package org.wso2.am.choreo.extensions.token.handler.utils;

import choreo.apis.Types;
import io.grpc.StatusRuntimeException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.am.choreo.extensions.core.ChoreoExtensionConfiguration;
import org.wso2.am.choreo.extensions.core.ChoreoServiceProvider;
import org.wso2.am.choreo.extensions.core.TokenHandlerConfiguration;
import org.wso2.am.choreo.extensions.token.handler.internal.ServiceReferenceHolder;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO;
import org.wso2.carbon.identity.oauth2.model.RequestParameter;

/* loaded from: input_file:org/wso2/am/choreo/extensions/token/handler/utils/ChoreoScopeIssuerUtils.class */
public class ChoreoScopeIssuerUtils {
    private static final Log log = LogFactory.getLog(ChoreoScopeIssuerUtils.class);
    private static final String SCOPE_PREFIX = "urn:choreo:";
    public static final String OPENID_SCOPE = "openid";
    public static final String REQUEST_PARAM_ORG_HANDLE = "orgHandle";
    public static final String ENV_ORG_BASED_TOKEN_FEATURE = "FEATURE_FLAG_ORG_BASED_TOKEN_ENABLED";

    public static String[] getScopes(String str, String str2, String[] strArr) throws StatusRuntimeException, GrpcClientException {
        List<Types.Group> findUserGroupsByIdpId = GrpcClient.findUserGroupsByIdpId(str);
        ArrayList arrayList = new ArrayList();
        for (Types.Group group : findUserGroupsByIdpId) {
            for (String str3 : getMatchingScopeList(str2)) {
                String concat = SCOPE_PREFIX.concat(group.getOrgUuid()).concat(":").concat(str3);
                if (Arrays.asList(strArr).contains(str3) && !arrayList.contains(concat)) {
                    arrayList.add(concat);
                }
            }
        }
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    public static List<String> getScopesForOrg(String str, String str2, String[] strArr) throws StatusRuntimeException, GrpcClientException, IdentityOAuth2Exception {
        HashSet hashSet = new HashSet();
        List<Types.Role> findUserRolesByOrgAndIdpId = GrpcClient.findUserRolesByOrgAndIdpId(str2, str);
        if (log.isDebugEnabled()) {
            log.debug(String.format("Roles count for idpId: %s, orgHandle: %s -> %s", str, str2, Integer.valueOf(findUserRolesByOrgAndIdpId.size())));
        }
        HashSet hashSet2 = new HashSet(Arrays.asList(strArr));
        Iterator<Types.Role> it = findUserRolesByOrgAndIdpId.iterator();
        while (it.hasNext()) {
            for (Types.Permission permission : it.next().getPermissionsList()) {
                if (hashSet2.contains(permission.getHandle())) {
                    hashSet.add(permission.getHandle());
                }
            }
        }
        if (log.isDebugEnabled()) {
            log.debug(String.format("idpUserId: %s, orgHandle: %s, Accepted scopes: {%s}, requested scopes: {%s}", str, str2, hashSet, Arrays.asList(strArr)));
        }
        return new ArrayList(hashSet);
    }

    public static boolean isClientIdMatching(String str) {
        return getChoreoSpList().stream().anyMatch(choreoServiceProvider -> {
            return choreoServiceProvider.getClientId().equals(str);
        });
    }

    public static List<ChoreoServiceProvider> getChoreoSpList() {
        TokenHandlerConfiguration tokenHandlerConfiguration;
        ChoreoExtensionConfiguration choreoExtensionConfiguration = ServiceReferenceHolder.getInstance().getChoreoExtensionConfigurationService().getChoreoExtensionConfiguration();
        if (choreoExtensionConfiguration != null && (tokenHandlerConfiguration = choreoExtensionConfiguration.getTokenHandlerConfiguration()) != null) {
            return tokenHandlerConfiguration.getChoreoSpList();
        }
        return new ArrayList();
    }

    public static List<String> getMatchingScopeList(String str) throws NullPointerException {
        for (ChoreoServiceProvider choreoServiceProvider : getChoreoSpList()) {
            if (choreoServiceProvider.getClientId().equals(str)) {
                return Arrays.asList(choreoServiceProvider.getScopes());
            }
        }
        return new ArrayList();
    }

    public static boolean isConfigsSet() {
        return ServiceReferenceHolder.getInstance().getChoreoExtensionConfiguration() != null;
    }

    public static Optional<RequestParameter> getOrgHandleFromTokenRequest(OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO) {
        for (RequestParameter requestParameter : oAuth2AccessTokenReqDTO.getRequestParameters()) {
            if ("orgHandle".equals(requestParameter.getKey())) {
                return Optional.of(requestParameter);
            }
        }
        return Optional.empty();
    }

    public static boolean isOrgHandleRequestParamPresent(OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO) {
        for (RequestParameter requestParameter : oAuth2AccessTokenReqDTO.getRequestParameters()) {
            if ("orgHandle".equals(requestParameter.getKey())) {
                return !requestParameter.getValue()[0].equals("undefined");
            }
        }
        return false;
    }

    public static boolean isOrgBasedTokenFeatureEnabled() {
        String str = System.getenv(ENV_ORG_BASED_TOKEN_FEATURE);
        if (str == null) {
            return false;
        }
        return Boolean.parseBoolean(str);
    }
}
