package org.wso2.carbon.apimgt.keymgt.issuers;

import com.nimbusds.jwt.JWTParser;
import java.text.ParseException;
import java.util.Arrays;
import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.model.Application;
import org.wso2.carbon.apimgt.impl.dto.ApplicationDTO;
import org.wso2.carbon.apimgt.impl.dto.JwtTokenInfoDTO;
import org.wso2.carbon.apimgt.impl.factory.KeyManagerHolder;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;
import org.wso2.carbon.apimgt.keymgt.token.APIMJWTGenerator;
import org.wso2.carbon.apimgt.keymgt.util.APIMTokenIssuerUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext;
import org.wso2.carbon.identity.oauth2.token.OauthTokenIssuerImpl;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;

/* loaded from: input_file:org/wso2/carbon/apimgt/keymgt/issuers/APIMTokenIssuer.class */
public class APIMTokenIssuer extends OauthTokenIssuerImpl {
    private static final Log log = LogFactory.getLog(APIMTokenIssuer.class);

    public String accessToken(OAuthTokenReqMessageContext oAuthTokenReqMessageContext) throws OAuthSystemException {
        String clientId = oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getClientId();
        try {
            long nanoTime = log.isDebugEnabled() ? System.nanoTime() : 0L;
            Application applicationByClientId = APIUtil.getApplicationByClientId(clientId);
            if (log.isDebugEnabled()) {
                log.debug("Time taken to load the Application from database in milliseconds : " + ((System.nanoTime() - nanoTime) / 1000000));
            }
            if (applicationByClientId == null || !"JWT".equals(applicationByClientId.getTokenType())) {
                return super.accessToken(oAuthTokenReqMessageContext);
            }
            List asList = Arrays.asList(OAuth2Util.getAppInformationByClientId(clientId).getAudiences());
            String[] scope = oAuthTokenReqMessageContext.getScope();
            StringBuilder sb = new StringBuilder();
            for (String str : scope) {
                sb.append(str).append(" ");
            }
            ApplicationDTO applicationDTO = new ApplicationDTO();
            applicationDTO.setId(applicationByClientId.getId());
            applicationDTO.setName(applicationByClientId.getName());
            applicationDTO.setTier(applicationByClientId.getTier());
            applicationDTO.setOwner(applicationByClientId.getOwner());
            JwtTokenInfoDTO jwtTokenInfoDTO = APIMTokenIssuerUtil.getJwtTokenInfoDTO(applicationByClientId, oAuthTokenReqMessageContext);
            jwtTokenInfoDTO.setScopes(sb.toString().trim());
            jwtTokenInfoDTO.setAudience(asList);
            jwtTokenInfoDTO.setExpirationTime(getSecondsTillExpiry(oAuthTokenReqMessageContext.getValidityPeriod()));
            jwtTokenInfoDTO.setApplication(applicationDTO);
            jwtTokenInfoDTO.setKeyType(applicationByClientId.getKeyType());
            jwtTokenInfoDTO.setConsumerKey(clientId);
            String generateJWT = new APIMJWTGenerator().generateJWT(jwtTokenInfoDTO);
            if (log.isDebugEnabled()) {
                log.debug("Time taken to generate the JWG in milliseconds : " + ((System.nanoTime() - nanoTime) / 1000000));
            }
            return generateJWT;
        } catch (InvalidOAuthClientException e) {
            log.error("Error occurred while getting JWT Token client ID : " + clientId + " when getting oAuth App information", e);
            throw new OAuthSystemException("Error occurred while getting JWT Token client ID : " + clientId, e);
        } catch (IdentityOAuth2Exception e2) {
            log.error("Error occurred while getting JWT Token client ID : " + clientId + " when getting oAuth App information", e2);
            throw new OAuthSystemException("Error occurred while getting JWT Token client ID : " + clientId, e2);
        } catch (APIManagementException e3) {
            log.error("Error occurred while getting JWT Token client ID : " + clientId, e3);
            throw new OAuthSystemException("Error occurred while getting JWT Token client ID : " + clientId, e3);
        }
    }

    private long getSecondsTillExpiry(long j) throws APIManagementException {
        if (j == -1) {
            return Long.parseLong(KeyManagerHolder.getKeyManagerInstance().getKeyManagerConfiguration().getParameter("VALIDITY_PERIOD"));
        }
        if (j == -2) {
            return 2147483647L;
        }
        return j;
    }

    public String getAccessTokenHash(String str) throws OAuthSystemException {
        if (!StringUtils.isNotEmpty(str) || !str.contains(".")) {
            return str;
        }
        try {
            return JWTParser.parse(str).getJWTClaimsSet().getJWTID();
        } catch (ParseException e) {
            if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable("AccessToken")) {
                log.debug("Error while getting JWTID from token: " + str);
            }
            throw new OAuthSystemException("Error while getting access token hash", e);
        }
    }
}
