package org.wso2.carbon.device.mgt.ios.util;

import com.ctc.wstx.io.CharsetNames;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HeaderElement;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.entity.ByteArrayEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.wso2.carbon.apimgt.application.extension.APIManagementProviderService;
import org.wso2.carbon.apimgt.application.extension.dto.ApiApplicationKey;
import org.wso2.carbon.apimgt.application.extension.exception.APIManagerException;
import org.wso2.carbon.apimgt.impl.APIManagerConfiguration;
import org.wso2.carbon.apimgt.impl.APIManagerConfigurationService;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.device.mgt.ios.api.utils.beans.DeviceIdentifierBean;
import org.wso2.carbon.device.mgt.ios.api.utils.beans.LoginBean;
import org.wso2.carbon.device.mgt.ios.beans.APIRegistrationProfile;
import org.wso2.carbon.device.mgt.ios.core.exception.IOSEnrollmentException;
import org.wso2.carbon.identity.jwt.client.extension.dto.AccessTokenInfo;
import org.wso2.carbon.identity.jwt.client.extension.exception.JWTClientException;
import org.wso2.carbon.user.api.UserStoreException;

/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/device/mgt/ios/util/OAuthUtils.class */
public class OAuthUtils {
    private static final String GRANT_TYPE = "grant_type";
    private static final String GRANT_TYPE_PASSWORD = "password";
    private static final String GRANT_TYPE_AUTHORIZATION_CODE = "authorization_code";
    private static final String GRANT_TYPE_REFRESH_TOKEN = "refresh_token";
    private static final String AUTHORIZATION_CODE = "code";
    private static final String AUTHORIZATION_MODE = "Basic ";
    private static final String AUTHORIZATION_HEADER = "Authorization";
    private static final String CONTENT_TYPE_HEADER = "Content-Type";
    private static final String DEFAULT_CONTENT_TYPE = "application/x-www-form-urlencoded";
    private static final String REDIRECT_URL = "redirect_uri";
    private static final String USERNAME_LABEL = "username";
    private static final String PASSWORD_LABEL = "password";
    private static final String SCOPE_LABEL = "scope";
    private static final String COLON = ":";
    private static final String SCOPE = "perm:ios:enroll perm:ios:view-device perm:ios:applications perm:ios:enterprise-wipe";
    private static final String REFRESH_TOKEN = "refresh_token";
    private static final String ACCESS_TOKEN = "access_token";
    private static final String APPLICATION_NAME = "devicetype_ios";
    private static final String APP_MGT_APPLICATION_NAME = "devicetype_ios_app_mgt";
    private static final String DEFAULT_TOKEN_TYPE = "PRODUCTION";
    public static final String DEFAULT_VALIDITY_PERIOD = "3600";
    private static final Log log = LogFactory.getLog(OAuthUtils.class);
    private static final String[] SUBSCRIBED_API = {"ios"};

    public static ApiApplicationKey getCredentials(APIRegistrationProfile aPIRegistrationProfile, String str) throws APIManagerException, UserStoreException {
        if (str == null || str.isEmpty()) {
            str = "carbon.super";
        }
        try {
            PrivilegedCarbonContext.startTenantFlow();
            PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(str, true);
            PrivilegedCarbonContext.getThreadLocalCarbonContext().setUsername(PrivilegedCarbonContext.getThreadLocalCarbonContext().getUserRealm().getRealmConfiguration().getAdminUserName());
            ApiApplicationKey generateAndRetrieveApplicationKeys = ((APIManagementProviderService) PrivilegedCarbonContext.getThreadLocalCarbonContext().getOSGiService(APIManagementProviderService.class, (Hashtable) null)).generateAndRetrieveApplicationKeys(aPIRegistrationProfile.getApplicationName(), aPIRegistrationProfile.getTags(), DEFAULT_TOKEN_TYPE, aPIRegistrationProfile.getApplicationName(), aPIRegistrationProfile.isAllowedToAllDomains(), DEFAULT_VALIDITY_PERIOD);
            PrivilegedCarbonContext.endTenantFlow();
            return generateAndRetrieveApplicationKeys;
        } catch (Throwable th) {
            PrivilegedCarbonContext.endTenantFlow();
            throw th;
        }
    }

