package org.wso2.carbon.apimgt.impl.recommendationmgt;

import edu.emory.mathcs.backport.java.util.Arrays;
import java.io.IOException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.json.JSONObject;
import org.wso2.carbon.apimgt.api.model.AccessTokenInfo;
import org.wso2.carbon.apimgt.impl.APIConstants;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;

/* loaded from: input_file:org/wso2/carbon/apimgt/impl/recommendationmgt/AccessTokenGenerator.class */
public class AccessTokenGenerator {
    private static final Log log = LogFactory.getLog(AccessTokenGenerator.class);
    private String oauthUrl;
    private String consumerKey;
    private String consumerSecret;
    private String tokenEndpoint;
    private String revokeEndpoint;
    private Map<String, AccessTokenInfo> accessTokenInfoMap = new ConcurrentHashMap();

    public AccessTokenGenerator(String str, String str2, String str3) {
        this.oauthUrl = str;
        this.consumerKey = str2;
        this.consumerSecret = str3;
    }

    public AccessTokenGenerator(String str, String str2, String str3, String str4) {
        this.consumerKey = str3;
        this.consumerSecret = str4;
        this.tokenEndpoint = str;
        this.revokeEndpoint = str2;
    }

    public String getAccessToken(String[] strArr) {
        AccessTokenInfo generateNewAccessToken;
        String scopeHash = getScopeHash(strArr);
        AccessTokenInfo accessTokenInfo = this.accessTokenInfoMap.get(scopeHash);
        if (accessTokenInfo != null) {
            long issuedTime = accessTokenInfo.getIssuedTime() + accessTokenInfo.getValidityPeriod();
            if (System.currentTimeMillis() > issuedTime) {
                if (log.isDebugEnabled()) {
                    log.debug("Access token expired. New token requested");
                }
                this.accessTokenInfoMap.remove(scopeHash);
                generateNewAccessToken = generateNewAccessToken(strArr);
                this.accessTokenInfoMap.put(scopeHash, generateNewAccessToken);
            } else {
                if (20000 <= issuedTime - System.currentTimeMillis()) {
                    if (log.isDebugEnabled()) {
                        log.debug("Valid Access Token already available for the provided application");
                    }
                    return accessTokenInfo.getAccessToken();
                }
                if (log.isDebugEnabled()) {
                    log.debug("Access Token will expire soon. Generated a new Token after revoking the previous");
                }
                revokeAccessToken(accessTokenInfo.getAccessToken());
                this.accessTokenInfoMap.remove(scopeHash);
                generateNewAccessToken = generateNewAccessToken(strArr);
                this.accessTokenInfoMap.put(scopeHash, generateNewAccessToken);
            }
        } else {
            generateNewAccessToken = generateNewAccessToken(strArr);
        }
        if (generateNewAccessToken == null) {
            return null;
        }
        this.accessTokenInfoMap.put(scopeHash, generateNewAccessToken);
        return generateNewAccessToken.getAccessToken();
    }

    private void revokeAccessToken(String str) {
        URL url;
        String concat;
        int port;
        try {
            if (StringUtils.isNotEmpty(this.revokeEndpoint)) {
                concat = this.revokeEndpoint;
                url = new URL(concat);
                port = url.getPort();
            } else {
                url = new URL(this.oauthUrl);
                concat = this.oauthUrl.concat("/revoke");
                port = url.getPort();
            }
            String protocol = url.getProtocol();
            HttpPost httpPost = new HttpPost(concat);
            HttpClient httpClient = APIUtil.getHttpClient(port, protocol);
            httpPost.setHeader("Authorization", APIConstants.AUTHORIZATION_BASIC + new String(Base64.encodeBase64((this.consumerKey + ":" + this.consumerSecret).getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8));
            httpPost.setHeader("Content-Type", "application/x-www-form-urlencoded");
            ArrayList arrayList = new ArrayList();
            arrayList.add(new BasicNameValuePair(APIConstants.TOKEN_KEY, str));
            httpPost.setEntity(new UrlEncodedFormEntity(arrayList));
            HttpResponse execute = httpClient.execute(httpPost);
            if (execute.getStatusLine().getStatusCode() != 200) {
                log.error("Error occurred when revoking the Access token. Server responded with " + execute.getStatusLine().getStatusCode());
            } else if (log.isDebugEnabled()) {
                log.debug("Successfully revoked the token");
            }
        } catch (IOException e) {
            log.error("Error occurred when revoking the Access token", e);
        }
    }

    private AccessTokenInfo generateNewAccessToken(String[] strArr) {
        URL url;
        int port;
        String concat;
        try {
            if (StringUtils.isNotEmpty(this.tokenEndpoint)) {
                concat = this.tokenEndpoint;
                url = new URL(concat);
                port = url.getPort();
            } else {
                url = new URL(this.oauthUrl);
                port = url.getPort();
                concat = this.oauthUrl.concat("/token");
            }
            String protocol = url.getProtocol();
            HttpPost httpPost = new HttpPost(concat);
            HttpClient httpClient = APIUtil.getHttpClient(port, protocol);
            httpPost.setHeader("Authorization", APIConstants.AUTHORIZATION_BASIC + new String(Base64.encodeBase64((this.consumerKey + ":" + this.consumerSecret).getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8));
            httpPost.setHeader("Content-Type", "application/x-www-form-urlencoded");
            ArrayList arrayList = new ArrayList();
            arrayList.add(new BasicNameValuePair(APIConstants.TOKEN_GRANT_TYPE_KEY, "client_credentials"));
            if (strArr != null && strArr.length > 0) {
                arrayList.add(new BasicNameValuePair("scope", String.join(" ", strArr)));
            }
            httpPost.setEntity(new UrlEncodedFormEntity(arrayList));
            HttpResponse execute = httpClient.execute(httpPost);
            if (execute.getStatusLine().getStatusCode() != 200) {
                log.error("Error occurred when generating a new Access token. Server responded with " + execute.getStatusLine().getStatusCode());
                return null;
            }
            JSONObject jSONObject = new JSONObject(EntityUtils.toString(execute.getEntity()));
            String str = (String) jSONObject.get("access_token");
            int intValue = ((Integer) jSONObject.get("expires_in")).intValue() * 1000;
            long currentTimeMillis = System.currentTimeMillis() + intValue;
            if (log.isDebugEnabled()) {
                log.debug("Successfully received an access token which expires in " + currentTimeMillis);
            }
            AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
            accessTokenInfo.setAccessToken(str);
            accessTokenInfo.setIssuedTime(System.currentTimeMillis());
            accessTokenInfo.setValidityPeriod(intValue);
            return accessTokenInfo;
        } catch (IOException e) {
            log.error("Error occurred when generating a new Access token", e);
            return null;
        }
    }

    public void setOauthUrl(String str) {
        this.oauthUrl = str;
    }

    public void removeInvalidToken(String[] strArr) {
        this.accessTokenInfoMap.remove(getScopeHash(strArr));
    }

    private String getScopeHash(String[] strArr) {
        Arrays.sort(strArr);
        return DigestUtils.md5Hex(String.join(" ", strArr));
    }

    public String getAccessToken() {
        return getAccessToken(new String[]{"default"});
    }
}
