package com.wso2.openbanking.accelerator.gateway.executor.jws;

import com.nimbusds.jose.JOSEException;
import com.wso2.openbanking.accelerator.common.config.OpenBankingConfigParser;
import com.wso2.openbanking.accelerator.common.exception.OpenBankingException;
import com.wso2.openbanking.accelerator.common.util.Generated;
import com.wso2.openbanking.accelerator.gateway.executor.core.OpenBankingGatewayExecutor;
import com.wso2.openbanking.accelerator.gateway.executor.exception.OpenBankingExecutorException;
import com.wso2.openbanking.accelerator.gateway.executor.model.OBAPIRequestContext;
import com.wso2.openbanking.accelerator.gateway.executor.model.OBAPIResponseContext;
import com.wso2.openbanking.accelerator.gateway.util.GatewayUtils;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

@Deprecated
/* loaded from: input_file:com/wso2/openbanking/accelerator/gateway/executor/jws/JwsResponseSignatureHandlingExecutor.class */
public class JwsResponseSignatureHandlingExecutor implements OpenBankingGatewayExecutor {
    private static final Log log = LogFactory.getLog(JwsResponseSignatureHandlingExecutor.class);
    private String xWso2ApiVersion = null;
    private String xWso2ApiType = null;
    private String signatureHeaderName = getSignatureHeaderName();

    @Override // com.wso2.openbanking.accelerator.gateway.executor.core.OpenBankingGatewayExecutor
    @Generated(message = "Excluding from unit tests since it is covered by other methods")
    public void preProcessRequest(OBAPIRequestContext oBAPIRequestContext) {
        if (oBAPIRequestContext.isError()) {
            appendJwsSignatureToRequestContext(oBAPIRequestContext);
        }
    }

    @Override // com.wso2.openbanking.accelerator.gateway.executor.core.OpenBankingGatewayExecutor
    @Generated(message = "Excluding from unit tests since it is covered by other methods")
    public void postProcessRequest(OBAPIRequestContext oBAPIRequestContext) {
        if (oBAPIRequestContext.isError()) {
            appendJwsSignatureToRequestContext(oBAPIRequestContext);
        }
    }

    @Override // com.wso2.openbanking.accelerator.gateway.executor.core.OpenBankingGatewayExecutor
    @Generated(message = "Excluding from unit tests since it is covered by other methods")
    public void preProcessResponse(OBAPIResponseContext oBAPIResponseContext) {
        appendJwsSignatureToResponseContext(oBAPIResponseContext);
    }

    @Override // com.wso2.openbanking.accelerator.gateway.executor.core.OpenBankingGatewayExecutor
    @Generated(message = "Excluding from unit tests since it is covered by other methods")
    public void postProcessResponse(OBAPIResponseContext oBAPIResponseContext) {
        appendJwsSignatureToResponseContext(oBAPIResponseContext);
    }

    @Generated(message = "Excluding from unit tests since there is a call to a method in Common Module")
    public boolean isApplicableForRequestPath(OBAPIRequestContext oBAPIRequestContext) {
        return OpenBankingConfigParser.getInstance().isJwsResponseSigningEnabled();
    }

    @Generated(message = "Excluding from unit tests since there is a call to a method in Common Module")
    public boolean isApplicableForResponsePath(OBAPIResponseContext oBAPIResponseContext) {
        return OpenBankingConfigParser.getInstance().isJwsResponseSigningEnabled();
    }

    public String generateJWSSignature(Optional<String> optional) throws OpenBankingExecutorException, JOSEException {
        String str = null;
        if (optional.isPresent() && StringUtils.isNotBlank(optional.get())) {
            str = GatewayUtils.constructJWSSignature(optional.get(), getCriticalHeaderParameters());
        } else {
            log.debug("Signature cannot be generated as the payload is invalid or authentication context is not available");
        }
        return str;
    }

    public HashMap<String, Object> getCriticalHeaderParameters() {
        return new HashMap<>();
    }

    @Generated(message = "Excluding from unit test coverage")
    public void setXWso2ApiVersion(String str) {
        this.xWso2ApiVersion = str;
    }

    @Generated(message = "Excluding from unit test coverage")
    public String getXWso2ApiVersion() {
        return this.xWso2ApiVersion;
    }

    @Generated(message = "Excluding from unit test coverage")
    public String getXWso2ApiType() {
        return this.xWso2ApiType;
    }

    @Generated(message = "Excluding from unit test coverage")
    public void setXWso2ApiType(String str) {
        this.xWso2ApiType = str;
    }

    public String getSignatureHeaderName() {
        return "x-jws-signature";
    }

    @Generated(message = "Excluding from unit tests since it is covered by other methods")
    private void appendJwsSignatureToRequestContext(OBAPIRequestContext oBAPIRequestContext) {
        setXWso2ApiVersion(oBAPIRequestContext.getApiRequestInfo().getVersion());
        setXWso2ApiType(oBAPIRequestContext.getApiRequestInfo().getContext());
        String messageId = oBAPIRequestContext.getMsgInfo().getMessageId();
        if (!isApplicableForRequestPath(oBAPIRequestContext)) {
            if (log.isDebugEnabled()) {
                log.debug(String.format("Signature generation is not applicable for this response with message id : %s", messageId));
                return;
            }
            return;
        }
        if (log.isDebugEnabled()) {
            log.debug(String.format("Generating signature for the response with message id : %s", messageId));
        }
        try {
            Map<String, String> headers = oBAPIRequestContext.getMsgInfo().getHeaders();
            headers.put(this.signatureHeaderName, generateJWSSignature(GatewayUtils.extractRequestPayload(oBAPIRequestContext, oBAPIRequestContext.getMsgInfo().getHeaders())));
            oBAPIRequestContext.setAddedHeaders(headers);
        } catch (OpenBankingException | OpenBankingExecutorException | JOSEException e) {
            log.error("Unable to sign response", e);
            GatewayUtils.handleRequestInternalServerError(oBAPIRequestContext, "Internal Server Error, Unable to sign the response", "500");
        }
    }

    @Generated(message = "Excluding from unit tests since it is covered by other methods")
    private void appendJwsSignatureToResponseContext(OBAPIResponseContext oBAPIResponseContext) {
        setXWso2ApiVersion(oBAPIResponseContext.getApiRequestInfo().getVersion());
        setXWso2ApiType(oBAPIResponseContext.getApiRequestInfo().getContext());
        String messageId = oBAPIResponseContext.getMsgInfo().getMessageId();
        if (!isApplicableForResponsePath(oBAPIResponseContext)) {
            if (log.isDebugEnabled()) {
                log.debug(String.format("Signature generation is not applicable for this response with message id : %s", messageId));
                return;
            }
            return;
        }
        if (log.isDebugEnabled()) {
            log.debug(String.format("Generating signature for the response with message id : %s", messageId));
        }
        try {
            Map<String, String> headers = oBAPIResponseContext.getMsgInfo().getHeaders();
            headers.put(this.signatureHeaderName, generateJWSSignature(GatewayUtils.extractResponsePayload(oBAPIResponseContext, oBAPIResponseContext.getMsgInfo().getHeaders())));
            oBAPIResponseContext.setAddedHeaders(headers);
        } catch (OpenBankingException | OpenBankingExecutorException | JOSEException e) {
            log.error("Unable to sign response", e);
            GatewayUtils.handleResponseInternalServerError(oBAPIResponseContext, "Internal Server Error, Unable to sign the response", "500");
        }
    }
}
