package org.wso2.carbon.analytics.auth.rest.api.impl;

import com.google.gson.Gson;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.HashMap;
import java.util.Map;
import javax.ws.rs.core.NewCookie;
import javax.ws.rs.core.Response;
import org.osgi.framework.BundleContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.analytics.auth.rest.api.ApiResponseMessage;
import org.wso2.carbon.analytics.auth.rest.api.LoginApiService;
import org.wso2.carbon.analytics.auth.rest.api.NotFoundException;
import org.wso2.carbon.analytics.auth.rest.api.dto.ErrorDTO;
import org.wso2.carbon.analytics.auth.rest.api.dto.RedirectionDTO;
import org.wso2.carbon.analytics.auth.rest.api.dto.UserDTO;
import org.wso2.carbon.analytics.auth.rest.api.internal.DataHolder;
import org.wso2.carbon.analytics.auth.rest.api.internal.ServiceComponent;
import org.wso2.carbon.analytics.auth.rest.api.util.AuthRESTAPIConstants;
import org.wso2.carbon.analytics.auth.rest.api.util.AuthUtil;
import org.wso2.carbon.analytics.idp.client.core.api.IdPClient;
import org.wso2.carbon.analytics.idp.client.core.exception.IdPClientException;
import org.wso2.carbon.analytics.idp.client.core.utils.config.IdPClientConfiguration;
import org.wso2.carbon.analytics.idp.client.external.ExternalIdPClient;
import org.wso2.carbon.config.ConfigurationException;
import org.wso2.msf4j.Request;

/* loaded from: input_file:org/wso2/carbon/analytics/auth/rest/api/impl/LoginApiServiceImpl.class */
public class LoginApiServiceImpl extends LoginApiService {
    private static final Logger LOG = LoggerFactory.getLogger(LoginApiServiceImpl.class);

    @Reference(service = ServiceComponent.class, cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.DYNAMIC, unbind = "unRegisterServiceComponet")
    public void registerServiceComponet(ServiceComponent serviceComponent) {
        LOG.debug("@Reference(bind) ServiceComponent which sets IdP Client");
    }

    public void unRegisterServiceComponet(ServiceComponent serviceComponent) {
        LOG.debug("@Reference(bind) ServiceComponent which sets IdP Client was removed");
    }

    @Activate
    protected void start(BundleContext bundleContext) {
        LOG.debug("Login API started");
    }

    @Deactivate
    protected void stop() {
        LOG.debug("Login API stopped");
    }

