package org.wso2.carbon.identity.oauth.ciba.api;

import java.sql.Timestamp;
import java.util.Calendar;
import java.util.TimeZone;
import java.util.UUID;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.oauth.ciba.common.AuthReqStatus;
import org.wso2.carbon.identity.oauth.ciba.common.CibaConstants;
import org.wso2.carbon.identity.oauth.ciba.dao.CibaDAOFactory;
import org.wso2.carbon.identity.oauth.ciba.exceptions.CibaClientException;
import org.wso2.carbon.identity.oauth.ciba.exceptions.CibaCoreException;
import org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeDO;
import org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeRequest;
import org.wso2.carbon.identity.oauth.ciba.model.CibaAuthCodeResponse;
import org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;

/* loaded from: input_file:org/wso2/carbon/identity/oauth/ciba/api/CibaAuthServiceImpl.class */
public class CibaAuthServiceImpl implements CibaAuthService {
    private static Log log = LogFactory.getLog(CibaAuthServiceImpl.class);

    @Override // org.wso2.carbon.identity.oauth.ciba.api.CibaAuthService
    public CibaAuthCodeResponse generateAuthCodeResponse(CibaAuthCodeRequest cibaAuthCodeRequest) throws CibaCoreException, CibaClientException {
        CibaAuthCodeDO generateCibaAuthCodeDO = generateCibaAuthCodeDO(cibaAuthCodeRequest);
        CibaDAOFactory.getInstance().getCibaAuthMgtDAO().persistCibaAuthCode(generateCibaAuthCodeDO);
        return buildAuthCodeResponse(cibaAuthCodeRequest, generateCibaAuthCodeDO);
    }

    private String generateAuthCodeKey() {
        return UUID.randomUUID().toString();
    }

    private String generateAuthRequestId() {
        return UUID.randomUUID().toString();
    }

    private long getExpiresIn(CibaAuthCodeRequest cibaAuthCodeRequest) {
        long requestedExpiry = cibaAuthCodeRequest.getRequestedExpiry();
        if (requestedExpiry == 0) {
            return 3600L;
        }
        if (requestedExpiry < 3600) {
            return requestedExpiry;
        }
        if (!log.isDebugEnabled()) {
            return 3600L;
        }
        log.debug("The requested_expiry: " + requestedExpiry + " exceeds default maximum value: 3600 for the CIBA authentication request made by: " + cibaAuthCodeRequest.getIssuer());
        return 3600L;
    }

    private CibaAuthCodeDO generateCibaAuthCodeDO(CibaAuthCodeRequest cibaAuthCodeRequest) {
        CibaAuthCodeDO cibaAuthCodeDO = new CibaAuthCodeDO();
        Timestamp timestamp = new Timestamp(Calendar.getInstance(TimeZone.getTimeZone(CibaConstants.UTC)).getTimeInMillis());
        long expiresIn = getExpiresIn(cibaAuthCodeRequest);
        String[] scopes = cibaAuthCodeRequest.getScopes();
        cibaAuthCodeDO.setCibaAuthCodeKey(generateAuthCodeKey());
        cibaAuthCodeDO.setAuthReqId(generateAuthRequestId());
        cibaAuthCodeDO.setConsumerKey(cibaAuthCodeRequest.getIssuer());
        cibaAuthCodeDO.setIssuedTime(timestamp);
        cibaAuthCodeDO.setLastPolledTime(timestamp);
        cibaAuthCodeDO.setAuthReqStatus(AuthReqStatus.REQUESTED);
        cibaAuthCodeDO.setInterval(2L);
        cibaAuthCodeDO.setExpiresIn(expiresIn);
        cibaAuthCodeDO.setScopes(scopes);
        return cibaAuthCodeDO;
    }

    private CibaAuthCodeResponse buildAuthCodeResponse(CibaAuthCodeRequest cibaAuthCodeRequest, CibaAuthCodeDO cibaAuthCodeDO) throws CibaCoreException, CibaClientException {
        String issuer = cibaAuthCodeRequest.getIssuer();
        try {
            CibaAuthCodeResponse cibaAuthCodeResponse = new CibaAuthCodeResponse();
            String userHint = cibaAuthCodeRequest.getUserHint();
            String callbackUrl = OAuth2Util.getAppInformationByClientId(issuer).getCallbackUrl();
            cibaAuthCodeResponse.setAuthReqId(cibaAuthCodeDO.getAuthReqId());
            cibaAuthCodeResponse.setCallBackUrl(callbackUrl);
            cibaAuthCodeResponse.setUserHint(userHint);
            cibaAuthCodeResponse.setClientId(issuer);
            cibaAuthCodeResponse.setScopes(cibaAuthCodeRequest.getScopes());
            cibaAuthCodeResponse.setExpiresIn(cibaAuthCodeDO.getExpiresIn());
            if (StringUtils.isNotBlank(cibaAuthCodeRequest.getBindingMessage())) {
                cibaAuthCodeResponse.setBindingMessage(cibaAuthCodeRequest.getBindingMessage());
            }
            if (StringUtils.isNotBlank(cibaAuthCodeRequest.getTransactionContext())) {
                cibaAuthCodeResponse.setTransactionDetails(cibaAuthCodeRequest.getTransactionContext());
            }
            if (log.isDebugEnabled()) {
                log.debug("Successful in creating AuthCodeResponse for the client: " + issuer);
            }
            return cibaAuthCodeResponse;
        } catch (IdentityOAuth2Exception e) {
            throw new CibaCoreException("Error in creating AuthCodeResponse for the client: " + issuer, e);
        } catch (InvalidOAuthClientException e2) {
            throw new CibaClientException("Error in creating AuthCodeResponse for the client: " + issuer, e2);
        }
    }
}
