package com.sap.cloud.security.xsuaa.extractor;

import com.sap.cloud.security.xsuaa.token.TokenClaims;
import com.sap.xs2.security.container.UserInfo;
import java.util.Base64;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.cache.annotation.Cacheable;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.stereotype.Component;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.HttpServerErrorException;
import org.springframework.web.client.RestTemplate;

@Component
/* loaded from: input_file:com/sap/cloud/security/xsuaa/extractor/UaaTokenBroker.class */
public class UaaTokenBroker implements TokenBroker {
    private static final Log logger = LogFactory.getLog(UaaTokenBroker.class);
    private final RestTemplate restTemplate;

    public UaaTokenBroker(RestTemplate restTemplate) {
        this.restTemplate = restTemplate;
    }

    public UaaTokenBroker() {
        this(new RestTemplate());
    }

    @Override // com.sap.cloud.security.xsuaa.extractor.TokenBroker
    @Cacheable(cacheManager = "xsuaa.tokenbroker")
    public String getAccessTokenFromClientCredentials(String str, String str2, String str3) throws TokenBrokerException {
        try {
            HttpHeaders httpHeaders = new HttpHeaders();
            String encodeToString = Base64.getEncoder().encodeToString((str2 + ":" + str3).getBytes());
            httpHeaders.add("ACCEPT", "application/json");
            httpHeaders.add("AUTHORIZATION", "Basic " + encodeToString);
            LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
            linkedMultiValueMap.add(TokenClaims.CLAIM_GRANT_TYPE, "client_credentials");
            linkedMultiValueMap.add("response_type", "token");
            linkedMultiValueMap.add("client_id", str2);
            return (String) ((Map) this.restTemplate.exchange(str, HttpMethod.POST, new HttpEntity(linkedMultiValueMap, httpHeaders), Map.class, new Object[0]).getBody()).get("access_token");
        } catch (HttpServerErrorException e) {
            logger.warn("Cannot obtain Token from given client credentials");
            throw new TokenBrokerException("Error obtaining access token from server:" + e.getStatusText() + " " + e.getResponseBodyAsString());
        } catch (HttpClientErrorException e2) {
            logger.warn("Cannot obtain Token from given client credentials");
            throw new TokenBrokerException("Error obtaining access token:" + e2.getStatusText() + " " + e2.getResponseBodyAsString());
        }
    }

    @Override // com.sap.cloud.security.xsuaa.extractor.TokenBroker
    public String getAccessTokenFromPasswordCredentials(String str, String str2, String str3, String str4, String str5) throws TokenBrokerException {
        try {
            HttpHeaders httpHeaders = new HttpHeaders();
            String encodeToString = Base64.getEncoder().encodeToString((str2 + ":" + str3).getBytes());
            httpHeaders.add("ACCEPT", "application/json");
            httpHeaders.add("AUTHORIZATION", "Basic " + encodeToString);
            LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
            linkedMultiValueMap.add(TokenClaims.CLAIM_GRANT_TYPE, UserInfo.GRANTTYPE_PASSWORD);
            linkedMultiValueMap.add("response_type", "token");
            linkedMultiValueMap.add("client_id", str2);
            linkedMultiValueMap.add("username", str4);
            linkedMultiValueMap.add(UserInfo.GRANTTYPE_PASSWORD, str5);
            return (String) ((Map) this.restTemplate.exchange(str, HttpMethod.POST, new HttpEntity(linkedMultiValueMap, httpHeaders), Map.class, new Object[0]).getBody()).get("access_token");
        } catch (HttpClientErrorException e) {
            logger.warn("Cannot obtain Token from given password credentials");
            throw new TokenBrokerException("Error obtaining access token:" + e.getStatusText() + " " + e.getResponseBodyAsString());
        } catch (HttpServerErrorException e2) {
            logger.warn("Cannot obtain Token from given password credentials");
            throw new TokenBrokerException("Error obtaining access token from server:" + e2.getStatusText() + " " + e2.getResponseBodyAsString());
        }
    }
}
