package org.wso2.carbon.apimgt.keymgt.service;

import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Date;
import java.util.Map;
import java.util.Set;
import javax.cache.Cache;
import javax.cache.Caching;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
import org.apache.commons.httpclient.Header;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.model.URITemplate;
import org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO;
import org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;
import org.wso2.carbon.apimgt.keymgt.APIKeyMgtException;
import org.wso2.carbon.apimgt.keymgt.util.APIKeyMgtDataHolder;
import org.wso2.carbon.core.AbstractAdmin;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.model.AccessTokenDO;
import org.wso2.carbon.identity.oauth2.validators.OAuth2ScopeValidator;

/* loaded from: input_file:org/wso2/carbon/apimgt/keymgt/service/APIKeyValidationService.class */
public class APIKeyValidationService extends AbstractAdmin {
    private static final Log log = LogFactory.getLog(APIKeyValidationService.class);

    public APIKeyValidationInfoDTO validateKey(String str, String str2, String str3, String str4, String str5, String str6, String str7) throws APIKeyMgtException, APIManagementException {
        APIKeyValidationInfoDTO aPIKeyValidationInfoDTO;
        MessageContext currentMessageContext = MessageContext.getCurrentMessageContext();
        Map map = null;
        String str8 = null;
        if (currentMessageContext != null) {
            try {
                MessageContext messageContext = currentMessageContext.getOperationContext().getMessageContext("Out");
                if (log.isDebugEnabled()) {
                    ArrayList arrayList = new ArrayList();
                    Object property = currentMessageContext.getProperty("TRANSPORT_HEADERS");
                    if (property != null && (property instanceof Map)) {
                        map = (Map) property;
                        str8 = (String) map.get("activityID");
                    }
                    arrayList.add(new Header("activityID", (String) map.get("activityID")));
                    messageContext.setProperty("HTTP_HEADERS", arrayList);
                }
            } catch (AxisFault e) {
                throw new APIKeyMgtException("Error while building response messageContext: " + e.getLocalizedMessage());
            }
        }
        if (log.isDebugEnabled()) {
            String str9 = "KeyValidation request from gateway: requestTime=" + new Date(System.currentTimeMillis());
            if (str8 != null) {
                str9 = str9 + " , transactionId=" + str8;
            }
            log.debug(str9);
        }
        Cache cache = Caching.getCacheManager("API_MANAGER_CACHE").getCache("keyCache");
        String accessTokenCacheKey = APIUtil.getAccessTokenCacheKey(str3, str, str2, str6, str7, str4);
        ApiMgtDAO apiMgtDAO = new ApiMgtDAO();
        if (APIKeyMgtDataHolder.getKeyCacheEnabledKeyMgt().booleanValue() && (aPIKeyValidationInfoDTO = (APIKeyValidationInfoDTO) cache.get(accessTokenCacheKey)) != null) {
            if (log.isDebugEnabled()) {
                log.debug("Found cached access token for : " + accessTokenCacheKey + " .Checking for expiration time.");
            }
            if (aPIKeyValidationInfoDTO.isAuthorized()) {
                APIUtil.checkClientDomainAuthorized(aPIKeyValidationInfoDTO, str5);
            }
            if (APIUtil.isAccessTokenExpired(aPIKeyValidationInfoDTO)) {
                log.info("Token " + accessTokenCacheKey + " expired.");
                aPIKeyValidationInfoDTO.setAuthorized(false);
            } else {
                if (!APIKeyMgtDataHolder.getJWTCacheEnabledKeyMgt().booleanValue() && aPIKeyValidationInfoDTO.isAuthorized()) {
                    aPIKeyValidationInfoDTO.setEndUserToken(apiMgtDAO.createJWTTokenString(str, str2, aPIKeyValidationInfoDTO));
                }
                if (log.isDebugEnabled() && currentMessageContext != null) {
                    logMessageDetails(currentMessageContext, aPIKeyValidationInfoDTO);
                }
            }
            return aPIKeyValidationInfoDTO;
        }
        String str10 = str + "/" + str2 + str6 + ":" + str7;
        APIKeyValidationInfoDTO validateKey = apiMgtDAO.validateKey(str, str2, str3, str4);
        OAuth2ScopeValidator oAuth2ScopeValidator = OAuthServerConfiguration.getInstance().getoAuth2ScopeValidator();
        String[] strArr = null;
        Set scopes = validateKey.getScopes();
        if (scopes != null && !scopes.isEmpty()) {
            strArr = (String[]) scopes.toArray(new String[scopes.size()]);
        }
        AccessTokenDO accessTokenDO = new AccessTokenDO(validateKey.getConsumerKey(), validateKey.getEndUserName(), strArr, (Timestamp) null, validateKey.getValidityPeriod(), validateKey.getType());
        accessTokenDO.setAccessToken(str3);
        if (oAuth2ScopeValidator != null) {
            try {
                if (!oAuth2ScopeValidator.validateScope(accessTokenDO, str10)) {
                    validateKey.setAuthorized(false);
                    validateKey.setValidationStatus(900910);
                }
            } catch (IdentityOAuth2Exception e2) {
                log.error("ERROR while validating token scope " + e2.getMessage());
                validateKey.setAuthorized(false);
                validateKey.setValidationStatus(900910);
            }
        }
        if (validateKey.isAuthorized()) {
            APIUtil.checkClientDomainAuthorized(validateKey, str5);
        }
        if (validateKey != null) {
            cache.put(accessTokenCacheKey, validateKey);
        }
        if (log.isDebugEnabled() && currentMessageContext != null) {
            logMessageDetails(currentMessageContext, validateKey);
        }
        return validateKey;
    }

    public ArrayList<URITemplate> getAllURITemplates(String str, String str2) throws APIKeyMgtException, APIManagementException {
        return ApiMgtDAO.getAllURITemplates(str, str2);
    }

    private void logMessageDetails(MessageContext messageContext, APIKeyValidationInfoDTO aPIKeyValidationInfoDTO) {
        String applicationName = aPIKeyValidationInfoDTO.getApplicationName();
        String endUserName = aPIKeyValidationInfoDTO.getEndUserName();
        String consumerKey = aPIKeyValidationInfoDTO.getConsumerKey();
        Boolean valueOf = Boolean.valueOf(aPIKeyValidationInfoDTO.isAuthorized());
        String str = applicationName != null ? " , appName=" + applicationName : "";
        if (endUserName != null) {
            str = str + " , userName=" + endUserName;
        }
        String str2 = (String) ((Map) messageContext.getProperty("TRANSPORT_HEADERS")).get("activityID");
        if (str2 != null) {
            str = str + " , transactionId=" + str2;
        }
        if (consumerKey != null) {
            str = str + " , consumerKey=" + consumerKey;
        }
        log.debug("OAuth token response from keyManager to gateway: " + ((str + " , isAuthorized=" + valueOf) + " , responseTime=" + new Date(System.currentTimeMillis())));
    }
}
