package com.wso2.openbanking.accelerator.authentication.webapp;

import com.wso2.openbanking.accelerator.authentication.webapp.util.Constants;
import com.wso2.openbanking.accelerator.common.config.OpenBankingConfigParser;
import com.wso2.openbanking.accelerator.common.util.Generated;
import com.wso2.openbanking.accelerator.consent.extensions.authservlet.impl.ConsentMgrAuthServletImpl;
import com.wso2.openbanking.accelerator.consent.extensions.authservlet.impl.ISDefaultAuthServletImpl;
import com.wso2.openbanking.accelerator.consent.extensions.authservlet.impl.util.Utils;
import com.wso2.openbanking.accelerator.consent.extensions.authservlet.model.OBAuthServletInterface;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.InvocationTargetException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Locale;
import java.util.Map;
import java.util.Properties;
import java.util.ResourceBundle;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.json.JSONObject;
import org.owasp.encoder.Encode;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/classes/com/wso2/openbanking/accelerator/authentication/webapp/OBConsentServlet.class */
public class OBConsentServlet extends HttpServlet {
    static OBAuthServletInterface obAuthServletTK;
    private static final long serialVersionUID = 6106269076132678046L;
    private static Logger log = LoggerFactory.getLogger(OBConsentServlet.class);
    private static final String BUNDLE = "com.wso2.openbanking.authentication.webapp.i18n";

    @SuppressFBWarnings({"REQUESTDISPATCHER_FILE_DISCLOSURE", "TRUST_BOUNDARY_VIOLATION"})
    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        ISDefaultAuthServletImpl iSDefaultAuthServletImpl;
        setAuthExtension();
        String parameter = httpServletRequest.getParameter(Constants.SESSION_DATA_KEY_CONSENT);
        HttpResponse consentDataWithKey = getConsentDataWithKey(parameter, getServletContext());
        JSONObject jSONObject = new JSONObject();
        log.debug("HTTP response for consent retrieval" + consentDataWithKey.toString());
        try {
        } catch (IOException e) {
            jSONObject.put(Constants.IS_ERROR, "Exception occurred while retrieving consent data");
        } catch (URISyntaxException e2) {
            jSONObject.put(Constants.IS_ERROR, "Error while constructing URI for redirection");
        }
        if (consentDataWithKey.getStatusLine().getStatusCode() == 302 && consentDataWithKey.getLastHeader("Location") != null) {
            httpServletResponse.sendRedirect(consentDataWithKey.getLastHeader("Location").getValue());
            return;
        }
        JSONObject jSONObject2 = new JSONObject(IOUtils.toString(consentDataWithKey.getEntity().getContent(), String.valueOf(StandardCharsets.UTF_8)));
        String errorResponseForRedirectURL = getErrorResponseForRedirectURL(jSONObject2);
        if (jSONObject2.has(Constants.REDIRECT_URI) && StringUtils.isNotEmpty(errorResponseForRedirectURL)) {
            httpServletResponse.sendRedirect(new URI(jSONObject2.get(Constants.REDIRECT_URI).toString().concat(errorResponseForRedirectURL)).toString());
            return;
        }
        jSONObject = createConsentDataset(jSONObject2, consentDataWithKey.getStatusLine().getStatusCode());
        if (jSONObject.has(Constants.IS_ERROR)) {
            String str = (String) jSONObject.get(Constants.IS_ERROR);
            httpServletRequest.getSession().invalidate();
            httpServletResponse.sendRedirect("retry.do?status=Error&statusMsg=" + str);
            return;
        }
        HttpSession session = httpServletRequest.getSession();
        session.setAttribute(Constants.SESSION_DATA_KEY_CONSENT, Encode.forJava(parameter));
        session.setAttribute("displayScopes", Boolean.valueOf(Boolean.parseBoolean(getServletContext().getInitParameter("displayScopes"))));
        ResourceBundle resourceBundle = getResourceBundle(httpServletRequest.getLocale());
        httpServletRequest.setAttribute("privacyDescription", Utils.i18n(resourceBundle, "privacy.policy.privacy.short.description.approving"));
        httpServletRequest.setAttribute("privacyGeneral", Utils.i18n(resourceBundle, "privacy.policy.general"));
        httpServletRequest.setAttribute("ok", Utils.i18n(resourceBundle, "ok"));
        httpServletRequest.setAttribute("requestedScopes", Utils.i18n(resourceBundle, "requested.scopes"));
        httpServletRequest.setAttribute("app", jSONObject.getString("application"));
        if (Constants.DEFAULT.equals(jSONObject.getString("type"))) {
            iSDefaultAuthServletImpl = new ISDefaultAuthServletImpl();
        } else if (Constants.CONSENT_MGT.equals(jSONObject.getString("type"))) {
            iSDefaultAuthServletImpl = new ConsentMgrAuthServletImpl();
        } else {
            if (obAuthServletTK == null) {
                httpServletRequest.getSession().invalidate();
                httpServletResponse.sendRedirect("retry.do?status=Error&statusMsg=Error while processing request");
                log.error("Unable to find OB auth servlet extension implementation. Returning error.");
                return;
            }
            iSDefaultAuthServletImpl = obAuthServletTK;
        }
        Map updateRequestAttribute = iSDefaultAuthServletImpl.updateRequestAttribute(httpServletRequest, jSONObject, resourceBundle);
        httpServletRequest.getClass();
        updateRequestAttribute.forEach(httpServletRequest::setAttribute);
        Map updateSessionAttribute = iSDefaultAuthServletImpl.updateSessionAttribute(httpServletRequest, jSONObject, resourceBundle);
        HttpSession session2 = httpServletRequest.getSession();
        session2.getClass();
        updateSessionAttribute.forEach(session2::setAttribute);
        getServletContext().getRequestDispatcher(iSDefaultAuthServletImpl.getJSPPath()).forward(httpServletRequest, httpServletResponse);
    }