    public static ApiApplicationKey getClientCredentials(String str) throws APIManagerException, UserStoreException {
        APIRegistrationProfile aPIRegistrationProfile = new APIRegistrationProfile();
        aPIRegistrationProfile.setAllowedToAllDomains(false);
        aPIRegistrationProfile.setMappingAnExistingOAuthApp(false);
        aPIRegistrationProfile.setTags(SUBSCRIBED_API);
        aPIRegistrationProfile.setApplicationName(APP_MGT_APPLICATION_NAME);
        return getCredentials(aPIRegistrationProfile, str);
    }

    public static AccessTokenInfo getOAuthCredentials(ApiApplicationKey apiApplicationKey, String str, boolean z) throws APIManagerException, UserStoreException {
        APIRegistrationProfile aPIRegistrationProfile = new APIRegistrationProfile();
        aPIRegistrationProfile.setAllowedToAllDomains(false);
        aPIRegistrationProfile.setMappingAnExistingOAuthApp(false);
        aPIRegistrationProfile.setTags(SUBSCRIBED_API);
        aPIRegistrationProfile.setApplicationName(APP_MGT_APPLICATION_NAME);
        try {
            return IOSServiceUtils.getJWTClientManagerService().getJWTClient().getAccessToken(apiApplicationKey.getConsumerKey(), apiApplicationKey.getConsumerSecret(), str, z ? "appm:subscribe" : SCOPE);
        } catch (JWTClientException e) {
            String str2 = "Error while generating an OAuth token for user " + str;
            log.error(str2, e);
            throw new APIManagerException(str2, e);
        }
    }

    public static DeviceIdentifierBean getOAuthToken(LoginBean loginBean) throws APIManagerException, UserStoreException {
        APIRegistrationProfile aPIRegistrationProfile = new APIRegistrationProfile();
        aPIRegistrationProfile.setAllowedToAllDomains(false);
        aPIRegistrationProfile.setTags(SUBSCRIBED_API);
        aPIRegistrationProfile.setMappingAnExistingOAuthApp(false);
        if (loginBean.getTenantDomain() == null || loginBean.getTenantDomain().isEmpty()) {
            loginBean.getUsername();
        } else {
            String str = loginBean.getUsername() + "@" + loginBean.getTenantDomain();
        }
        aPIRegistrationProfile.setApplicationName(APPLICATION_NAME);
        ApiApplicationKey credentials = getCredentials(aPIRegistrationProfile, loginBean.getTenantDomain());
        HashMap hashMap = new HashMap();
        hashMap.put(GRANT_TYPE, "password");
        if (loginBean.getTenantDomain() == null || loginBean.getTenantDomain().isEmpty()) {
            hashMap.put(USERNAME_LABEL, loginBean.getUsername());
        } else {
            hashMap.put(USERNAME_LABEL, loginBean.getUsername() + "@" + loginBean.getTenantDomain());
        }
        hashMap.put("password", loginBean.getPassword());
        hashMap.put(SCOPE_LABEL, SCOPE);
        String str2 = new String(Base64.encodeBase64((credentials.getConsumerKey() + COLON + credentials.getConsumerSecret()).getBytes()));
        HashMap hashMap2 = new HashMap();
        hashMap2.put(AUTHORIZATION_HEADER, AUTHORIZATION_MODE + str2);
        hashMap2.put(CONTENT_TYPE_HEADER, DEFAULT_CONTENT_TYPE);
        String buildPayload = buildPayload(hashMap);
        APIManagerConfiguration aPIManagerConfiguration = ((APIManagerConfigurationService) PrivilegedCarbonContext.getThreadLocalCarbonContext().getOSGiService(APIManagerConfigurationService.class, (Hashtable) null)).getAPIManagerConfiguration();
        String str3 = (((String) aPIManagerConfiguration.getProperty("APIKeyValidator.ServerURL").get(0)).contains("//services/") ? ((String) aPIManagerConfiguration.getProperty("APIKeyValidator.ServerURL").get(0)).replaceAll("//services/", "") : ((String) aPIManagerConfiguration.getProperty("APIKeyValidator.ServerURL").get(0)).replaceAll("/services/", "")) + ((String) aPIManagerConfiguration.getProperty("OAuthConfigurations.TokenEndPointName").get(0));
        DefaultHttpClient defaultHttpClient = new DefaultHttpClient();
        HttpPost httpPost = (HttpPost) buildHeaders(new HttpPost(str3), hashMap2);
        DeviceIdentifierBean deviceIdentifierBean = null;
        try {
            httpPost.setEntity(new ByteArrayEntity(buildPayload.getBytes()));
            HttpResponse execute = defaultHttpClient.execute(httpPost);
            String.valueOf(execute.getStatusLine().getStatusCode());
            JsonObject parse = new JsonParser().parse(getResponseBody(execute));
            deviceIdentifierBean = new DeviceIdentifierBean();
            deviceIdentifierBean.setRefreshToken(parse.get("refresh_token").getAsString());
            deviceIdentifierBean.setAccessToken(parse.get(ACCESS_TOKEN).getAsString());
            deviceIdentifierBean.setClientCredentials(str2);
        } catch (ClientProtocolException e) {
            log.error("Error occurred while sending 'Post' request due to an invalid client protocol being used", e);
        } catch (IOSEnrollmentException e2) {
            log.error("Error occurred while processing the token rsponse", e2);
        } catch (IOException e3) {
            log.error("Error occurred while sending 'Post' request due to failure of server connection", e3);
        }
        return deviceIdentifierBean;
    }

