package org.wso2.am.choreo.extensions.token.handler.utils;

import com.nimbusds.jwt.SignedJWT;
import java.text.ParseException;
import net.minidev.json.JSONObject;
import org.apache.commons.lang.StringUtils;
import org.wso2.am.choreo.extensions.token.handler.TokenHandlerConstants;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.model.ApplicationInfo;
import org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO;
import org.wso2.carbon.apimgt.impl.jwt.SignedJWTInfo;
import org.wso2.carbon.identity.application.common.IdentityApplicationManagementException;
import org.wso2.carbon.identity.application.common.model.ServiceProviderProperty;
import org.wso2.carbon.identity.application.mgt.ApplicationManagementService;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.grant.token.exchange.utils.TokenExchangeUtils;
import org.wso2.carbon.identity.oauth2.model.RequestParameter;
import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext;

/* loaded from: input_file:org/wso2/am/choreo/extensions/token/handler/utils/ApplicationTokenUtils.class */
public class ApplicationTokenUtils {
    public static String getOrgUuidByConsumerKey(String str) throws IdentityOAuth2Exception {
        try {
            ApplicationInfo lightweightApplicationByConsumerKey = ApiMgtDAO.getInstance().getLightweightApplicationByConsumerKey(str);
            if (lightweightApplicationByConsumerKey != null) {
                return lightweightApplicationByConsumerKey.getOrganizationId();
            }
            try {
                for (ServiceProviderProperty serviceProviderProperty : ApplicationManagementService.getInstance().getServiceProviderByClientId(str, "oauth2", "carbon.super").getSpProperties()) {
                    if (TokenHandlerConstants.APP_ORG_ID_NAME.equalsIgnoreCase(serviceProviderProperty.getName())) {
                        return serviceProviderProperty.getValue();
                    }
                }
                return null;
            } catch (IdentityApplicationManagementException e) {
                throw new IdentityOAuth2Exception("Error while fetching serviceProvider details for client :" + str, e);
            }
        } catch (APIManagementException e2) {
            throw new IdentityOAuth2Exception("Error while fetching org details of consumer key :" + str, e2);
        }
    }

    public static String getOrgHandleByConsumerKey(String str) throws IdentityOAuth2Exception {
        try {
            for (ServiceProviderProperty serviceProviderProperty : ApplicationManagementService.getInstance().getServiceProviderByClientId(str, "oauth2", "carbon.super").getSpProperties()) {
                if ("orgHandle".equalsIgnoreCase(serviceProviderProperty.getName())) {
                    return serviceProviderProperty.getValue();
                }
            }
            return null;
        } catch (IdentityApplicationManagementException e) {
            throw new IdentityOAuth2Exception("Error while fetching serviceProvider details for client :" + str, e);
        }
    }

    public static String getOrgHandler(String str) throws APIManagementException {
        try {
            SignedJWT parse = SignedJWT.parse(str);
            JSONObject jSONObjectClaim = new SignedJWTInfo(str, parse, parse.getJWTClaimsSet()).getJwtClaimsSet().getJSONObjectClaim(TokenHandlerConstants.ORG_CLAIMS_CLAIM_KEY);
            if (jSONObjectClaim == null || !jSONObjectClaim.containsKey(TokenHandlerConstants.ORG_HANDLE_CLAIMS_CLAIM_KEY)) {
                return null;
            }
            return jSONObjectClaim.getAsString(TokenHandlerConstants.ORG_HANDLE_CLAIMS_CLAIM_KEY);
        } catch (ParseException e) {
            throw new APIManagementException("Failed to parse organization handle claim from JWT claims", e);
        }
    }

    public static SignedJWT getSignedSubjectToken(OAuthTokenReqMessageContext oAuthTokenReqMessageContext) throws IdentityOAuth2Exception {
        String subjectToken = getSubjectToken(oAuthTokenReqMessageContext);
        SignedJWT signedJWT = null;
        if (StringUtils.isNotBlank(subjectToken)) {
            signedJWT = (SignedJWT) oAuthTokenReqMessageContext.getProperty(TokenHandlerConstants.SIGNED_JWT);
            if (signedJWT == null) {
                signedJWT = TokenExchangeUtils.getSignedJWT(subjectToken);
            }
        }
        return signedJWT;
    }

    public static String getSubjectToken(OAuthTokenReqMessageContext oAuthTokenReqMessageContext) {
        String str = null;
        RequestParameter[] requestParameters = oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getRequestParameters();
        int length = requestParameters.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            RequestParameter requestParameter = requestParameters[i];
            if (TokenHandlerConstants.SUBJECT_TOKEN.equals(requestParameter.getKey())) {
                str = requestParameter.getValue()[0];
                break;
            }
            i++;
        }
        return str;
    }
}
