package org.wso2.auth0.client;

import com.google.gson.Gson;
import feign.Feign;
import feign.FeignException;
import feign.codec.ErrorDecoder;
import feign.gson.GsonDecoder;
import feign.gson.GsonEncoder;
import feign.okhttp.OkHttpClient;
import feign.slf4j.Slf4jLogger;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.auth0.client.model.Auth0APIKeyInterceptor;
import org.wso2.auth0.client.model.Auth0AccessTokenResponse;
import org.wso2.auth0.client.model.Auth0ClientGrant;
import org.wso2.auth0.client.model.Auth0ClientGrantInfo;
import org.wso2.auth0.client.model.Auth0ClientInfo;
import org.wso2.auth0.client.model.Auth0DCRClient;
import org.wso2.auth0.client.model.Auth0TokenClient;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.model.API;
import org.wso2.carbon.apimgt.api.model.AccessTokenInfo;
import org.wso2.carbon.apimgt.api.model.AccessTokenRequest;
import org.wso2.carbon.apimgt.api.model.KeyManagerConfiguration;
import org.wso2.carbon.apimgt.api.model.OAuthAppRequest;
import org.wso2.carbon.apimgt.api.model.OAuthApplicationInfo;
import org.wso2.carbon.apimgt.api.model.Scope;
import org.wso2.carbon.apimgt.impl.AbstractKeyManager;
import org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO;
import org.wso2.carbon.apimgt.impl.kmclient.FormEncoder;
import org.wso2.carbon.user.core.UserCoreConstants;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/auth0/client/Auth0OAuthClient.class */
public class Auth0OAuthClient extends AbstractKeyManager {
    private static final Log log = LogFactory.getLog(Auth0OAuthClient.class);
    private Auth0DCRClient auth0DCRClient;
    private Auth0ClientGrant auth0ClientGrant;
    private Auth0TokenClient auth0TokenClient;
    private String audience;

    public static String getEncodedCredentials(String str, String str2) throws APIManagementException {
        try {
            return Base64.getEncoder().encodeToString((str + ":" + str2).getBytes(Auth0Constants.UTF_8));
        } catch (UnsupportedEncodingException e) {
            throw new APIManagementException(Auth0Constants.ERROR_ENCODING_METHOD_NOT_SUPPORTED, e);
        }
    }

    public OAuthApplicationInfo createApplication(OAuthAppRequest oAuthAppRequest) throws APIManagementException {
        OAuthApplicationInfo oAuthApplicationInfo = oAuthAppRequest.getOAuthApplicationInfo();
        Auth0ClientInfo createApplication = this.auth0DCRClient.createApplication(createClientInfoFromOauthApplicationInfo(oAuthApplicationInfo));
        if (createApplication == null) {
            return null;
        }
        OAuthApplicationInfo createOAuthAppInfoFromResponse = createOAuthAppInfoFromResponse(createApplication);
        String audienceFromAuthAppRequest = getAudienceFromAuthAppRequest(oAuthApplicationInfo);
        Auth0ClientGrantInfo auth0ClientGrantInfo = new Auth0ClientGrantInfo(createApplication.getClientId(), audienceFromAuthAppRequest);
        if (audienceFromAuthAppRequest.isEmpty()) {
            log.warn("Did not provide the audience");
            return createOAuthAppInfoFromResponse;
        }
        this.audience = audienceFromAuthAppRequest;
        if (this.auth0ClientGrant.createClientGrant(auth0ClientGrantInfo) == null) {
            log.warn("Error while adding the audience");
        }
        return createOAuthAppInfoFromResponse;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v10, types: [java.util.Map] */
    private String getAudienceFromAuthAppRequest(OAuthApplicationInfo oAuthApplicationInfo) {
        Object parameter = oAuthApplicationInfo.getParameter("additionalProperties");
        HashMap hashMap = new HashMap();
        if (parameter instanceof String) {
            hashMap = (Map) new Gson().fromJson((String) parameter, Map.class);
        }
        return (String) hashMap.get(Auth0Constants.API_AUDIENCE);
    }