    public static HttpRequestBase buildHeaders(HttpRequestBase httpRequestBase, Map<String, String> map) {
        for (Map.Entry<String, String> entry : map.entrySet()) {
            httpRequestBase.setHeader(entry.getKey(), entry.getValue());
        }
        return httpRequestBase;
    }

    public static String buildPayload(Map<String, String> map) {
        StringBuilder sb = new StringBuilder();
        Iterator<Map.Entry<String, String>> it = map.entrySet().iterator();
        while (it.hasNext()) {
            Map.Entry<String, String> next = it.next();
            sb.append(next.getKey()).append('=').append(next.getValue());
            if (it.hasNext()) {
                sb.append('&');
            }
        }
        return sb.toString();
    }

    public static String getResponseBody(HttpResponse httpResponse) throws IOSEnrollmentException {
        String str = null;
        try {
            str = getResponseBodyContent(httpResponse.getEntity());
        } catch (IOException e) {
            e.printStackTrace();
        }
        return str;
    }

    public static String getResponseBodyContent(HttpEntity httpEntity) throws IOException {
        InputStream content = httpEntity.getContent();
        if (httpEntity.getContentLength() > 2147483647L) {
            throw new IllegalArgumentException("HTTP entity too large to be buffered in memory.");
        }
        String contentCharSet = getContentCharSet(httpEntity);
        if (contentCharSet == null) {
            contentCharSet = CharsetNames.CS_ISO_LATIN1;
        }
        InputStreamReader inputStreamReader = new InputStreamReader(content, contentCharSet);
        StringBuilder sb = new StringBuilder();
        try {
            char[] cArr = new char[1024];
            while (true) {
                int read = inputStreamReader.read(cArr);
                if (read == -1) {
                    return sb.toString();
                }
                sb.append(cArr, 0, read);
            }
        } finally {
            inputStreamReader.close();
        }
    }

    public static String getContentCharSet(HttpEntity httpEntity) {
        NameValuePair parameterByName;
        String str = null;
        if (httpEntity.getContentType() != null) {
            HeaderElement[] elements = httpEntity.getContentType().getElements();
            if (elements.length > 0 && (parameterByName = elements[0].getParameterByName("charset")) != null) {
                str = parameterByName.getValue();
            }
        }
        return str;
    }
}
