package com.wso2.openbanking.scp.webapp.servlet;

import com.wso2.openbanking.accelerator.common.util.Generated;
import com.wso2.openbanking.accelerator.common.util.JWTUtils;
import com.wso2.openbanking.scp.webapp.exception.TokenGenerationException;
import com.wso2.openbanking.scp.webapp.model.SCPError;
import com.wso2.openbanking.scp.webapp.service.APIMService;
import com.wso2.openbanking.scp.webapp.service.OAuthService;
import com.wso2.openbanking.scp.webapp.util.Constants;
import com.wso2.openbanking.scp.webapp.util.Utils;
import java.io.IOException;
import java.text.ParseException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import java.util.function.Function;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.entity.ContentType;
import org.json.JSONObject;
import org.wso2.carbon.databridge.commons.exception.SessionTimeoutException;

@WebServlet(name = "ApimReqHandlerServlet", urlPatterns = {"/scp/admin/search", "/scp/admin/revoke"})
/* loaded from: input_file:WEB-INF/classes/com/wso2/openbanking/scp/webapp/servlet/ApimReqHandlerServlet.class */
public class ApimReqHandlerServlet extends HttpServlet {
    private static final long serialVersionUID = 7385252581004845440L;
    private static final Log LOG = LogFactory.getLog(ApimReqHandlerServlet.class);
    private final APIMService apimService = new APIMService();

    @Generated(message = "Ignoring since all cases are covered from other unit tests")
    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            LOG.debug("New request received: " + httpServletRequest.getRequestURI() + "?" + httpServletRequest.getQueryString());
            if (this.apimService.isAccessTokenExpired(httpServletRequest)) {
                Optional<String> constructRefreshTokenFromCookies = this.apimService.constructRefreshTokenFromCookies(httpServletRequest);
                Optional<String> constructAccessTokenFromCookies = this.apimService.constructAccessTokenFromCookies(httpServletRequest);
                if (constructRefreshTokenFromCookies.isPresent() && constructAccessTokenFromCookies.isPresent()) {
                    OAuthService oAuthService = OAuthService.getInstance();
                    JSONObject sendRefreshTokenRequest = oAuthService.sendRefreshTokenRequest(Utils.getParameter(Constants.IS_BASE_URL), Utils.getParameter(Constants.CONFIGURED_CLIENT_ID), Utils.getParameter(Constants.CONFIGURED_CLIENT_SECRET), constructRefreshTokenFromCookies.get(), JWTUtils.decodeRequestJWT(constructAccessTokenFromCookies.get(), "body").getAsString(Constants.OAUTH_SCOPE));
                    oAuthService.generateCookiesFromTokens(sendRefreshTokenRequest, httpServletRequest, httpServletResponse);
                    HttpUriRequest httpUriRequest = Utils.getHttpUriRequest(Utils.getParameter(Constants.APIM_BASE_URL), httpServletRequest.getMethod(), httpServletRequest.getQueryString());
                    HashMap hashMap = new HashMap();
                    hashMap.put("Authorization", "Bearer " + sendRefreshTokenRequest.getString(Constants.ACCESS_TOKEN));
                    hashMap.put("Accept", ContentType.APPLICATION_JSON.getMimeType());
                    this.apimService.forwardRequest(httpServletResponse, httpUriRequest, hashMap);
                } else {
                    SCPError sCPError = new SCPError("Authentication Error!", "Some values are missing from the request. Please try signing in again.");
                    LOG.error("Refresh token is missing from the request. Returning error to frontend, " + sCPError);
                    OAuthService.getInstance().removeAllCookiesFromRequest(httpServletRequest, httpServletResponse);
                    Utils.returnResponse(httpServletResponse, 400, new JSONObject(sCPError));
                }
            } else {
                Optional<String> constructAccessTokenFromCookies2 = this.apimService.constructAccessTokenFromCookies(httpServletRequest);
                if (constructAccessTokenFromCookies2.isPresent()) {
                    HttpUriRequest httpUriRequest2 = Utils.getHttpUriRequest(Utils.getParameter(Constants.APIM_BASE_URL), httpServletRequest.getMethod(), httpServletRequest.getQueryString());
                    Stream filter = Collections.list(httpServletRequest.getHeaderNames()).stream().filter(str -> {
                        return !"Authorization".equalsIgnoreCase(str);
                    });
                    Function function = str2 -> {
                        return str2;
                    };
                    httpServletRequest.getClass();
                    Map<String, String> map = (Map) filter.collect(Collectors.toMap(function, httpServletRequest::getHeader));
                    map.put("Authorization", "Bearer " + constructAccessTokenFromCookies2.get());
                    map.put("Accept", ContentType.APPLICATION_JSON.getMimeType());
                    this.apimService.forwardRequest(httpServletResponse, httpUriRequest2, map);
                } else {
                    SCPError sCPError2 = new SCPError("Authentication Error!", "Some values are invalid of the request. Please try signing in again.");
                    LOG.error("Requested access token is invalid. Returning error to frontend, " + sCPError2);
                    OAuthService.getInstance().removeAllCookiesFromRequest(httpServletRequest, httpServletResponse);
                    Utils.returnResponse(httpServletResponse, 400, new JSONObject(sCPError2));
                }
            }
        } catch (TokenGenerationException | IOException | ParseException e) {
            LOG.error("Exception occurred while processing frontend request. Caused by, ", e);
            SCPError sCPError3 = new SCPError("Request Forwarding Error!", "Something went wrong during the authentication process. Please try signing in again.");
            OAuthService.getInstance().removeAllCookiesFromRequest(httpServletRequest, httpServletResponse);
            Utils.returnResponse(httpServletResponse, 401, new JSONObject(sCPError3));
        } catch (SessionTimeoutException e2) {
            LOG.debug("Session timeout exception occurred while processing request. Caused by, ", e2);
            OAuthService.getInstance().removeAllCookiesFromRequest(httpServletRequest, httpServletResponse);
            Utils.returnResponse(httpServletResponse, 401, new JSONObject(new SCPError("Session Has Expired!", "Please try signing in again.")));
        }
    }

    @Generated(message = "Ignoring since method contains no logics")
    protected void doDelete(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        doGet(httpServletRequest, httpServletResponse);
    }
}
