package org.wso2.carbon.apimgt.tokenmgt.issuers;

import com.nimbusds.jwt.JWTParser;
import java.text.ParseException;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.Conversions;
import org.aspectj.runtime.reflect.Factory;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.model.Application;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;
import org.wso2.carbon.apimgt.tokenmgt.JWTAccessTokenIssuerDTO;
import org.wso2.carbon.apimgt.tokenmgt.MethodStats;
import org.wso2.carbon.apimgt.tokenmgt.MethodTimeLogger;
import org.wso2.carbon.apimgt.tokenmgt.util.APIMTokenIssuerUtil;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext;
import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext;
import org.wso2.carbon.identity.oauth2.token.OauthTokenIssuerImpl;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;

/* loaded from: input_file:org/wso2/carbon/apimgt/tokenmgt/issuers/APIMTokenIssuer.class */
public class APIMTokenIssuer extends OauthTokenIssuerImpl {
    private static final Log log;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;
    private static final JoinPoint.StaticPart ajc$tjp_2 = null;
    private static final JoinPoint.StaticPart ajc$tjp_3 = null;

    /* loaded from: input_file:org/wso2/carbon/apimgt/tokenmgt/issuers/APIMTokenIssuer$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return APIMTokenIssuer.accessToken_aroundBody0((APIMTokenIssuer) objArr2[0], (OAuthTokenReqMessageContext) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/tokenmgt/issuers/APIMTokenIssuer$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return APIMTokenIssuer.getAccessTokenHash_aroundBody2((APIMTokenIssuer) objArr2[0], (String) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/tokenmgt/issuers/APIMTokenIssuer$AjcClosure5.class */
    public class AjcClosure5 extends AroundClosure {
        public AjcClosure5(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.booleanObject(APIMTokenIssuer.renewAccessTokenPerRequest_aroundBody4((APIMTokenIssuer) objArr2[0], (OAuthTokenReqMessageContext) objArr2[1], (JoinPoint) objArr2[2]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/tokenmgt/issuers/APIMTokenIssuer$AjcClosure7.class */
    public class AjcClosure7 extends AroundClosure {
        public AjcClosure7(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return APIMTokenIssuer.accessToken_aroundBody6((APIMTokenIssuer) objArr2[0], (OAuthAuthzReqMessageContext) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    static {
        ajc$preClinit();
        log = LogFactory.getLog(APIMTokenIssuer.class);
    }

    public String accessToken(OAuthTokenReqMessageContext oAuthTokenReqMessageContext) throws OAuthSystemException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_0, this, this, oAuthTokenReqMessageContext);
        return ((MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) || (this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled())) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure1(new Object[]{this, oAuthTokenReqMessageContext, makeJP}).linkClosureAndJoinPoint(69648)) : accessToken_aroundBody0(this, oAuthTokenReqMessageContext, makeJP);
    }

    public String getAccessTokenHash(String str) throws OAuthSystemException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_1, this, this, str);
        return ((MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) || (this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled())) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure3(new Object[]{this, str, makeJP}).linkClosureAndJoinPoint(69648)) : getAccessTokenHash_aroundBody2(this, str, makeJP);
    }

    public boolean renewAccessTokenPerRequest(OAuthTokenReqMessageContext oAuthTokenReqMessageContext) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_2, this, this, oAuthTokenReqMessageContext);
        return ((MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) || (this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled())) ? Conversions.booleanValue(MethodTimeLogger.aspectOf().log(new AjcClosure5(new Object[]{this, oAuthTokenReqMessageContext, makeJP}).linkClosureAndJoinPoint(69648))) : renewAccessTokenPerRequest_aroundBody4(this, oAuthTokenReqMessageContext, makeJP);
    }

    public String accessToken(OAuthAuthzReqMessageContext oAuthAuthzReqMessageContext) throws OAuthSystemException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_3, this, this, oAuthAuthzReqMessageContext);
        return ((MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll()) || (this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled())) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure7(new Object[]{this, oAuthAuthzReqMessageContext, makeJP}).linkClosureAndJoinPoint(69648)) : accessToken_aroundBody6(this, oAuthAuthzReqMessageContext, makeJP);
    }