    private OAuthApplicationInfo createOAuthAppInfoFromResponse(Auth0ClientInfo auth0ClientInfo) {
        OAuthApplicationInfo oAuthApplicationInfo = new OAuthApplicationInfo();
        oAuthApplicationInfo.setClientName(auth0ClientInfo.getClientName());
        oAuthApplicationInfo.setClientId(auth0ClientInfo.getClientId());
        oAuthApplicationInfo.setClientSecret(auth0ClientInfo.getClientSecret());
        if (auth0ClientInfo.getRedirectUris() != null && auth0ClientInfo.getRedirectUris().size() > 0) {
            oAuthApplicationInfo.setCallBackURL(String.join(",", auth0ClientInfo.getRedirectUris()));
        }
        if (StringUtils.isNotEmpty(auth0ClientInfo.getClientName())) {
            oAuthApplicationInfo.addParameter("client_name", auth0ClientInfo.getClientName());
        }
        if (StringUtils.isNotEmpty(auth0ClientInfo.getClientId())) {
            oAuthApplicationInfo.addParameter(Auth0Constants.CLIENT_ID, auth0ClientInfo.getClientId());
        }
        if (StringUtils.isNotEmpty(auth0ClientInfo.getClientSecret())) {
            oAuthApplicationInfo.addParameter(Auth0Constants.CLIENT_SECRET, auth0ClientInfo.getClientSecret());
        }
        if (auth0ClientInfo.getGrantTypes() != null && auth0ClientInfo.getGrantTypes().size() > 0) {
            oAuthApplicationInfo.addParameter("grant_types", String.join(",", auth0ClientInfo.getGrantTypes()));
        }
        oAuthApplicationInfo.addParameter("additionalProperties", new Gson().fromJson(new Gson().toJson(auth0ClientInfo), Map.class));
        return oAuthApplicationInfo;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v39, types: [java.util.Map] */
    private Auth0ClientInfo createClientInfoFromOauthApplicationInfo(OAuthApplicationInfo oAuthApplicationInfo) {
        Auth0ClientInfo auth0ClientInfo = new Auth0ClientInfo();
        String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername((String) oAuthApplicationInfo.getParameter("username"));
        String extractDomainFromName = UserCoreUtil.extractDomainFromName(tenantAwareUsername);
        if (extractDomainFromName != null && !extractDomainFromName.isEmpty() && !"PRIMARY".equals(extractDomainFromName)) {
            tenantAwareUsername = tenantAwareUsername.replace(UserCoreConstants.DOMAIN_SEPARATOR, "_");
        }
        String clientName = oAuthApplicationInfo.getClientName();
        String str = (String) oAuthApplicationInfo.getParameter("key_type");
        String callBackURL = oAuthApplicationInfo.getCallBackURL();
        if (str != null) {
            clientName = tenantAwareUsername.concat(clientName).concat("_").concat(str);
        }
        List<String> arrayList = new ArrayList();
        if (oAuthApplicationInfo.getParameter("grant_types") != null) {
            arrayList = Arrays.asList(((String) oAuthApplicationInfo.getParameter("grant_types")).split(","));
        }
        auth0ClientInfo.setGrantTypes(arrayList);
        auth0ClientInfo.setClientName(clientName);
        if (StringUtils.isNotEmpty(callBackURL)) {
            auth0ClientInfo.setRedirectUris(Arrays.asList(callBackURL.split(",")));
        }
        Object parameter = oAuthApplicationInfo.getParameter("additionalProperties");
        HashMap hashMap = new HashMap();
        if (parameter instanceof String) {
            hashMap = (Map) new Gson().fromJson((String) parameter, Map.class);
        }
        if (hashMap.containsKey(Auth0Constants.APP_TYPE)) {
            auth0ClientInfo.setApplicationType((String) hashMap.get(Auth0Constants.APP_TYPE));
        } else {
            auth0ClientInfo.setApplicationType(Auth0Constants.DEFAULT_CLIENT_APPLICATION_TYPE);
        }
        if (hashMap.containsKey(Auth0Constants.TOKEN_ENDPOINT_AUTH_METHOD)) {
            auth0ClientInfo.setTokenEndpointAuthMethod((String) hashMap.get(Auth0Constants.TOKEN_ENDPOINT_AUTH_METHOD));
        }
        return auth0ClientInfo;
    }

