package org.wso2.am.choreo.extensions.keymanager.asgardeo;

import feign.Feign;
import feign.Response;
import feign.gson.GsonDecoder;
import feign.gson.GsonEncoder;
import feign.okhttp.OkHttpClient;
import feign.slf4j.Slf4jLogger;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import java.util.regex.Matcher;
import org.apache.commons.lang3.StringUtils;
import org.wso2.am.choreo.extensions.keymanager.asgardeo.dto.AsgardeoApplication;
import org.wso2.am.choreo.extensions.keymanager.asgardeo.dto.AsgardeoApplicationCreationRequest;
import org.wso2.am.choreo.extensions.keymanager.asgardeo.dto.AsgardeoApplicationOIDC;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.model.API;
import org.wso2.carbon.apimgt.api.model.AccessTokenInfo;
import org.wso2.carbon.apimgt.api.model.AccessTokenRequest;
import org.wso2.carbon.apimgt.api.model.Application;
import org.wso2.carbon.apimgt.api.model.KeyManagerConfiguration;
import org.wso2.carbon.apimgt.api.model.OAuthAppRequest;
import org.wso2.carbon.apimgt.api.model.OAuthApplicationInfo;
import org.wso2.carbon.apimgt.impl.AMDefaultKeyManagerImpl;
import org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO;
import org.wso2.carbon.apimgt.impl.kmclient.KMClientErrorDecoder;
import org.wso2.carbon.apimgt.impl.kmclient.KeyManagerClientException;

/* loaded from: input_file:org/wso2/am/choreo/extensions/keymanager/asgardeo/AsgardeoKeyManager.class */
public class AsgardeoKeyManager extends AMDefaultKeyManagerImpl {
    private AsgardeoApplicationMgtClient appMgtClient;
    private KeyManagerConfiguration configuration;

    public void loadConfiguration(KeyManagerConfiguration keyManagerConfiguration) throws APIManagementException {
        this.configuration = keyManagerConfiguration;
        String str = (String) keyManagerConfiguration.getParameter(AsgardeoKeyManagerConstants.TOKEN_ATTRIBUTE);
        this.appMgtClient = (AsgardeoApplicationMgtClient) Feign.builder().client(new OkHttpClient()).encoder(new GsonEncoder()).decoder(new GsonDecoder()).errorDecoder(new KMClientErrorDecoder()).logger(new Slf4jLogger()).requestInterceptor(new AddHeader(str)).target(AsgardeoApplicationMgtClient.class, (String) keyManagerConfiguration.getParameter(AsgardeoKeyManagerConstants.APP_MGT_API_URL));
    }

    public KeyManagerConfiguration getKeyManagerConfiguration() {
        return this.configuration;
    }

    public OAuthApplicationInfo createApplication(OAuthAppRequest oAuthAppRequest) throws APIManagementException {
        try {
            AsgardeoApplication createAsgardeoApplication = createAsgardeoApplication(oAuthAppRequest);
            String id = createAsgardeoApplication.getId();
            AsgardeoApplicationOIDC applicationOIDC = this.appMgtClient.getApplicationOIDC(id);
            Application applicationByUUID = ApiMgtDAO.getInstance().getApplicationByUUID(oAuthAppRequest.getOAuthApplicationInfo().getApplicationUUID());
            applicationByUUID.getApplicationAttributes().put(AsgardeoKeyManagerConstants.ASGARDEO_APP_ID_PROD, id);
            ApiMgtDAO.getInstance().updateApplication(applicationByUUID);
            return buildDTOFromAsgardeoApp(createAsgardeoApplication, applicationOIDC);
        } catch (KeyManagerClientException e) {
            throw new APIManagementException("error while creating asgardeo app", e);
        }
    }

    private AsgardeoApplication createAsgardeoApplication(OAuthAppRequest oAuthAppRequest) throws KeyManagerClientException {
        AsgardeoApplicationCreationRequest asgardeoApplicationCreationRequest = new AsgardeoApplicationCreationRequest();
        asgardeoApplicationCreationRequest.setName(oAuthAppRequest.getOAuthApplicationInfo().getClientName() + "_" + oAuthAppRequest.getOAuthApplicationInfo().getApplicationUUID());
        asgardeoApplicationCreationRequest.setIsManagementApp(false);
        asgardeoApplicationCreationRequest.setTemplateId(AsgardeoKeyManagerConstants.CUSTOM_APPLICATION_OIDC);
        asgardeoApplicationCreationRequest.setGrantTypes(new String[]{"client_credentials"});
        Response createApplication = this.appMgtClient.createApplication(asgardeoApplicationCreationRequest);
        if (createApplication.status() != 201) {
            throw new KeyManagerClientException("Application creation failed. " + createApplication.toString());
        }
        Collection collection = (Collection) createApplication.headers().get(AsgardeoKeyManagerConstants.HEADER_LOCATION);
        String str = collection != null ? (String) collection.iterator().next() : null;
        if (str == null) {
            throw new KeyManagerClientException("Location header is missing in the Asgardeo application creation response");
        }
        Matcher matcher = AsgardeoKeyManagerConstants.ID_EXTRACT_PATTERN.matcher(str);
        if (!matcher.find()) {
            throw new KeyManagerClientException("Application id is not found in the location header");
        }
        String group = matcher.group(0);
        if (group != null) {
            return this.appMgtClient.getApplication(group);
        }
        throw new KeyManagerClientException("Cannot extract application id from location header: " + str);
    }

