package org.wso2.carbon.apimgt.keymgt.util;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.Conversions;
import org.aspectj.runtime.reflect.Factory;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.model.Application;
import org.wso2.carbon.apimgt.api.model.policy.SubscriptionPolicy;
import org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO;
import org.wso2.carbon.apimgt.impl.dto.APISubscriptionInfoDTO;
import org.wso2.carbon.apimgt.impl.dto.ApplicationDTO;
import org.wso2.carbon.apimgt.impl.dto.JwtTokenInfoDTO;
import org.wso2.carbon.apimgt.impl.dto.SubscribedApiDTO;
import org.wso2.carbon.apimgt.impl.dto.SubscriptionPolicyDTO;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;
import org.wso2.carbon.apimgt.keymgt.JWTAccessTokenIssuerDTO;
import org.wso2.carbon.apimgt.keymgt.MethodTimeLogger;
import org.wso2.carbon.apimgt.keymgt.token.APIMJWTGenerator;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;
import org.wso2.carbon.identity.oauth.dao.OAuthAppDO;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext;
import org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;

/* loaded from: input_file:org/wso2/carbon/apimgt/keymgt/util/APIMTokenIssuerUtil.class */
public class APIMTokenIssuerUtil {
    private static final Log log;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;
    private static final JoinPoint.StaticPart ajc$tjp_2 = null;
    private static final JoinPoint.StaticPart ajc$tjp_3 = null;
    private static final JoinPoint.StaticPart ajc$tjp_4 = null;
    private static final JoinPoint.StaticPart ajc$tjp_5 = null;

    /* loaded from: input_file:org/wso2/carbon/apimgt/keymgt/util/APIMTokenIssuerUtil$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return APIMTokenIssuerUtil.getJwtTokenInfoDTO_aroundBody0((Application) objArr2[0], (OAuthTokenReqMessageContext) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/keymgt/util/APIMTokenIssuerUtil$AjcClosure11.class */
    public class AjcClosure11 extends AroundClosure {
        public AjcClosure11(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.longObject(APIMTokenIssuerUtil.getSecondsTillExpiry_aroundBody10(Conversions.longValue(objArr2[0]), (JoinPoint) objArr2[1]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/keymgt/util/APIMTokenIssuerUtil$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.longObject(APIMTokenIssuerUtil.getAccessTokenLifeTimeInSeconds_aroundBody2((OAuthTokenReqMessageContext) objArr2[0], (OAuthAppDO) objArr2[1], (JoinPoint) objArr2[2]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/keymgt/util/APIMTokenIssuerUtil$AjcClosure5.class */
    public class AjcClosure5 extends AroundClosure {
        public AjcClosure5(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return APIMTokenIssuerUtil.generateToken_aroundBody4((JWTAccessTokenIssuerDTO) objArr2[0], (Application) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/keymgt/util/APIMTokenIssuerUtil$AjcClosure7.class */
    public class AjcClosure7 extends AroundClosure {
        public AjcClosure7(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.longObject(APIMTokenIssuerUtil.getAccessTokenLifeTimeInSeconds_aroundBody6((OAuthAppDO) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/keymgt/util/APIMTokenIssuerUtil$AjcClosure9.class */
    public class AjcClosure9 extends AroundClosure {
        public AjcClosure9(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(APIMTokenIssuerUtil.isUserAccessTokenType_aroundBody8((String) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    static {
        ajc$preClinit();
        log = LogFactory.getLog(APIMTokenIssuerUtil.class);
    }

    public static JwtTokenInfoDTO getJwtTokenInfoDTO(Application application, OAuthTokenReqMessageContext oAuthTokenReqMessageContext) throws APIManagementException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_0, (Object) null, (Object) null, application, oAuthTokenReqMessageContext);
        return (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled()) ? (JwtTokenInfoDTO) MethodTimeLogger.aspectOf().log(new AjcClosure1(new Object[]{application, oAuthTokenReqMessageContext, makeJP}).linkClosureAndJoinPoint(65536)) : getJwtTokenInfoDTO_aroundBody0(application, oAuthTokenReqMessageContext, makeJP);
    }

    public static long getAccessTokenLifeTimeInSeconds(OAuthTokenReqMessageContext oAuthTokenReqMessageContext, OAuthAppDO oAuthAppDO) throws IdentityOAuth2Exception {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_1, (Object) null, (Object) null, oAuthTokenReqMessageContext, oAuthAppDO);
        return (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled()) ? Conversions.longValue(MethodTimeLogger.aspectOf().log(new AjcClosure3(new Object[]{oAuthTokenReqMessageContext, oAuthAppDO, makeJP}).linkClosureAndJoinPoint(65536))) : getAccessTokenLifeTimeInSeconds_aroundBody2(oAuthTokenReqMessageContext, oAuthAppDO, makeJP);
    }

