package org.wso2.carbon.identity.jwt.client.extension;

import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.NameValuePair;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.message.BasicNameValuePair;
import org.json.simple.JSONObject;
import org.json.simple.parser.JSONParser;
import org.json.simple.parser.ParseException;
import org.wso2.carbon.identity.jwt.client.extension.constant.JWTConstants;
import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo;
import org.wso2.carbon.identity.jwt.client.extension.dto.JWTConfig;
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
import org.wso2.carbon.identity.jwt.client.extension.util.JWTClientUtil;

/* loaded from: input_file:org/wso2/carbon/identity/jwt/client/extension/JWTClient.class */
public class JWTClient {
    private static Log log = LogFactory.getLog(JWTClient.class);
    private JWTConfig jwtConfig;
    private boolean isDefaultJWTClient;

    public JWTClient(JWTConfig jWTConfig) {
        this.jwtConfig = jWTConfig;
    }

    public JWTClient(JWTConfig jWTConfig, boolean z) {
        this.jwtConfig = jWTConfig;
        this.isDefaultJWTClient = z;
    }

    public AccessTokenInfo getAccessToken(String str, String str2, String str3, String str4) throws JWTClientException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair(JWTConstants.GRANT_TYPE_PARAM_NAME, this.jwtConfig.getJwtGrantType()));
        String generateSignedJWTAssertion = JWTClientUtil.generateSignedJWTAssertion(str3, this.jwtConfig, this.isDefaultJWTClient);
        if (generateSignedJWTAssertion == null) {
            throw new JWTClientException("JWT is not configured properly for user : " + str3);
        }
        arrayList.add(new BasicNameValuePair(JWTConstants.JWT_PARAM_NAME, generateSignedJWTAssertion));
        if (str4 != null && !str4.isEmpty()) {
            arrayList.add(new BasicNameValuePair("scope", str4));
        }
        return getTokenInfo(arrayList, str, str2);
    }

    public AccessTokenInfo getAccessToken(String str, String str2, String str3) throws JWTClientException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair(JWTConstants.GRANT_TYPE_PARAM_NAME, this.jwtConfig.getJwtGrantType()));
        String generateSignedJWTAssertion = JWTClientUtil.generateSignedJWTAssertion(str2, this.jwtConfig, this.isDefaultJWTClient);
        if (generateSignedJWTAssertion == null) {
            throw new JWTClientException("JWT is not configured properly for user : " + str2);
        }
        arrayList.add(new BasicNameValuePair(JWTConstants.JWT_PARAM_NAME, generateSignedJWTAssertion));
        if (str3 != null && !str3.isEmpty()) {
            arrayList.add(new BasicNameValuePair("scope", str3));
        }
        String[] decodedKey = getDecodedKey(str);
        if (decodedKey.length != 2) {
            throw new JWTClientException("Invalid app credential");
        }
        return getTokenInfo(arrayList, decodedKey[0], decodedKey[1]);
    }

    public AccessTokenInfo getAccessToken(String str, String str2, String str3, String str4, Map<String, String> map) throws JWTClientException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair(JWTConstants.GRANT_TYPE_PARAM_NAME, this.jwtConfig.getJwtGrantType()));
        String generateSignedJWTAssertion = JWTClientUtil.generateSignedJWTAssertion(str3, this.jwtConfig, this.isDefaultJWTClient);
        if (generateSignedJWTAssertion == null) {
            throw new JWTClientException("JWT is not configured properly for user : " + str3);
        }
        arrayList.add(new BasicNameValuePair(JWTConstants.JWT_PARAM_NAME, generateSignedJWTAssertion));
        if (str4 != null && !str4.isEmpty()) {
            arrayList.add(new BasicNameValuePair("scope", str4));
        }
        if (map != null) {
            for (String str5 : map.keySet()) {
                arrayList.add(new BasicNameValuePair(str5, map.get(str5)));
            }
        }
        return getTokenInfo(arrayList, str, str2);
    }

    public AccessTokenInfo getAccessTokenFromRefreshToken(String str, String str2, String str3, String str4, String str5) throws JWTClientException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair(JWTConstants.GRANT_TYPE_PARAM_NAME, "refresh_token"));
        arrayList.add(new BasicNameValuePair("refresh_token", str));
        arrayList.add(new BasicNameValuePair("scope", str3));
        return getTokenInfo(arrayList, str4, str5);
    }

    private AccessTokenInfo getTokenInfo(List<NameValuePair> list, String str, String str2) throws JWTClientException {
        String str3 = null;
        try {
            if (this.jwtConfig == null) {
                return null;
            }
            URL url = new URL(this.jwtConfig.getTokenEndpoint());
            HttpClient httpClient = JWTClientUtil.getHttpClient(url.getProtocol());
            HttpPost httpPost = new HttpPost(url.toString());
            httpPost.setEntity(new UrlEncodedFormEntity(list));
            httpPost.addHeader("Authorization", "Basic " + getBase64Encode(str, str2));
            httpPost.addHeader("Content-Type", "application/x-www-form-urlencoded");
            str3 = JWTClientUtil.getResponseString(httpClient.execute(httpPost));
            if (log.isDebugEnabled()) {
                log.debug(str3);
            }
            JSONObject jSONObject = (JSONObject) new JSONParser().parse(str3);
            AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
            String str4 = (String) jSONObject.get(JWTConstants.ACCESS_TOKEN_GRANT_TYPE_PARAM_NAME);
            if (str4 != null && !str4.isEmpty()) {
                accessTokenInfo.setAccessToken(str4);
                accessTokenInfo.setRefreshToken((String) jSONObject.get("refresh_token"));
                accessTokenInfo.setExpiresIn(((Long) jSONObject.get(JWTConstants.OAUTH_EXPIRES_IN)).longValue());
                accessTokenInfo.setTokenType((String) jSONObject.get(JWTConstants.OAUTH_TOKEN_TYPE));
                accessTokenInfo.setScopes((String) jSONObject.get("scope"));
            }
            return accessTokenInfo;
        } catch (ParseException e) {
            throw new JWTClientException("Error when parsing the response " + str3, e);
        } catch (MalformedURLException e2) {
            throw new JWTClientException("Invalid URL for token endpoint " + this.jwtConfig.getTokenEndpoint(), e2);
        } catch (IOException e3) {
            throw new JWTClientException("Error when reading the response from buffer.", e3);
        } catch (KeyManagementException e4) {
            throw new JWTClientException("Failed setting up the ssl http client.", e4);
        } catch (KeyStoreException e5) {
            throw new JWTClientException("Failed loading the keystore.", e5);
        } catch (NoSuchAlgorithmException e6) {
            throw new JWTClientException("No such algorithm found when loading the ssl socket", e6);
        }
    }

    private String getBase64Encode(String str, String str2) {
        return new String(Base64.encodeBase64((str + ":" + str2).getBytes()));
    }

    private String[] getDecodedKey(String str) {
        return new String(Base64.decodeBase64(str.getBytes())).split(":");
    }

    public String getJwtToken(String str) throws JWTClientException {
        return JWTClientUtil.generateSignedJWTAssertion(str, this.jwtConfig, this.isDefaultJWTClient);
    }

    public String getJwtToken(String str, Map<String, String> map) throws JWTClientException {
        return JWTClientUtil.generateSignedJWTAssertion(str, this.jwtConfig, this.isDefaultJWTClient, map);
    }

    public String getJwtToken(String str, Map<String, String> map, boolean z) throws JWTClientException {
        return z ? JWTClientUtil.generateSignedJWTAssertion(str, this.jwtConfig, false, map) : getJwtToken(str, map);
    }
}