    static final String accessToken_aroundBody0(APIMTokenIssuer aPIMTokenIssuer, OAuthTokenReqMessageContext oAuthTokenReqMessageContext, JoinPoint joinPoint) {
        String clientId = oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getClientId();
        long j = 0;
        if (log.isDebugEnabled()) {
            j = System.nanoTime();
        }
        try {
            Application applicationByClientId = APIUtil.getApplicationByClientId(clientId);
            if (log.isDebugEnabled()) {
                log.debug("Time taken to load the Application from database in milliseconds : " + ((System.nanoTime() - j) / 1000000));
            }
            if (applicationByClientId == null || !"JWT".equals(applicationByClientId.getTokenType())) {
                log.debug("Token type of the application is NOT JWT.");
                return super.accessToken(oAuthTokenReqMessageContext);
            }
            log.debug("Token type of the application is JWT.");
            try {
                try {
                    long accessTokenLifeTimeInSeconds = APIMTokenIssuerUtil.getAccessTokenLifeTimeInSeconds(oAuthTokenReqMessageContext, OAuth2Util.getAppInformationByClientId(clientId));
                    AuthenticatedUser authorizedUser = oAuthTokenReqMessageContext.getAuthorizedUser();
                    oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getAuthorizationCode();
                    String[] scope = oAuthTokenReqMessageContext.getScope();
                    JWTAccessTokenIssuerDTO jWTAccessTokenIssuerDTO = new JWTAccessTokenIssuerDTO();
                    jWTAccessTokenIssuerDTO.setUser(authorizedUser);
                    jWTAccessTokenIssuerDTO.setClientId(clientId);
                    jWTAccessTokenIssuerDTO.setScopeList(scope);
                    jWTAccessTokenIssuerDTO.setValidityPeriod(accessTokenLifeTimeInSeconds);
                    jWTAccessTokenIssuerDTO.setTokenReqMessageContext(oAuthTokenReqMessageContext);
                    String generateToken = APIMTokenIssuerUtil.generateToken(jWTAccessTokenIssuerDTO, applicationByClientId);
                    if (log.isDebugEnabled()) {
                        log.debug("Time taken to generate the JWT in milliseconds : " + ((System.nanoTime() - j) / 1000000));
                    }
                    return generateToken;
                } catch (IdentityOAuth2Exception e) {
                    throw new OAuthSystemException("Error while retrieving token validity period for clientId: " + clientId, e);
                }
            } catch (InvalidOAuthClientException | IdentityOAuth2Exception e2) {
                log.error(String.valueOf("Error while retrieving oauth app information for clientId: ") + clientId, e2);
                throw new OAuthSystemException(String.valueOf("Error while retrieving oauth app information for clientId: ") + clientId, e2);
            }
        } catch (APIManagementException e3) {
            log.error(String.valueOf("Error occurred while retrieving application from Token client ID ") + clientId, e3);
            throw new OAuthSystemException(String.valueOf("Error occurred while retrieving application from Token client ID ") + clientId, e3);
        }
    }

    static final String getAccessTokenHash_aroundBody2(APIMTokenIssuer aPIMTokenIssuer, String str, JoinPoint joinPoint) {
        if (!StringUtils.isNotEmpty(str) || !str.contains(".")) {
            return str;
        }
        try {
            return JWTParser.parse(str).getJWTClaimsSet().getJWTID();
        } catch (ParseException e) {
            if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable("AccessToken")) {
                log.debug("Error while getting JWTID from token: " + str);
            }
            throw new OAuthSystemException("Error while getting access token hash", e);
        }
    }

    static final boolean renewAccessTokenPerRequest_aroundBody4(APIMTokenIssuer aPIMTokenIssuer, OAuthTokenReqMessageContext oAuthTokenReqMessageContext, JoinPoint joinPoint) {
        try {
            Application applicationByClientId = APIUtil.getApplicationByClientId(oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getClientId());
            if (applicationByClientId != null) {
                return "JWT".equals(applicationByClientId.getTokenType());
            }
            return false;
        } catch (APIManagementException e) {
            log.error("Error occurred while getting Token type.", e);
            return false;
        }
    }