    HttpResponse getConsentDataWithKey(String str, ServletContext servletContext) throws IOException {
        String initParameter = servletContext.getInitParameter("retrievalBaseURL");
        String str2 = initParameter.endsWith("/") ? initParameter + str : initParameter + "/" + str;
        CloseableHttpClient build = HttpClientBuilder.create().build();
        HttpGet httpGet = new HttpGet(str2);
        httpGet.addHeader("Authorization", "Basic " + getConsentApiCredentials());
        return build.execute(httpGet);
    }

    JSONObject createConsentDataset(JSONObject jSONObject, int i) throws IOException {
        JSONObject jSONObject2 = new JSONObject();
        if (i == 200) {
            return jSONObject;
        }
        if (i != 401) {
            jSONObject2.put(Constants.IS_ERROR, "Retrieving consent data failed");
        } else if (jSONObject.has("description")) {
            jSONObject2.put(Constants.IS_ERROR, jSONObject.get("description"));
        }
        return jSONObject2;
    }

    void setAuthExtension() {
        try {
            obAuthServletTK = (OBAuthServletInterface) Class.forName(OpenBankingConfigParser.getInstance().getAuthServletExtension()).getDeclaredConstructor(new Class[0]).newInstance(new Object[0]);
        } catch (ClassNotFoundException | IllegalAccessException | InstantiationException | NoSuchMethodException | InvocationTargetException e) {
            log.error("Webapp extension not found", e);
        }
    }

    @Generated(message = "Encapsulated method for unit test")
    ResourceBundle getResourceBundle(Locale locale) {
        return ResourceBundle.getBundle(BUNDLE, locale);
    }

    String getErrorResponseForRedirectURL(JSONObject jSONObject) {
        String str;
        str = "";
        try {
            str = jSONObject.has(Constants.ERROR) ? str.concat(Constants.ERROR_URI_FRAGMENT).concat(URLEncoder.encode(jSONObject.get(Constants.ERROR).toString(), StandardCharsets.UTF_8.toString())) : "";
            if (jSONObject.has(Constants.ERROR_DESCRIPTION)) {
                str = str.concat(Constants.ERROR_DESCRIPTION_PARAMETER).concat(URLEncoder.encode(jSONObject.get(Constants.ERROR_DESCRIPTION).toString(), StandardCharsets.UTF_8.toString()));
            }
            if (jSONObject.has(Constants.STATE)) {
                str = str.concat(Constants.STATE_PARAMETER).concat(URLEncoder.encode(jSONObject.get(Constants.STATE).toString(), StandardCharsets.UTF_8.toString()));
            }
        } catch (UnsupportedEncodingException e) {
            log.error("Error while building error response", e);
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getConsentApiCredentials() {
        String str;
        String str2;
        try {
            InputStream resourceAsStream = OBConsentConfirmServlet.class.getClassLoader().getResourceAsStream(Constants.CONFIG_FILE_NAME);
            Properties properties = new Properties();
            properties.load(resourceAsStream);
            if (Boolean.valueOf(Boolean.parseBoolean(properties.getProperty(Constants.LOCATION_OF_CREDENTIALS))).booleanValue()) {
                str = properties.getProperty(Constants.USERNAME_IN_WEBAPP_CONFIGS);
                str2 = properties.getProperty(Constants.PASSWORD_IN_WEBAPP_CONFIGS);
            } else {
                str = (String) OpenBankingConfigParser.getInstance().getConfiguration().get(Constants.USERNAME_IN_OB_CONFIGS);
                str2 = (String) OpenBankingConfigParser.getInstance().getConfiguration().get(Constants.PASSWORD_IN_OB_CONFIGS);
            }
        } catch (IOException | NullPointerException e) {
            log.error("Error occurred while reading the webapp properties file. Therefore using OB configurations.");
            str = (String) OpenBankingConfigParser.getInstance().getConfiguration().get(Constants.USERNAME_IN_OB_CONFIGS);
            str2 = (String) OpenBankingConfigParser.getInstance().getConfiguration().get(Constants.PASSWORD_IN_OB_CONFIGS);
        }
        return Base64.getEncoder().encodeToString((str + ":" + str2).getBytes(StandardCharsets.UTF_8));
    }
}