    @Override // org.wso2.carbon.analytics.auth.rest.api.LoginApiService
    public Response loginAppNamePost(String str, String str2, String str3, String str4, Boolean bool, String str5, Request request) throws NotFoundException {
        if (bool == null) {
            try {
                bool = false;
            } catch (ConfigurationException e) {
                LOG.debug("Error occurred while reading configs from deployment.yaml. " + e.getMessage());
                ErrorDTO errorDTO = new ErrorDTO();
                errorDTO.setError("Internal_Server_Error");
                errorDTO.setDescription("Error occurred while reading configs from deployment.yaml. " + e.getMessage());
                return Response.status(Response.Status.BAD_REQUEST).entity(errorDTO).build();
            } catch (IdPClientException e2) {
                LOG.debug("Error in login to the uri '{}'", str, e2);
                ErrorDTO errorDTO2 = new ErrorDTO();
                errorDTO2.setError("Internal_Server_Error");
                errorDTO2.setDescription("Error in login to the uri '" + str + "'. Error: " + e2.getMessage());
                return Response.serverError().entity(errorDTO2).build();
            }
        }
        IdPClient idPClient = DataHolder.getInstance().getIdPClient();
        HashMap hashMap = new HashMap();
        String str6 = str.split("/\\|?")[0];
        String str7 = "/" + str6;
        hashMap.put("App_Name", str6);
        hashMap.put("Grant_Type", str4);
        hashMap.put("Remember_Me", bool.toString());
        hashMap.put("Domain", AuthUtil.getDomainFromHeader(request));
        if ("refresh_token".equals(str4)) {
            String extractTokenFromHeaders = AuthUtil.extractTokenFromHeaders(request.getHeaders(), AuthRESTAPIConstants.WSO2_SP_REFRESH_TOKEN);
            if (extractTokenFromHeaders == null) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Unable to extract refresh token from the header for the request '{}'.", removeCRLFCharacters(str));
                }
                ErrorDTO errorDTO3 = new ErrorDTO();
                errorDTO3.setError("Invalid_Credentials");
                errorDTO3.setDescription("Invalid Authorization header. Please provide the Authorization header to proceed.");
                return Response.status(Response.Status.BAD_REQUEST).entity(errorDTO3).build();
            }
            hashMap.put("Refresh_Token", extractTokenFromHeaders);
        } else if ("password".equals(str4)) {
            hashMap.put("App_Id", str5);
            hashMap.put("Username", str2);
            hashMap.put("Password", str3);
        } else {
            if (!"authorization_code".equalsIgnoreCase(str4)) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Grant type '{}' is not supported.", removeCRLFCharacters(str4));
                }
                ErrorDTO errorDTO4 = new ErrorDTO();
                errorDTO4.setError("Grant_Type_Not_Supported");
                errorDTO4.setDescription("Grant type '" + str4 + "' is not supported.");
                return Response.status(Response.Status.BAD_REQUEST).entity(errorDTO4).build();
            }
            hashMap.put("Grant_Type", "authorization_code");
            hashMap.put("Callback_Url", str);
        }
        Map login = idPClient.login(hashMap);
        String str8 = (String) login.get("Status");
        boolean z = -1;
        switch (str8.hashCode()) {
            case -1867169789:
                if (str8.equals("success")) {
                    z = false;
                    break;
                }
                break;
            case -1086574198:
                if (str8.equals("failure")) {
                    z = true;
                    break;
                }
                break;
            case 1970356908:
                if (str8.equals("redirection")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                UserDTO userDTO = new UserDTO();
                userDTO.authUser((String) login.get("Username"));
                try {
                    userDTO.validityPeriod(Integer.valueOf(Integer.parseInt((String) login.get("Validity_Period"))));
                    String str9 = (String) login.get("Access_Token");
                    String str10 = (String) login.get("Refresh_Token");
                    String substring = str9.substring(0, str9.length() / 2);
                    String substring2 = str9.substring(str9.length() / 2);
                    userDTO.setpID(substring);
                    NewCookie cookieBuilder = AuthUtil.cookieBuilder("HID", substring2, str7, true, true, -1);
                    NewCookie cookieBuilder2 = ((IdPClientConfiguration) DataHolder.getInstance().getConfigProvider().getConfigurationObject(IdPClientConfiguration.class)).isSsoEnabled() ? AuthUtil.cookieBuilder(AuthRESTAPIConstants.WSO2_SP_TOKEN, substring2, "/logout/slo" + str7, true, true, -1) : AuthUtil.cookieBuilder(AuthRESTAPIConstants.WSO2_SP_TOKEN, substring2, AuthRESTAPIConstants.LOGOUT_CONTEXT + str7, true, true, -1);
                    if (str10 == null) {
                        return Response.ok(userDTO, "application/json").cookie(new NewCookie[]{cookieBuilder, cookieBuilder2}).build();
                    }
                    int i = -1;
                    if (bool.booleanValue()) {
                        i = 604800;
                    }
                    String substring3 = str10.substring(0, str10.length() / 2);
                    String substring4 = str10.substring(str10.length() / 2);
                    userDTO.setlID(substring3);
                    NewCookie cookieBuilder3 = AuthUtil.cookieBuilder(AuthRESTAPIConstants.WSO2_SP_REFRESH_TOKEN, substring4, AuthRESTAPIConstants.LOGIN_CONTEXT + str7, true, true, i);
                    if (!"refresh_token".equals(str4) || login.get("ID_Token") == null) {
                        return Response.ok(userDTO, "application/json").cookie(new NewCookie[]{cookieBuilder, cookieBuilder2, cookieBuilder3}).build();
                    }
                    return Response.ok(userDTO, "application/json").cookie(new NewCookie[]{cookieBuilder, cookieBuilder2, cookieBuilder3, getLogoutContextIdTokenCookie((String) login.get("ID_Token"), userDTO, str7)}).build();
                } catch (NumberFormatException e3) {
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("Error in login to the uri '{}' in getting validity period of the session", removeCRLFCharacters(str), e3);
                    }
                    ErrorDTO errorDTO5 = new ErrorDTO();
                    errorDTO5.setError("Internal_Server_Error");
                    errorDTO5.setDescription("Error in login to the uri '" + str + "'. Error: " + e3.getMessage());
                    return Response.serverError().entity(errorDTO5).build();
                }
            case ApiResponseMessage.ERROR /* 1 */:
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Authentication failure for user '{}' when accessing uri '{}'.", removeCRLFCharacters(str2), removeCRLFCharacters(str));
                }
                ErrorDTO errorDTO6 = new ErrorDTO();
                errorDTO6.setError("Invalid_Credentials");
                errorDTO6.setDescription("Username or Password is invalid. Please check again.");
                return Response.status(Response.Status.UNAUTHORIZED).entity(errorDTO6).build();
            case ApiResponseMessage.WARNING /* 2 */:
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Authentication redirection for the uri '{}'.", removeCRLFCharacters(str));
                }
                RedirectionDTO redirectionDTO = new RedirectionDTO();
                redirectionDTO.setClientId((String) login.get("Client_Id"));
                redirectionDTO.setCallbackUrl((String) login.get("Callback_Url"));
                redirectionDTO.setRedirectUrl((String) login.get("Redirect_Url"));
                if (login.get("Scope") != null) {
                    redirectionDTO.setScope((String) login.get("Scope"));
                }
                return Response.status(Response.Status.FOUND).entity(redirectionDTO).build();
            default:
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Error in login to the uri '{}'.", removeCRLFCharacters(str));
                }
                ErrorDTO errorDTO7 = new ErrorDTO();
                errorDTO7.setError("Internal_Server_Error");
                errorDTO7.setDescription("Error in login to the uri '" + str + "'. Error: 'Invalid Login Status.");
                return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(errorDTO7).build();
        }
    }

