package org.wso2.choreo.connect.enforcer.util;

import java.lang.annotation.Annotation;
import java.lang.reflect.InvocationTargetException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.ServiceLoader;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.wso2.carbon.apimgt.common.gateway.dto.JWTConfigurationDto;
import org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto;
import org.wso2.carbon.apimgt.common.gateway.exception.JWTGeneratorException;
import org.wso2.carbon.apimgt.common.gateway.jwtgenerator.APIMgtGatewayJWTGeneratorImpl;
import org.wso2.carbon.apimgt.common.gateway.jwtgenerator.AbstractAPIMgtGatewayJWTGenerator;
import org.wso2.carbon.apimgt.common.gateway.jwttransformer.JWTTransformer;
import org.wso2.choreo.connect.enforcer.common.CacheProvider;
import org.wso2.choreo.connect.enforcer.config.ConfigHolder;
import org.wso2.choreo.connect.enforcer.constants.APIConstants;
import org.wso2.choreo.connect.enforcer.constants.APISecurityConstants;
import org.wso2.choreo.connect.enforcer.exception.APISecurityException;
import org.wso2.choreo.connect.enforcer.security.jwt.JwtTransformerAnnotation;
import org.wso2.choreo.connect.enforcer.security.jwt.validator.JWTConstants;

/* loaded from: input_file:org/wso2/choreo/connect/enforcer/util/BackendJwtUtils.class */
public class BackendJwtUtils {
    private static final Logger log = LogManager.getLogger(BackendJwtUtils.class);
    private static volatile long ttl = -1;

    public static long getTTL() {
        return ttl * 1000;
    }

    public static String generateAndRetrieveJWTToken(AbstractAPIMgtGatewayJWTGenerator abstractAPIMgtGatewayJWTGenerator, String str, JWTInfoDto jWTInfoDto, boolean z) throws APISecurityException {
        log.debug("Inside generateAndRetrieveJWTToken");
        String str2 = null;
        boolean z2 = false;
        String concat = jWTInfoDto.getApiContext().concat(":").concat(jWTInfoDto.getVersion()).concat(":").concat(str);
        if (abstractAPIMgtGatewayJWTGenerator == null) {
            log.debug("Error while loading JWTGenerator");
        } else if (z) {
            try {
                Object obj = CacheProvider.getGatewayJWTTokenCache().get(concat);
                if (obj != null && !JWTConstants.UNAVAILABLE.equals(obj)) {
                    str2 = (String) obj;
                    z2 = JWTUtils.isExpired(str2);
                }
            } catch (Exception e) {
                log.error("Error while getting token from the cache", e);
            }
            if (StringUtils.isEmpty(str2) || !z2) {
                str2 = generateToken(abstractAPIMgtGatewayJWTGenerator, jWTInfoDto, true, concat);
            }
        } else {
            str2 = generateToken(abstractAPIMgtGatewayJWTGenerator, jWTInfoDto, false, concat);
        }
        return str2;
    }

    private static String generateToken(AbstractAPIMgtGatewayJWTGenerator abstractAPIMgtGatewayJWTGenerator, JWTInfoDto jWTInfoDto, boolean z, String str) throws APISecurityException {
        JWTConfigurationDto jwtConfigurationDto = ConfigHolder.getInstance().getConfig().getJwtConfigurationDto();
        jwtConfigurationDto.setTtl(getTTL());
        abstractAPIMgtGatewayJWTGenerator.setJWTConfigurationDto(jwtConfigurationDto);
        try {
            String generateToken = abstractAPIMgtGatewayJWTGenerator.generateToken(jWTInfoDto);
            if (z) {
                CacheProvider.getGatewayJWTTokenCache().put(str, generateToken);
            }
            return generateToken;
        } catch (JWTGeneratorException e) {
            log.error("Error while Generating Backend JWT", e);
            throw new APISecurityException(APIConstants.StatusCodes.UNAUTHENTICATED.getCode(), 900900, APISecurityConstants.API_AUTH_GENERAL_ERROR_MESSAGE, e);
        }
    }

    public static AbstractAPIMgtGatewayJWTGenerator getApiMgtGatewayJWTGenerator() {
        String gatewayJWTGeneratorImpl = ConfigHolder.getInstance().getConfig().getJwtConfigurationDto().getGatewayJWTGeneratorImpl();
        AbstractAPIMgtGatewayJWTGenerator abstractAPIMgtGatewayJWTGenerator = null;
        if (gatewayJWTGeneratorImpl.equals(JWTConstants.DEFAULT_JWT_GENERATOR_CLASS_NAME)) {
            return new APIMgtGatewayJWTGeneratorImpl();
        }
        try {
            abstractAPIMgtGatewayJWTGenerator = (AbstractAPIMgtGatewayJWTGenerator) Class.forName(gatewayJWTGeneratorImpl).getConstructor(new Class[0]).newInstance(new Object[0]);
        } catch (ClassCastException | ClassNotFoundException | IllegalAccessException | InstantiationException | NoSuchMethodException | InvocationTargetException e) {
            log.error("Error while generating AbstractAPIMgtGatewayJWTGenerator from the class", e);
        }
        return abstractAPIMgtGatewayJWTGenerator;
    }

    public static Map<String, JWTTransformer> loadJWTTransformers() {
        Iterator it = ServiceLoader.load(JWTTransformer.class).iterator();
        HashMap hashMap = new HashMap();
        if (!it.hasNext()) {
            log.debug("No JWTTransformers found.");
            return hashMap;
        }
        while (it.hasNext()) {
            JWTTransformer jWTTransformer = (JWTTransformer) it.next();
            Annotation[] annotations = jWTTransformer.getClass().getAnnotations();
            if (annotations.length == 0) {
                log.debug("JWTTransformer is discarded as no annotations found : {}", jWTTransformer.getClass().getCanonicalName());
            } else {
                for (Annotation annotation : annotations) {
                    if (annotation instanceof JwtTransformerAnnotation) {
                        JwtTransformerAnnotation jwtTransformerAnnotation = (JwtTransformerAnnotation) annotation;
                        if (jwtTransformerAnnotation.enabled()) {
                            log.debug("JWTTransformer for the issuer : {} is enabled.", jwtTransformerAnnotation.issuer());
                            hashMap.put(jwtTransformerAnnotation.issuer(), jWTTransformer);
                        } else {
                            log.debug("JWTTransformer for the issuer : {} is disabled.", jwtTransformerAnnotation.issuer());
                        }
                    }
                }
            }
        }
        return hashMap;
    }
}