    public OAuthApplicationInfo updateApplication(OAuthAppRequest oAuthAppRequest) throws APIManagementException {
        OAuthApplicationInfo oAuthApplicationInfo = oAuthAppRequest.getOAuthApplicationInfo();
        Auth0ClientInfo createClientInfoFromOauthApplicationInfo = createClientInfoFromOauthApplicationInfo(oAuthApplicationInfo);
        createClientInfoFromOauthApplicationInfo.setClientSecret(oAuthApplicationInfo.getClientSecret());
        Auth0ClientInfo updateApplication = this.auth0DCRClient.updateApplication(oAuthApplicationInfo.getClientId(), createClientInfoFromOauthApplicationInfo);
        if (updateApplication == null) {
            return null;
        }
        OAuthApplicationInfo createOAuthAppInfoFromResponse = createOAuthAppInfoFromResponse(updateApplication);
        String audienceFromAuthAppRequest = getAudienceFromAuthAppRequest(oAuthApplicationInfo);
        Auth0ClientGrantInfo auth0ClientGrantInfo = new Auth0ClientGrantInfo(updateApplication.getClientId(), audienceFromAuthAppRequest);
        Auth0ClientGrantInfo auth0ClientGrantInfo2 = null;
        if (audienceFromAuthAppRequest.isEmpty()) {
            log.warn("Did not provide the audience");
            return createOAuthAppInfoFromResponse;
        }
        try {
            auth0ClientGrantInfo2 = this.auth0ClientGrant.createClientGrant(auth0ClientGrantInfo);
            this.audience = audienceFromAuthAppRequest;
            if (auth0ClientGrantInfo2 != null) {
                return createOAuthAppInfoFromResponse;
            }
        } catch (FeignException e) {
            if (e.status() == 409) {
                log.warn("Client grant already exists.");
                return createOAuthAppInfoFromResponse;
            }
        }
        if (auth0ClientGrantInfo2 == null) {
            log.warn("Error while adding the audience");
        }
        return createOAuthAppInfoFromResponse;
    }

    public void deleteApplication(String str) throws APIManagementException {
        this.auth0DCRClient.deleteApplication(str);
    }

    public OAuthApplicationInfo retrieveApplication(String str) throws APIManagementException {
        return createOAuthAppInfoFromResponse(this.auth0DCRClient.getApplication(str));
    }

    public AccessTokenInfo getNewApplicationAccessToken(AccessTokenRequest accessTokenRequest) throws APIManagementException {
        String str = "";
        if (accessTokenRequest.getScope() != null && accessTokenRequest.getScope().length > 0) {
            str = String.join(" ", accessTokenRequest.getScope());
        }
        Auth0AccessTokenResponse accessToken = this.auth0TokenClient.getAccessToken(accessTokenRequest.getGrantType() != null ? accessTokenRequest.getGrantType() : Auth0Constants.GRANT_TYPE_CLIENT_CREDENTIALS, this.audience, str, getEncodedCredentials(accessTokenRequest.getClientId(), accessTokenRequest.getClientSecret()));
        if (accessToken == null) {
            return null;
        }
        AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
        accessTokenInfo.setConsumerKey(accessTokenRequest.getClientId());
        accessTokenInfo.setConsumerSecret(accessTokenRequest.getClientSecret());
        accessTokenInfo.setAccessToken(accessToken.getAccessToken());
        if (accessToken.getScope() != null) {
            accessTokenInfo.setScope(accessToken.getScope().split("\\s+"));
        }
        accessTokenInfo.setValidityPeriod(accessToken.getExpiry());
        return accessTokenInfo;
    }

    public String getNewApplicationConsumerSecret(AccessTokenRequest accessTokenRequest) throws APIManagementException {
        return this.auth0DCRClient.regenerateClientSecret(accessTokenRequest.getClientId()).getClientSecret();
    }

    public AccessTokenInfo getTokenMetaData(String str) throws APIManagementException {
        return null;
    }