    @Override // org.wso2.carbon.analytics.auth.rest.api.LoginApiService
    public Response loginCallbackAppNameGet(String str, String str2, Request request) throws NotFoundException {
        Map authCodeLogin;
        ExternalIdPClient idPClient = DataHolder.getInstance().getIdPClient();
        if (!(idPClient instanceof ExternalIdPClient)) {
            String str3 = "This API is only supported for External IS integration with OAuth2 support. IdPClient found is '" + removeCRLFCharacters(idPClient.getClass().getName());
            LOG.debug(str3);
            ErrorDTO errorDTO = new ErrorDTO();
            errorDTO.setError("Internal_Server_Error");
            errorDTO.setDescription(str3);
            return Response.status(Response.Status.BAD_REQUEST).entity(errorDTO).build();
        }
        String str4 = "/" + str.split("/\\|?")[0];
        String str5 = (String) request.getProperty("REQUEST_URL");
        String substring = str5.substring(str5.lastIndexOf("?code=") + 6);
        try {
            ExternalIdPClient externalIdPClient = idPClient;
            if (request.getHeader(AuthRESTAPIConstants.DOMAIN_HEADER) != null) {
                HashMap hashMap = new HashMap();
                hashMap.put("Domain", AuthUtil.getDomainFromHeader(request));
                authCodeLogin = externalIdPClient.authCodeLogin(str, substring, hashMap);
            } else {
                authCodeLogin = externalIdPClient.authCodeLogin(str, substring);
            }
            if (!((String) authCodeLogin.get("Status")).equals("success")) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Unable to get the token from the returned code '{}', for callback uri '{}'.", removeCRLFCharacters(substring), removeCRLFCharacters(str));
                }
                ErrorDTO errorDTO2 = new ErrorDTO();
                errorDTO2.setError("Invalid_Credentials");
                errorDTO2.setDescription("Unable to get the token from the returned code '" + substring + "'");
                return Response.status(Response.Status.UNAUTHORIZED).entity(errorDTO2).build();
            }
            UserDTO userDTO = new UserDTO();
            userDTO.authUser((String) authCodeLogin.get("Username"));
            try {
                userDTO.validityPeriod(Integer.valueOf(Integer.parseInt((String) authCodeLogin.get("Validity_Period"))));
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Login callback uri '{}' is redirected to '{}'.", removeCRLFCharacters(str), removeCRLFCharacters((String) authCodeLogin.get("Redirect_Url")));
                }
                URI uri = new URI((String) authCodeLogin.get("Redirect_Url"));
                String str6 = (String) authCodeLogin.get("Access_Token");
                String str7 = (String) authCodeLogin.get("Refresh_Token");
                NewCookie logoutContextIdTokenCookie = getLogoutContextIdTokenCookie((String) authCodeLogin.get("ID_Token"), userDTO, str4);
                String substring2 = str6.substring(0, str6.length() / 2);
                String substring3 = str6.substring(str6.length() / 2);
                userDTO.setpID(substring2);
                NewCookie cookieBuilder = AuthUtil.cookieBuilder("HID", substring3, str4, true, true, -1);
                NewCookie cookieBuilder2 = AuthUtil.cookieBuilder(AuthRESTAPIConstants.WSO2_SP_TOKEN, substring3, "/logout/slo" + str4, true, true, -1);
                if (str7 == null) {
                    return Response.status(Response.Status.FOUND).header("Location", uri).entity(userDTO).cookie(new NewCookie[]{cookieBuilder, cookieBuilder2, logoutContextIdTokenCookie}).build();
                }
                String substring4 = str7.substring(0, str7.length() / 2);
                String substring5 = str7.substring(str7.length() / 2);
                userDTO.setlID(substring4);
                return Response.status(Response.Status.FOUND).header("Location", uri).entity(userDTO).cookie(new NewCookie[]{cookieBuilder, cookieBuilder2, AuthUtil.cookieBuilder(AuthRESTAPIConstants.WSO2_SP_REFRESH_TOKEN, substring5, AuthRESTAPIConstants.LOGIN_CONTEXT + str4, true, true, AuthRESTAPIConstants.REFRESH_TOKEN_VALIDITY_PERIOD), AuthUtil.cookieBuilder(AuthRESTAPIConstants.WSO2_SP_USER_DTO, new Gson().toJson(userDTO), str4, true, false, -1), logoutContextIdTokenCookie}).build();
            } catch (NumberFormatException e) {
                if (LOG.isDebugEnabled()) {
                    LOG.debug("Error in login to the uri '{}' in getting validity period of the session from Identity Provider.", removeCRLFCharacters(str), e);
                }
                ErrorDTO errorDTO3 = new ErrorDTO();
                errorDTO3.setError("Internal_Server_Error");
                errorDTO3.setDescription("Error in login to the uri '" + str + "'. Error: " + e.getMessage());
                return Response.serverError().entity(errorDTO3).build();
            }
        } catch (IdPClientException e2) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Error in accessing token from the code '{}', for uri '{}'.", new Object[]{removeCRLFCharacters(substring), removeCRLFCharacters(str), e2});
            }
            ErrorDTO errorDTO4 = new ErrorDTO();
            errorDTO4.setError("Internal_Server_Error");
            errorDTO4.setDescription("Error in accessing token from the code for uri '" + str + "'. Error : '" + e2.getMessage() + "'");
            return Response.serverError().entity(errorDTO4).build();
        } catch (URISyntaxException e3) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Error in redirecting uri '{}' for auth code grant type login.", removeCRLFCharacters(str), e3);
            }
            ErrorDTO errorDTO5 = new ErrorDTO();
            errorDTO5.setError("Internal_Server_Error");
            errorDTO5.setDescription("Error in redirecting uri for auth code grant type login. Error: '" + e3.getMessage() + "'.");
            return Response.serverError().entity(errorDTO5).build();
        } catch (Throwable th) {
            LOG.error("Error occurred: " + th.getMessage(), th);
            ErrorDTO errorDTO6 = new ErrorDTO();
            errorDTO6.setError("Internal_Server_Error");
            errorDTO6.setDescription("Error occurred '" + str + "'. Error : '" + th.getMessage() + "'");
            return Response.serverError().entity(errorDTO6).build();
        }
    }