    public static String generateToken(JWTAccessTokenIssuerDTO jWTAccessTokenIssuerDTO, Application application) throws OAuthSystemException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_2, (Object) null, (Object) null, jWTAccessTokenIssuerDTO, application);
        return (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled()) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure5(new Object[]{jWTAccessTokenIssuerDTO, application, makeJP}).linkClosureAndJoinPoint(65536)) : generateToken_aroundBody4(jWTAccessTokenIssuerDTO, application, makeJP);
    }

    public static long getAccessTokenLifeTimeInSeconds(OAuthAppDO oAuthAppDO) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_3, (Object) null, (Object) null, oAuthAppDO);
        return (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled()) ? Conversions.longValue(MethodTimeLogger.aspectOf().log(new AjcClosure7(new Object[]{oAuthAppDO, makeJP}).linkClosureAndJoinPoint(65536))) : getAccessTokenLifeTimeInSeconds_aroundBody6(oAuthAppDO, makeJP);
    }

    private static boolean isUserAccessTokenType(String str) throws IdentityOAuth2Exception {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_4, (Object) null, (Object) null, str);
        return (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled()) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure9(new Object[]{str, makeJP}).linkClosureAndJoinPoint(65536))) : isUserAccessTokenType_aroundBody8(str, makeJP);
    }

    private static long getSecondsTillExpiry(long j) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_5, (Object) null, (Object) null, Conversions.longObject(j));
        return (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled()) ? Conversions.longValue(MethodTimeLogger.aspectOf().log(new AjcClosure11(new Object[]{Conversions.longObject(j), makeJP}).linkClosureAndJoinPoint(65536))) : getSecondsTillExpiry_aroundBody10(j, makeJP);
    }

    static final JwtTokenInfoDTO getJwtTokenInfoDTO_aroundBody0(Application application, OAuthTokenReqMessageContext oAuthTokenReqMessageContext, JoinPoint joinPoint) {
        String tenantDomain = oAuthTokenReqMessageContext.getAuthorizedUser().getTenantDomain();
        String fullQualifiedUsername = oAuthTokenReqMessageContext.getAuthorizedUser().toFullQualifiedUsername();
        int id = application.getId();
        String owner = application.getOwner();
        APISubscriptionInfoDTO[] subscribedAPIsForAnApp = ApiMgtDAO.getInstance().getSubscribedAPIsForAnApp(owner, id);
        JwtTokenInfoDTO jwtTokenInfoDTO = new JwtTokenInfoDTO();
        jwtTokenInfoDTO.setSubscriber("sub");
        jwtTokenInfoDTO.setEndUserName(fullQualifiedUsername);
        jwtTokenInfoDTO.setContentAware(true);
        HashSet hashSet = new HashSet();
        ArrayList arrayList = new ArrayList();
        for (APISubscriptionInfoDTO aPISubscriptionInfoDTO : subscribedAPIsForAnApp) {
            hashSet.add(aPISubscriptionInfoDTO.getSubscriptionTier());
            SubscribedApiDTO subscribedApiDTO = new SubscribedApiDTO();
            subscribedApiDTO.setName(aPISubscriptionInfoDTO.getApiName());
            subscribedApiDTO.setContext(aPISubscriptionInfoDTO.getContext());
            subscribedApiDTO.setVersion(aPISubscriptionInfoDTO.getVersion());
            subscribedApiDTO.setPublisher(aPISubscriptionInfoDTO.getProviderId());
            subscribedApiDTO.setSubscriptionTier(aPISubscriptionInfoDTO.getSubscriptionTier());
            subscribedApiDTO.setSubscriberTenantDomain(tenantDomain);
            arrayList.add(subscribedApiDTO);
        }
        jwtTokenInfoDTO.setSubscribedApiDTOList(arrayList);
        if (hashSet.size() > 0) {
            SubscriptionPolicy[] subscriptionPolicies = ApiMgtDAO.getInstance().getSubscriptionPolicies((String[]) hashSet.toArray(new String[0]), APIUtil.getTenantId(owner));
            HashMap hashMap = new HashMap();
            for (SubscriptionPolicy subscriptionPolicy : subscriptionPolicies) {
                SubscriptionPolicyDTO subscriptionPolicyDTO = new SubscriptionPolicyDTO();
                subscriptionPolicyDTO.setSpikeArrestLimit(subscriptionPolicy.getRateLimitCount());
                subscriptionPolicyDTO.setSpikeArrestUnit(subscriptionPolicy.getRateLimitTimeUnit());
                subscriptionPolicyDTO.setStopOnQuotaReach(subscriptionPolicy.isStopOnQuotaReach());
                hashMap.put(subscriptionPolicy.getPolicyName(), subscriptionPolicyDTO);
            }
            jwtTokenInfoDTO.setSubscriptionPolicyDTOList(hashMap);
        }
        return jwtTokenInfoDTO;
    }

