package org.wso2.carbon.identity.conditional.auth.functions.entgra;

import java.io.IOException;
import java.net.SocketTimeoutException;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collections;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.ConnectTimeoutException;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.json.simple.JSONObject;
import org.json.simple.parser.JSONParser;
import org.json.simple.parser.ParseException;
import org.wso2.carbon.identity.application.authentication.framework.AsyncProcess;
import org.wso2.carbon.identity.application.authentication.framework.config.model.graph.JsGraphBuilder;
import org.wso2.carbon.identity.application.authentication.framework.config.model.graph.js.JsAuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.config.model.graph.js.JsAuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.conditional.auth.functions.common.utils.CommonUtils;
import org.wso2.carbon.identity.conditional.auth.functions.common.utils.ConfigProvider;
import org.wso2.carbon.identity.conditional.auth.functions.entgra.Constants;
import org.wso2.carbon.identity.conditional.auth.functions.entgra.exception.EntgraConnectorException;
import org.wso2.carbon.identity.event.IdentityEventException;

/* loaded from: input_file:org/wso2/carbon/identity/conditional/auth/functions/entgra/GetDeviceInfoEntgraFunctionImpl.class */
public class GetDeviceInfoEntgraFunctionImpl implements GetDeviceInfoEntgraFunction {
    private static final Log LOG = LogFactory.getLog(GetDeviceInfoEntgraFunctionImpl.class);
    private CloseableHttpClient client = HttpClientBuilder.create().setDefaultRequestConfig(RequestConfig.custom().setConnectTimeout(ConfigProvider.getInstance().getConnectionTimeout()).setConnectionRequestTimeout(ConfigProvider.getInstance().getConnectionRequestTimeout()).setSocketTimeout(ConfigProvider.getInstance().getReadTimeout()).setRedirectsEnabled(false).setRelativeRedirectsAllowed(false).build()).build();