    private OAuthApplicationInfo buildDTOFromAsgardeoApp(AsgardeoApplication asgardeoApplication, AsgardeoApplicationOIDC asgardeoApplicationOIDC) {
        OAuthApplicationInfo oAuthApplicationInfo = new OAuthApplicationInfo();
        oAuthApplicationInfo.setClientName(asgardeoApplication.getName());
        oAuthApplicationInfo.setClientId(asgardeoApplicationOIDC.getClientId());
        if (asgardeoApplicationOIDC.getCallbackURLs() != null) {
            oAuthApplicationInfo.setCallBackURL(String.join(",", asgardeoApplicationOIDC.getCallbackURLs()));
            oAuthApplicationInfo.addParameter("redirect_uris", String.join(",", asgardeoApplicationOIDC.getCallbackURLs()));
        }
        oAuthApplicationInfo.setClientSecret(asgardeoApplicationOIDC.getClientSecret());
        if (asgardeoApplicationOIDC.getGrantTypes() != null) {
            oAuthApplicationInfo.addParameter("grant_types", String.join(" ", asgardeoApplicationOIDC.getGrantTypes()));
        } else if (oAuthApplicationInfo.getParameter("grant_types") instanceof String) {
            oAuthApplicationInfo.addParameter("grant_types", ((String) oAuthApplicationInfo.getParameter("grant_types")).replace(",", " "));
        }
        oAuthApplicationInfo.addParameter("client_name", asgardeoApplication.getName());
        HashMap hashMap = new HashMap();
        hashMap.put("application_access_token_expiry_time", Integer.valueOf(asgardeoApplicationOIDC.getApplicationAccessTokenExpiry()));
        hashMap.put("user_access_token_expiry_time", Integer.valueOf(asgardeoApplicationOIDC.getUserAccessTokenExpiry()));
        hashMap.put("refresh_token_expiry_time", Integer.valueOf(asgardeoApplicationOIDC.getRefreshTokenExpiry()));
        hashMap.put("id_token_expiry_time", Integer.valueOf(asgardeoApplicationOIDC.getIdTokenExpiry()));
        hashMap.put("pkceMandatory", Boolean.valueOf(asgardeoApplicationOIDC.isPkceMandatory()));
        hashMap.put("pkceSupportPlain", Boolean.valueOf(asgardeoApplicationOIDC.isPkceSupportPlain()));
        hashMap.put("bypassClientCredentials", Boolean.valueOf(asgardeoApplicationOIDC.isPublicClient()));
        oAuthApplicationInfo.addParameter("additionalProperties", hashMap);
        return oAuthApplicationInfo;
    }

    public OAuthApplicationInfo retrieveApplication(String str) throws APIManagementException {
        String asgardeoAppIdFromConsumerKey = getAsgardeoAppIdFromConsumerKey(str);
        try {
            if (!StringUtils.isNotBlank(asgardeoAppIdFromConsumerKey)) {
                throw new APIManagementException("The property asgardeo_app_id_prod is missing in the application with consumer key " + str);
            }
            return buildDTOFromAsgardeoApp(this.appMgtClient.getApplication(asgardeoAppIdFromConsumerKey), this.appMgtClient.getApplicationOIDC(asgardeoAppIdFromConsumerKey));
        } catch (KeyManagerClientException e) {
            throw new APIManagementException("Error while fetching asgardeo app. Consumer key: " + str + ", asgardeo app id: " + asgardeoAppIdFromConsumerKey, e);
        }
    }

    private String getAsgardeoAppIdFromConsumerKey(String str) throws APIManagementException {
        return (String) ApiMgtDAO.getInstance().getApplicationByClientId(str).getApplicationAttributes().get(AsgardeoKeyManagerConstants.ASGARDEO_APP_ID_PROD);
    }

    public OAuthApplicationInfo updateApplication(OAuthAppRequest oAuthAppRequest) throws APIManagementException {
        return super.updateApplication(oAuthAppRequest);
    }

    public AccessTokenInfo getNewApplicationAccessToken(AccessTokenRequest accessTokenRequest) throws APIManagementException {
        return super.getNewApplicationAccessToken(accessTokenRequest);
    }

    public void deleteApplication(String str) throws APIManagementException {
        String asgardeoAppIdFromConsumerKey = getAsgardeoAppIdFromConsumerKey(str);
        if (!StringUtils.isNotBlank(asgardeoAppIdFromConsumerKey)) {
            throw new APIManagementException("The property asgardeo_app_id_prod is missing in the application with consumer key " + str);
        }
        try {
            this.appMgtClient.deleteApplication(asgardeoAppIdFromConsumerKey);
        } catch (KeyManagerClientException e) {
            throw new APIManagementException("Error while deleting asgardeo app " + asgardeoAppIdFromConsumerKey, e);
        }
    }

    public boolean registerNewResource(API api, Map map) throws APIManagementException {
        return super.registerNewResource(api, map);
    }

    public boolean updateRegisteredResource(API api, Map map) throws APIManagementException {
        return super.updateRegisteredResource(api, map);
    }
}