    static final long getAccessTokenLifeTimeInSeconds_aroundBody2(OAuthTokenReqMessageContext oAuthTokenReqMessageContext, OAuthAppDO oAuthAppDO, JoinPoint joinPoint) {
        long applicationAccessTokenExpiryTime;
        boolean isUserAccessTokenType = isUserAccessTokenType(oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getGrantType());
        if (isUserAccessTokenType) {
            applicationAccessTokenExpiryTime = oAuthAppDO.getUserAccessTokenExpiryTime();
            if (log.isDebugEnabled()) {
                log.debug("User Access Token Life time set to : " + applicationAccessTokenExpiryTime + " sec.");
            }
        } else {
            applicationAccessTokenExpiryTime = oAuthTokenReqMessageContext.getValidityPeriod() == -1 ? oAuthAppDO.getApplicationAccessTokenExpiryTime() : getSecondsTillExpiry(oAuthTokenReqMessageContext.getValidityPeriod());
            if (log.isDebugEnabled()) {
                log.debug("Application Access Token Life time set to : " + applicationAccessTokenExpiryTime + " sec.");
            }
        }
        if (applicationAccessTokenExpiryTime == 0) {
            if (isUserAccessTokenType) {
                applicationAccessTokenExpiryTime = OAuthServerConfiguration.getInstance().getUserAccessTokenValidityPeriodInSeconds();
                if (log.isDebugEnabled()) {
                    log.debug("User access token time was 0ms. Setting default user access token lifetime : " + applicationAccessTokenExpiryTime + " sec.");
                }
            } else {
                applicationAccessTokenExpiryTime = OAuthServerConfiguration.getInstance().getApplicationAccessTokenValidityPeriodInSeconds();
                if (log.isDebugEnabled()) {
                    log.debug("Application access token time was 0ms. Setting default Application access token lifetime : " + applicationAccessTokenExpiryTime + " sec.");
                }
            }
        }
        if (log.isDebugEnabled()) {
            log.debug("JWT Self Signed Access Token Life time set to : " + applicationAccessTokenExpiryTime + " sec.");
        }
        return applicationAccessTokenExpiryTime;
    }

    static final String generateToken_aroundBody4(JWTAccessTokenIssuerDTO jWTAccessTokenIssuerDTO, Application application, JoinPoint joinPoint) {
        String clientId = jWTAccessTokenIssuerDTO.getClientId();
        try {
            List asList = Arrays.asList(OAuth2Util.getAppInformationByClientId(clientId).getAudiences());
            StringBuilder sb = new StringBuilder();
            for (String str : jWTAccessTokenIssuerDTO.getScopeList()) {
                sb.append(str).append(" ");
            }
            String quotaTypeForApplicationPolicy = APIUtil.getQuotaTypeForApplicationPolicy(application.getTier(), APIUtil.getTenantId(application.getOwner()));
            ApplicationDTO applicationDTO = new ApplicationDTO();
            applicationDTO.setId(application.getId());
            applicationDTO.setName(application.getName());
            applicationDTO.setTier(application.getTier());
            applicationDTO.setOwner(application.getOwner());
            applicationDTO.setTierQuotaType(quotaTypeForApplicationPolicy);
            AuthenticatedUser user = jWTAccessTokenIssuerDTO.getUser();
            JwtTokenInfoDTO jwtTokenInfoDTO = APIUtil.getJwtTokenInfoDTO(application, user.toFullQualifiedUsername(), user.getTenantDomain());
            jwtTokenInfoDTO.setScopes(sb.toString().trim());
            jwtTokenInfoDTO.setAudience(asList);
            jwtTokenInfoDTO.setExpirationTime(jWTAccessTokenIssuerDTO.getValidityPeriod());
            jwtTokenInfoDTO.setApplication(applicationDTO);
            jwtTokenInfoDTO.setKeyType(application.getKeyType());
            jwtTokenInfoDTO.setConsumerKey(clientId);
            jwtTokenInfoDTO.setTokenReqMessageContext(jWTAccessTokenIssuerDTO.getTokReqMsgCtx());
            jwtTokenInfoDTO.setOauthAuthzMsgCtx(jWTAccessTokenIssuerDTO.getOauthAuthzMsgCtx());
            return new APIMJWTGenerator().generateJWT(jwtTokenInfoDTO);
        } catch (InvalidOAuthClientException | IdentityOAuth2Exception | APIManagementException e) {
            log.error("Error occurred while getting JWT Token client ID : " + clientId + " when getting oAuth App information", e);
            throw new OAuthSystemException("Error occurred while getting JWT Token client ID : " + clientId, e);
        }
    }

