDetails = this.clientDetailsService.listClientDetails();
        LinkedList linkedList = new LinkedList();
        Iterator it = listClientDetails.iterator();
        while (it.hasNext()) {
            Collection findTokensByClientId = this.tokenStore.findTokensByClientId(((ClientDetails) it.next()).getClientId());
            if (findTokensByClientId != null) {
                linkedList.addAll(findTokensByClientId);
            }
        }
        model.addAttribute("tokens", linkedList);
        return "tokens";
    }

    @RequestMapping(value = {"/oauth/tokens/{tokenVlue}"}, method = {RequestMethod.DELETE})
    @ResponseBody
    public boolean delete(@PathVariable("tokenVlue") String str) {
        return this.tokenServices.revokeToken(str);
    }

    @RequestMapping({"/login"})
    public String login() {
        return "security/login";
    }

    @RequestMapping({"/", "/home", "index"})
    public String home() {
        return "default";
    }

    private void checkResourceOwner(String str, Principal principal) {
        if ((principal instanceof OAuth2Authentication) && !((OAuth2Authentication) principal).isClientOnly() && !str.equals(principal.getName())) {
            throw new AccessDeniedException(String.format("User '%s' cannot obtain tokens for user '%s'", principal.getName(), str));
        }
    }

    public void setTokenServices(ConsumerTokenServices consumerTokenServices) {
        this.tokenServices = consumerTokenServices;
    }

    public void setTokenStore(TokenStore tokenStore) {
        this.tokenStore = tokenStore;
    }

    public void setClientDetailsService(IvisClientDetailsService ivisClientDetailsService) {
        this.clientDetailsService = ivisClientDetailsService;
    }
}