    @Override // org.wso2.carbon.identity.conditional.auth.functions.entgra.GetDeviceInfoEntgraFunction
    public void getDeviceInfoEntgra(JsAuthenticationContext jsAuthenticationContext, String str, String str2, Map<String, Object> map) throws EntgraConnectorException {
        try {
            JsAuthenticatedUser user = Util.getUser(jsAuthenticationContext);
            String tenantDomain = ((AuthenticatedUser) user.getWrapped()).getTenantDomain();
            String userName = ((AuthenticatedUser) user.getWrapped()).getUserName();
            String connectorConfig = CommonUtils.getConnectorConfig(Constants.CLIENT_KEY, tenantDomain);
            String connectorConfig2 = CommonUtils.getConnectorConfig(Constants.CLIENT_SECRET, tenantDomain);
            String connectorConfig3 = CommonUtils.getConnectorConfig(Constants.TOKEN_URL, tenantDomain);
            String str3 = CommonUtils.getConnectorConfig(Constants.DEVICE_INFO_URL, tenantDomain) + "/" + str + "/" + str2;
            JsGraphBuilder.addLongWaitProcess(new AsyncProcess((authenticationContext, asyncReturn) -> {
                String str4;
                ?? r17;
                ?? r18;
                JSONObject jSONObject = null;
                try {
                    try {
                        try {
                            try {
                                try {
                                    CloseableHttpResponse execute = this.client.execute(getTokenRequest(connectorConfig3, connectorConfig, connectorConfig2));
                                    Throwable th = null;
                                    int statusCode = execute.getStatusLine().getStatusCode();
                                    if (statusCode >= 200 && statusCode < 300) {
                                        String entityUtils = EntityUtils.toString(execute.getEntity());
                                        JSONParser jSONParser = new JSONParser();
                                        HttpGet deviceInfoRequest = getDeviceInfoRequest(str3, (String) ((JSONObject) jSONParser.parse(entityUtils)).get(Constants.ACCESS_TOKEN));
                                        execute.close();
                                        try {
                                            try {
                                                CloseableHttpResponse execute2 = this.client.execute(deviceInfoRequest);
                                                Throwable th2 = null;
                                                int statusCode2 = execute2.getStatusLine().getStatusCode();
                                                if (statusCode2 < 200 || statusCode2 >= 300) {
                                                    LOG.error("Error while fetching device information from Entgra Server. Response code: " + statusCode2);
                                                    str4 = "onFail";
                                                } else {
                                                    JSONObject jSONObject2 = (JSONObject) jSONParser.parse(EntityUtils.toString(execute2.getEntity()));
                                                    String str5 = (String) ((JSONObject) jSONObject2.get("enrolmentInfo")).get("owner");
                                                    if ("REMOVED".equals((String) ((JSONObject) jSONObject2.get("enrolmentInfo")).get("status"))) {
                                                        str4 = "onFail";
                                                        jSONObject = getErrorJsonObject(Constants.AuthResponseErrorCode.DEVICE_NOT_ENROLLED, "Device is not recognized. Please register your device.");
                                                    } else if (userName.equalsIgnoreCase(str5)) {
                                                        str4 = "onSuccess";
                                                        jSONObject = (JSONObject) ((JSONObject) jSONObject2.get("deviceInfo")).get("deviceDetailsMap");
                                                    } else {
                                                        str4 = "onFail";
                                                        jSONObject = getErrorJsonObject(Constants.AuthResponseErrorCode.DEVICE_NOT_ENROLLED_UNDER_CURRENT_USER, "Access is denied. Please contact your administrator.");
                                                    }
                                                }
                                                if (execute2 != null) {
                                                    if (0 != 0) {
                                                        try {
                                                            execute2.close();
                                                        } catch (Throwable th3) {
                                                            th2.addSuppressed(th3);
                                                        }
                                                    } else {
                                                        execute2.close();
                                                    }
                                                }
                                            } finally {
                                                if (r17 != 0) {
                                                    if (r18 != 0) {
                                                        try {
                                                            r17.close();
                                                        } catch (Throwable th4) {
                                                            r18.addSuppressed(th4);
                                                        }
                                                    } else {
                                                        r17.close();
                                                    }
                                                }
                                            }
                                        } catch (Exception e) {
                                            throw e;
                                        }
                                    } else if (statusCode == 404) {
                                        LOG.error("Error while requesting access token from Entgra Server. Response code: " + statusCode);
                                        str4 = "onFail";
                                        jSONObject = getErrorJsonObject(Constants.AuthResponseErrorCode.DEVICE_NOT_ENROLLED, "Device is not recognized. Please register your device.");
                                    } else {
                                        LOG.error("Error while requesting access token from Entgra Server. Response code: " + statusCode);
                                        str4 = "onFail";
                                    }
                                    if (execute != null) {
                                        if (0 != 0) {
                                            try {
                                                execute.close();
                                            } catch (Throwable th5) {
                                                th.addSuppressed(th5);
                                            }
                                        } else {
                                            execute.close();
                                        }
                                    }
                                } catch (Throwable th6) {
                                    throw th6;
                                }
                            } catch (IllegalArgumentException e2) {
                                LOG.error("Invalid Url: " + connectorConfig3, e2);
                                str4 = "onFail";
                            }
                        } catch (ConnectTimeoutException e3) {
                            LOG.error("Error while waiting to connect to " + connectorConfig3, e3);
                            str4 = "onTimeout";
                        } catch (IOException e4) {
                            LOG.error("Error while calling endpoint. ", e4);
                            str4 = "onFail";
                        }
                    } catch (SocketTimeoutException e5) {
                        LOG.error("Error while waiting for data from " + connectorConfig3, e5);
                        str4 = "onTimeout";
                    } catch (ParseException e6) {
                        LOG.error("Error while parsing response. ", e6);
                        str4 = "onFail";
                    }
                } catch (Exception e7) {
                    str4 = "onFail";
                    LOG.error("Error while generating request.");
                }
                if (str4.equals("onFail") && jSONObject == null) {
                    jSONObject = getErrorJsonObject(Constants.AuthResponseErrorCode.ACCESS_DENIED, "Access is denied. Please contact your administrator.");
                }
                asyncReturn.accept(authenticationContext, jSONObject != null ? jSONObject : Collections.emptyMap(), str4);
            }), map);
        } catch (IdentityEventException e) {
            throw new EntgraConnectorException("Can not retrieve configurations from tenant.", e);
        }
    }

    private HttpPost getTokenRequest(String str, String str2, String str3) {
        HttpPost httpPost = new HttpPost(str);
        String str4 = "Basic " + Base64.getEncoder().encodeToString((str2 + ":" + str3).getBytes(StandardCharsets.UTF_8));
        httpPost.setHeader("Content-Type", Constants.TYPE_APPLICATION_FORM_URLENCODED);
        httpPost.setHeader("Authorization", str4);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair("grant_type", "client_credentials"));
        arrayList.add(new BasicNameValuePair("scope", "default perm:devices:details perm:devices:view"));
        httpPost.setEntity(new UrlEncodedFormEntity(arrayList, StandardCharsets.UTF_8));
        return httpPost;
    }

    private HttpGet getDeviceInfoRequest(String str, String str2) {
        HttpGet httpGet = new HttpGet(str);
        httpGet.setHeader("Accept", Constants.TYPE_APPLICATION_JSON);
        httpGet.setHeader("Authorization", "Bearer " + str2);
        return httpGet;
    }

    private JSONObject getErrorJsonObject(Constants.AuthResponseErrorCode authResponseErrorCode, String str) {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("errorCode", authResponseErrorCode);
        jSONObject.put("errorMessage", str);
        return jSONObject;
    }
}