    static final long getAccessTokenLifeTimeInSeconds_aroundBody6(OAuthAppDO oAuthAppDO, JoinPoint joinPoint) {
        long userAccessTokenExpiryTime = oAuthAppDO.getUserAccessTokenExpiryTime();
        if (userAccessTokenExpiryTime == 0) {
            userAccessTokenExpiryTime = OAuthServerConfiguration.getInstance().getUserAccessTokenValidityPeriodInSeconds();
            if (log.isDebugEnabled()) {
                log.debug("User access token time was 0ms. Setting default user access token lifetime : " + userAccessTokenExpiryTime + " sec.");
            }
        }
        if (log.isDebugEnabled()) {
            log.debug("JWT Self Signed Access Token Life time set to : " + userAccessTokenExpiryTime + " sec.");
        }
        return userAccessTokenExpiryTime;
    }

    static final boolean isUserAccessTokenType_aroundBody8(String str, JoinPoint joinPoint) {
        return ((AuthorizationGrantHandler) OAuthServerConfiguration.getInstance().getSupportedGrantTypes().get(str)).isOfTypeApplicationUser();
    }

    static final long getSecondsTillExpiry_aroundBody10(long j, JoinPoint joinPoint) {
        if (j < 0) {
            return 2147483647L;
        }
        return j;
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("APIMTokenIssuerUtil.java", APIMTokenIssuerUtil.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("9", "getJwtTokenInfoDTO", "org.wso2.carbon.apimgt.keymgt.util.APIMTokenIssuerUtil", "org.wso2.carbon.apimgt.api.model.Application:org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext", "application:tokReqMsgCtx", "org.wso2.carbon.apimgt.api.APIManagementException", "org.wso2.carbon.apimgt.impl.dto.JwtTokenInfoDTO"), 62);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("9", "getAccessTokenLifeTimeInSeconds", "org.wso2.carbon.apimgt.keymgt.util.APIMTokenIssuerUtil", "org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext:org.wso2.carbon.identity.oauth.dao.OAuthAppDO", "tokenReqMessageContext:oAuthAppDO", "org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception", "long"), 119);
        ajc$tjp_2 = factory.makeSJP("method-execution", factory.makeMethodSig("9", "generateToken", "org.wso2.carbon.apimgt.keymgt.util.APIMTokenIssuerUtil", "org.wso2.carbon.apimgt.keymgt.JWTAccessTokenIssuerDTO:org.wso2.carbon.apimgt.api.model.Application", "jwtAccessTokenIssuerDTO:application", "org.apache.oltu.oauth2.common.exception.OAuthSystemException", "java.lang.String"), 173);
        ajc$tjp_3 = factory.makeSJP("method-execution", factory.makeMethodSig("9", "getAccessTokenLifeTimeInSeconds", "org.wso2.carbon.apimgt.keymgt.util.APIMTokenIssuerUtil", "org.wso2.carbon.identity.oauth.dao.OAuthAppDO", "oAuthAppDO", "", "long"), 226);
        ajc$tjp_4 = factory.makeSJP("method-execution", factory.makeMethodSig("a", "isUserAccessTokenType", "org.wso2.carbon.apimgt.keymgt.util.APIMTokenIssuerUtil", "java.lang.String", "grantType", "org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception", "boolean"), 244);
        ajc$tjp_5 = factory.makeSJP("method-execution", factory.makeMethodSig("a", "getSecondsTillExpiry", "org.wso2.carbon.apimgt.keymgt.util.APIMTokenIssuerUtil", "long", "validityPeriod", "", "long"), 251);
    }
}
