package org.wso2.carbon.apimgt.keymgt.handlers;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.model.AccessTokenInfo;
import org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO;
import org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;
import org.wso2.carbon.apimgt.keymgt.APIKeyMgtException;
import org.wso2.carbon.apimgt.keymgt.service.TokenValidationContext;
import org.wso2.carbon.apimgt.keymgt.util.APIKeyMgtDataHolder;

/* loaded from: input_file:org/wso2/carbon/apimgt/keymgt/handlers/AbstractKeyValidationHandler.class */
public abstract class AbstractKeyValidationHandler implements KeyValidationHandler {
    private static final Log log = LogFactory.getLog(AbstractKeyValidationHandler.class);
    private ApiMgtDAO dao = new ApiMgtDAO();

    @Override // org.wso2.carbon.apimgt.keymgt.handlers.KeyValidationHandler
    public boolean validateSubscription(TokenValidationContext tokenValidationContext) throws APIKeyMgtException {
        if (tokenValidationContext == null || tokenValidationContext.getValidationInfoDTO() == null) {
            return false;
        }
        if (tokenValidationContext.isCacheHit()) {
            return true;
        }
        APIKeyValidationInfoDTO validationInfoDTO = tokenValidationContext.getValidationInfoDTO();
        if (tokenValidationContext.getTokenInfo() != null) {
            if (tokenValidationContext.getTokenInfo().isApplicationToken()) {
                validationInfoDTO.setUserType("APPLICATION");
            } else {
                validationInfoDTO.setUserType("APPLICATION_USER");
            }
            if (!hasTokenRequiredAuthLevel(tokenValidationContext.getRequiredAuthenticationLevel(), tokenValidationContext.getTokenInfo())) {
                validationInfoDTO.setAuthorized(false);
                validationInfoDTO.setValidationStatus(900905);
                return false;
            }
        }
        boolean z = false;
        try {
            if (log.isDebugEnabled()) {
                log.debug("Before validating subscriptions : " + validationInfoDTO);
                log.debug("Validation Info : { context : " + tokenValidationContext.getContext() + " , version : " + tokenValidationContext.getVersion() + " , consumerKey : " + validationInfoDTO.getConsumerKey() + " }");
            }
            z = this.dao.validateSubscriptionDetails(tokenValidationContext.getContext(), tokenValidationContext.getVersion(), validationInfoDTO.getConsumerKey(), validationInfoDTO);
            if (z) {
                validationInfoDTO.setAuthorizedDomains(APIUtil.getListOfAuthorizedDomainsByConsumerKey(tokenValidationContext.getTokenInfo().getConsumerKey()));
                checkClientDomainAuthorized(validationInfoDTO, tokenValidationContext.getClientDomain());
            }
            if (log.isDebugEnabled()) {
                log.debug("After validating subscriptions : " + validationInfoDTO);
            }
        } catch (APIManagementException e) {
            log.error("Error Occurred while validating subscription.", e);
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void checkClientDomainAuthorized(APIKeyValidationInfoDTO aPIKeyValidationInfoDTO, String str) throws APIKeyMgtException {
        try {
            APIUtil.checkClientDomainAuthorized(aPIKeyValidationInfoDTO, str);
        } catch (APIManagementException e) {
            log.error("Error while validating client domain", e);
        }
    }

    protected void setTokenType(AccessTokenInfo accessTokenInfo) {
    }

    protected boolean hasTokenRequiredAuthLevel(String str, AccessTokenInfo accessTokenInfo) {
        if (str == null || str.isEmpty() || accessTokenInfo == null) {
            return false;
        }
        return "Application".equals(str) ? accessTokenInfo.isApplicationToken() : ("Application_User".equals(str) && accessTokenInfo.isApplicationToken()) ? false : true;
    }

    @Override // org.wso2.carbon.apimgt.keymgt.handlers.KeyValidationHandler
    public boolean generateConsumerToken(TokenValidationContext tokenValidationContext) throws APIKeyMgtException {
        try {
            tokenValidationContext.getValidationInfoDTO().setEndUserToken(APIKeyMgtDataHolder.getTokenGenerator().generateToken(tokenValidationContext.getValidationInfoDTO(), tokenValidationContext.getContext(), tokenValidationContext.getVersion(), tokenValidationContext.getAccessToken()));
            return true;
        } catch (APIManagementException e) {
            log.error("Error occurred while generating JWT. ", e);
            return false;
        }
    }
}
