package org.wso2.is.data.sync.system.util;

import java.nio.charset.StandardCharsets;
import org.wso2.carbon.core.util.CryptoException;
import org.wso2.carbon.core.util.CryptoUtil;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;
import org.wso2.carbon.identity.oauth.tokenprocessor.EncryptionDecryptionPersistenceProcessor;
import org.wso2.carbon.identity.oauth.tokenprocessor.HashingPersistenceProcessor;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.is.data.sync.system.exception.SyncClientException;
import org.wso2.is.data.sync.system.pipeline.EntryField;
import org.wso2.is.data.sync.system.pipeline.JournalEntry;
import org.wso2.is.data.sync.system.pipeline.transform.model.AuthorizationCodeInfo;
import org.wso2.is.data.sync.system.pipeline.transform.model.TokenInfo;

/* loaded from: input_file:org/wso2/is/data/sync/system/util/OAuth2Util.class */
public class OAuth2Util {
    private static final String CIPHER_TRANSFORMATION_SYSTEM_PROPERTY = "org.wso2.CipherTransformation";

    public static boolean isEncryptionWithTransformationEnabled() throws IdentityOAuth2Exception {
        return System.getProperty(CIPHER_TRANSFORMATION_SYSTEM_PROPERTY) != null && isTokenEncryptionEnabled();
    }

    public static boolean isTokenEncryptionEnabled() throws IdentityOAuth2Exception {
        return OAuthServerConfiguration.getInstance().getPersistenceProcessor() instanceof EncryptionDecryptionPersistenceProcessor;
    }

    public static boolean isBase64DecodeAndIsSelfContainedCipherText(String str) throws CryptoException {
        return CryptoUtil.getDefaultCryptoUtil().base64DecodeAndIsSelfContainedCipherText(str);
    }

    public static TokenInfo hashTokens(TokenInfo tokenInfo) throws SyncClientException {
        HashingPersistenceProcessor hashingPersistenceProcessor = new HashingPersistenceProcessor();
        String decryptedAccessToken = tokenInfo.getDecryptedAccessToken();
        String accessToken = decryptedAccessToken != null ? decryptedAccessToken : tokenInfo.getAccessToken();
        String decryptedRefreshToken = tokenInfo.getDecryptedRefreshToken();
        String refreshToken = decryptedRefreshToken != null ? decryptedRefreshToken : tokenInfo.getRefreshToken();
        try {
            String processedAccessTokenIdentifier = hashingPersistenceProcessor.getProcessedAccessTokenIdentifier(accessToken);
            String str = null;
            if (refreshToken != null) {
                str = hashingPersistenceProcessor.getProcessedRefreshToken(refreshToken);
            }
            tokenInfo.setAccessTokenHash(processedAccessTokenIdentifier);
            tokenInfo.setRefreshTokenHash(str);
            return tokenInfo;
        } catch (IdentityOAuth2Exception e) {
            throw new SyncClientException("Error while hashing access/refresh token with HashingPersistenceProcessor.", (Throwable) e);
        }
    }

    public static AuthorizationCodeInfo hashAuthorizationCode(AuthorizationCodeInfo authorizationCodeInfo) throws SyncClientException {
        HashingPersistenceProcessor hashingPersistenceProcessor = new HashingPersistenceProcessor();
        String decryptedAuthorizationCode = authorizationCodeInfo.getDecryptedAuthorizationCode();
        try {
            authorizationCodeInfo.setAuthorizationCodeHash(hashingPersistenceProcessor.getProcessedAuthzCode(decryptedAuthorizationCode != null ? decryptedAuthorizationCode : authorizationCodeInfo.getAuthorizationCode()));
            return authorizationCodeInfo;
        } catch (IdentityOAuth2Exception e) {
            throw new SyncClientException("Error while hashing access/refresh token with HashingPersistenceProcessor.", (Throwable) e);
        }
    }