    static final String accessToken_aroundBody6(APIMTokenIssuer aPIMTokenIssuer, OAuthAuthzReqMessageContext oAuthAuthzReqMessageContext, JoinPoint joinPoint) {
        String consumerKey = oAuthAuthzReqMessageContext.getAuthorizationReqDTO().getConsumerKey();
        long j = 0;
        if (log.isDebugEnabled()) {
            j = System.nanoTime();
        }
        try {
            Application applicationByClientId = APIUtil.getApplicationByClientId(consumerKey);
            if (log.isDebugEnabled()) {
                log.debug("Time taken to load the Application from database in milliseconds : " + ((System.nanoTime() - j) / 1000000));
            }
            if (applicationByClientId == null || !"JWT".equals(applicationByClientId.getTokenType())) {
                log.debug("Token type of the application is NOT JWT.");
                return super.accessToken(oAuthAuthzReqMessageContext);
            }
            try {
                long accessTokenLifeTimeInSeconds = APIMTokenIssuerUtil.getAccessTokenLifeTimeInSeconds(OAuth2Util.getAppInformationByClientId(consumerKey));
                String[] scopes = oAuthAuthzReqMessageContext.getAuthorizationReqDTO().getScopes();
                AuthenticatedUser user = oAuthAuthzReqMessageContext.getAuthorizationReqDTO().getUser();
                JWTAccessTokenIssuerDTO jWTAccessTokenIssuerDTO = new JWTAccessTokenIssuerDTO();
                jWTAccessTokenIssuerDTO.setUser(user);
                jWTAccessTokenIssuerDTO.setClientId(consumerKey);
                jWTAccessTokenIssuerDTO.setScopeList(scopes);
                jWTAccessTokenIssuerDTO.setValidityPeriod(accessTokenLifeTimeInSeconds);
                jWTAccessTokenIssuerDTO.setAuthzMessageContext(oAuthAuthzReqMessageContext);
                String generateToken = APIMTokenIssuerUtil.generateToken(jWTAccessTokenIssuerDTO, applicationByClientId);
                if (log.isDebugEnabled()) {
                    log.debug("Time taken to generate the JWT in milliseconds : " + ((System.nanoTime() - j) / 1000000));
                }
                return generateToken;
            } catch (InvalidOAuthClientException | IdentityOAuth2Exception e) {
                log.error(String.valueOf("Error while retrieving oauth app information for clientId: ") + consumerKey, e);
                throw new OAuthSystemException(String.valueOf("Error while retrieving oauth app information for clientId: ") + consumerKey, e);
            }
        } catch (APIManagementException e2) {
            log.error(String.valueOf("Error occurred while retrieving application from Token client ID ") + consumerKey, e2);
            throw new OAuthSystemException(String.valueOf("Error occurred while retrieving application from Token client ID ") + consumerKey, e2);
        }
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("APIMTokenIssuer.java", APIMTokenIssuer.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "accessToken", "org.wso2.carbon.apimgt.tokenmgt.issuers.APIMTokenIssuer", "org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext", "tokReqMsgCtx", "org.apache.oltu.oauth2.common.exception.OAuthSystemException", "java.lang.String"), 50);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "getAccessTokenHash", "org.wso2.carbon.apimgt.tokenmgt.issuers.APIMTokenIssuer", "java.lang.String", "accessToken", "org.apache.oltu.oauth2.common.exception.OAuthSystemException", "java.lang.String"), 116);
        ajc$tjp_2 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "renewAccessTokenPerRequest", "org.wso2.carbon.apimgt.tokenmgt.issuers.APIMTokenIssuer", "org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext", "tokReqMsgCtx", "", "boolean"), 134);
        ajc$tjp_3 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "accessToken", "org.wso2.carbon.apimgt.tokenmgt.issuers.APIMTokenIssuer", "org.wso2.carbon.identity.oauth2.authz.OAuthAuthzReqMessageContext", "oauthAuthzMsgCtx", "org.apache.oltu.oauth2.common.exception.OAuthSystemException", "java.lang.String"), 155);
    }
}