    public KeyManagerConfiguration getKeyManagerConfiguration() throws APIManagementException {
        return this.configuration;
    }

    public OAuthApplicationInfo mapOAuthApplication(OAuthAppRequest oAuthAppRequest) throws APIManagementException {
        return oAuthAppRequest.getOAuthApplicationInfo();
    }

    public void loadConfiguration(KeyManagerConfiguration keyManagerConfiguration) throws APIManagementException {
        this.configuration = keyManagerConfiguration;
        this.auth0TokenClient = (Auth0TokenClient) Feign.builder().client(new OkHttpClient()).encoder(new FormEncoder()).decoder(new GsonDecoder()).errorDecoder(new ErrorDecoder.Default()).logger(new Slf4jLogger()).target(Auth0TokenClient.class, (String) keyManagerConfiguration.getParameter("token_endpoint"));
        Auth0APIKeyInterceptor auth0APIKeyInterceptor = new Auth0APIKeyInterceptor(this.auth0TokenClient, (String) keyManagerConfiguration.getParameter(Auth0Constants.CLIENT_ID), (String) keyManagerConfiguration.getParameter(Auth0Constants.CLIENT_SECRET), (String) keyManagerConfiguration.getParameter(Auth0Constants.AUDIENCE));
        String concat = ((String) keyManagerConfiguration.getParameter(Auth0Constants.AUDIENCE)).concat("clients");
        String concat2 = ((String) keyManagerConfiguration.getParameter(Auth0Constants.AUDIENCE)).concat("client-grants");
        this.auth0DCRClient = (Auth0DCRClient) Feign.builder().client(new OkHttpClient()).encoder(new GsonEncoder()).decoder(new GsonDecoder()).errorDecoder(new ErrorDecoder.Default()).logger(new Slf4jLogger()).requestInterceptor(auth0APIKeyInterceptor).target(Auth0DCRClient.class, concat);
        this.auth0ClientGrant = (Auth0ClientGrant) Feign.builder().client(new OkHttpClient()).encoder(new GsonEncoder()).decoder(new GsonDecoder()).errorDecoder(new ErrorDecoder.Default()).logger(new Slf4jLogger()).requestInterceptor(auth0APIKeyInterceptor).target(Auth0ClientGrant.class, concat2);
    }

    public boolean registerNewResource(API api, Map map) throws APIManagementException {
        return false;
    }

    public Map getResourceByApiId(String str) throws APIManagementException {
        return null;
    }

    public boolean updateRegisteredResource(API api, Map map) throws APIManagementException {
        return false;
    }

    public void deleteRegisteredResourceByAPIId(String str) throws APIManagementException {
    }

    public void deleteMappedApplication(String str) throws APIManagementException {
    }

    public Set<String> getActiveTokensByConsumerKey(String str) throws APIManagementException {
        return null;
    }

    public AccessTokenInfo getAccessTokenByConsumerKey(String str) throws APIManagementException {
        return null;
    }

    public Map<String, Set<Scope>> getScopesForAPIS(String str) throws APIManagementException {
        HashMap hashMap = new HashMap();
        Map scopesForAPIS = ApiMgtDAO.getInstance().getScopesForAPIS(str);
        for (String str2 : scopesForAPIS.keySet()) {
            LinkedHashSet linkedHashSet = new LinkedHashSet();
            Iterator it = ((Set) scopesForAPIS.get(str2)).iterator();
            while (it.hasNext()) {
                linkedHashSet.add(getScopeByName((String) it.next()));
            }
            hashMap.put(str2, linkedHashSet);
        }
        return hashMap;
    }

    public void registerScope(Scope scope) throws APIManagementException {
    }

    public Scope getScopeByName(String str) throws APIManagementException {
        return null;
    }

    public Map<String, Scope> getAllScopes() throws APIManagementException {
        return null;
    }

    public void deleteScope(String str) throws APIManagementException {
    }

    public void updateScope(Scope scope) throws APIManagementException {
    }

    public boolean isScopeExists(String str) throws APIManagementException {
        return false;
    }

    public String getType() {
        return "Auth0";
    }
}