    public static TokenInfo transformEncryptedTokens(TokenInfo tokenInfo) throws CryptoException, SyncClientException {
        String accessToken = tokenInfo.getAccessToken();
        String refreshToken = tokenInfo.getRefreshToken();
        if (!isBase64DecodeAndIsSelfContainedCipherText(accessToken)) {
            byte[] base64DecodeAndDecrypt = CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(accessToken, "RSA");
            String encryptAndBase64Encode = CryptoUtil.getDefaultCryptoUtil().encryptAndBase64Encode(base64DecodeAndDecrypt);
            byte[] bArr = null;
            String str = null;
            if (refreshToken != null) {
                bArr = CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(refreshToken, "RSA");
                str = CryptoUtil.getDefaultCryptoUtil().encryptAndBase64Encode(bArr);
            }
            String str2 = new String(base64DecodeAndDecrypt, StandardCharsets.UTF_8);
            String str3 = null;
            if (refreshToken != null) {
                str3 = new String(bArr, StandardCharsets.UTF_8);
            }
            tokenInfo.setAccessToken(encryptAndBase64Encode);
            tokenInfo.setRefreshToken(str);
            tokenInfo.setDecryptedAccessToken(str2);
            tokenInfo.setDecryptedRefreshToken(str3);
        } else if (isBase64DecodeAndIsSelfContainedCipherText(accessToken)) {
            byte[] base64DecodeAndDecrypt2 = CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(accessToken);
            byte[] bArr2 = null;
            if (refreshToken != null) {
                bArr2 = CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(refreshToken);
            }
            String str4 = new String(base64DecodeAndDecrypt2, StandardCharsets.UTF_8);
            String str5 = refreshToken != null ? new String(bArr2, StandardCharsets.UTF_8) : null;
            tokenInfo.setAccessToken(accessToken);
            tokenInfo.setRefreshToken(refreshToken);
            tokenInfo.setDecryptedAccessToken(str4);
            tokenInfo.setDecryptedRefreshToken(str5);
        }
        return tokenInfo;
    }

    public static AuthorizationCodeInfo transformEncryptedAuthorizationCode(AuthorizationCodeInfo authorizationCodeInfo) throws CryptoException, SyncClientException {
        String authorizationCode = authorizationCodeInfo.getAuthorizationCode();
        if (!isBase64DecodeAndIsSelfContainedCipherText(authorizationCode)) {
            byte[] base64DecodeAndDecrypt = CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(authorizationCode, "RSA");
            String encryptAndBase64Encode = CryptoUtil.getDefaultCryptoUtil().encryptAndBase64Encode(base64DecodeAndDecrypt);
            String str = new String(base64DecodeAndDecrypt, StandardCharsets.UTF_8);
            authorizationCodeInfo.setAuthorizationCode(encryptAndBase64Encode);
            authorizationCodeInfo.setDecryptedAuthorizationCode(str);
        } else if (isBase64DecodeAndIsSelfContainedCipherText(authorizationCode)) {
            String str2 = new String(CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(authorizationCode), StandardCharsets.UTF_8);
            authorizationCodeInfo.setAuthorizationCode(authorizationCode);
            authorizationCodeInfo.setDecryptedAuthorizationCode(str2);
        }
        return authorizationCodeInfo;
    }

    public static void updateJournalEntryForToken(JournalEntry journalEntry, TokenInfo tokenInfo) {
        journalEntry.addEntryField(Constant.COLUMN_ACCESS_TOKEN, new EntryField(tokenInfo.getAccessToken()));
        journalEntry.addEntryField(Constant.COLUMN_REFRESH_TOKEN, new EntryField(tokenInfo.getRefreshToken()));
        journalEntry.addEntryField(Constant.COLUMN_ACCESS_TOKEN_HASH, new EntryField(tokenInfo.getAccessTokenHash()));
        journalEntry.addEntryField(Constant.COLUMN_REFRESH_TOKEN_HASH, new EntryField(tokenInfo.getRefreshTokenHash()));
    }

    public static void updateJournalEntryForCode(JournalEntry journalEntry, AuthorizationCodeInfo authorizationCodeInfo) {
        journalEntry.addEntryField(Constant.COLUMN_AUTHORIZATION_CODE, new EntryField(authorizationCodeInfo.getAuthorizationCode()));
        journalEntry.addEntryField(Constant.COLUMN_AUTHORIZATION_CODE_HASH, new EntryField(authorizationCodeInfo.getAuthorizationCodeHash()));
    }
}