    @Override // org.wso2.carbon.analytics.auth.rest.api.LoginApiService
    public Response getAuthType() {
        try {
            IdPClientConfiguration idPClientConfiguration = (IdPClientConfiguration) DataHolder.getInstance().getConfigProvider().getConfigurationObject(IdPClientConfiguration.class);
            HashMap hashMap = new HashMap();
            hashMap.put("authType", idPClientConfiguration.isSsoEnabled() ? "sso" : "default");
            return Response.ok().entity(hashMap).build();
        } catch (ConfigurationException e) {
            ErrorDTO errorDTO = new ErrorDTO();
            errorDTO.setError("Internal_Server_Error");
            errorDTO.setDescription("Error occurred while reading configs from deployment.yaml. " + e.getMessage());
            return Response.status(Response.Status.BAD_REQUEST).entity(errorDTO).build();
        }
    }

    private NewCookie getLogoutContextIdTokenCookie(String str, UserDTO userDTO, String str2) {
        String substring = str.substring(0, str.length() / 2);
        String substring2 = str.substring(str.length() / 2);
        userDTO.setiID(substring);
        return AuthUtil.cookieBuilder(AuthRESTAPIConstants.WSO2_SP_ID_TOKEN, substring2, "/logout/slo" + str2, true, true, -1);
    }

    private static String removeCRLFCharacters(String str) {
        if (str != null) {
            str = str.replace('\n', '_').replace('\r', '_');
        }
        return str;
    }
}
