package org.wso2.micro.integrator.management.apis;

import com.nimbusds.jose.JOSEException;
import java.security.NoSuchAlgorithmException;
import java.util.Date;
import java.util.HashSet;
import java.util.Set;
import java.util.UUID;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.MessageContext;
import org.apache.synapse.config.SynapseConfiguration;
import org.json.JSONObject;
import org.wso2.micro.core.util.AuditLogger;
import org.wso2.micro.integrator.management.apis.security.handler.AuthConstants;
import org.wso2.micro.integrator.management.apis.security.handler.JWTConfig;
import org.wso2.micro.integrator.management.apis.security.handler.JWTInMemoryTokenStore;
import org.wso2.micro.integrator.management.apis.security.handler.JWTTokenCleanupTask;
import org.wso2.micro.integrator.management.apis.security.handler.JWTTokenGenerator;
import org.wso2.micro.integrator.management.apis.security.handler.JWTTokenInfoDTO;
import org.wso2.micro.integrator.management.apis.security.handler.SecurityUtils;
import org.wso2.micro.integrator.security.user.api.UserStoreException;

/* loaded from: input_file:org/wso2/micro/integrator/management/apis/LoginResource.class */
public class LoginResource implements MiApiResource {
    private static final Log LOG = LogFactory.getLog(LoginResource.class);
    Set<String> methods = new HashSet();

    public LoginResource() {
        this.methods.add(Constants.HTTP_GET);
    }

    @Override // org.wso2.micro.integrator.management.apis.MiApiResource
    public Set<String> getMethods() {
        return this.methods;
    }

    @Override // org.wso2.micro.integrator.management.apis.MiApiResource
    public boolean invoke(MessageContext messageContext, org.apache.axis2.context.MessageContext messageContext2, SynapseConfiguration synapseConfiguration) {
        if (!JWTConfig.getInstance().getJwtConfigDto().isJwtHandlerEngaged()) {
            LOG.error("/Login is accessible only when JWT based auth handler is engaged");
            handleServerError(messageContext2, "Login is accessible only when JWT based auth handler is engaged");
            return true;
        }
        JWTInMemoryTokenStore jWTInMemoryTokenStore = JWTInMemoryTokenStore.getInstance(JWTConfig.getInstance().getJwtConfigDto().getTokenStoreSize());
        String uuid = UUID.randomUUID().toString();
        String obj = messageContext.getProperty(Constants.USERNAME_PROPERTY).toString();
        JWTTokenInfoDTO jWTTokenInfoDTO = new JWTTokenInfoDTO(obj);
        jWTTokenInfoDTO.setToken(uuid);
        try {
            if (SecurityUtils.isAdmin(obj)) {
                jWTTokenInfoDTO.setScope(AuthConstants.JWT_TOKEN_ADMIN_SCOPE);
            } else {
                jWTTokenInfoDTO.setScope(AuthConstants.JWT_TOKEN_DEFAULT_SCOPE);
            }
            jWTTokenInfoDTO.setIssuer((String) messageContext2.getProperty("SERVICE_PREFIX"));
            long currentTimeMillis = System.currentTimeMillis();
            String expiry = JWTConfig.getInstance().getJwtConfigDto().getExpiry();
            jWTTokenInfoDTO.setLastAccess(currentTimeMillis);
            long j = 60;
            if (!StringUtils.isEmpty(expiry)) {
                j = Long.parseLong(expiry);
            }
            jWTTokenInfoDTO.setExpiry(currentTimeMillis + (j * 1000));
            try {
                String populateJWTToken = populateJWTToken(jWTTokenInfoDTO);
                jWTTokenInfoDTO.setHash(populateJWTToken);
                if (!jWTInMemoryTokenStore.putToken(populateJWTToken, jWTTokenInfoDTO)) {
                    handleServerError(messageContext2, "Max concurrent access limit exceeded");
                    return true;
                }
                JSONObject jSONObject = new JSONObject();
                jSONObject.put(AuthConstants.RESPONSE_JSON_TOKEN_FIELD, populateJWTToken);
                Utils.setJsonPayLoad(messageContext2, jSONObject);
                messageContext2.removeProperty("NO_ENTITY_BODY");
                JWTTokenCleanupTask.startCleanupTask();
                AuditLogger.logAuditMessage(obj + " logged in at [" + new Date(currentTimeMillis).toString() + "]");
                return true;
            } catch (NoSuchAlgorithmException e) {
                LOG.error("Error occurred while generating key pairs", e);
                handleServerError(messageContext2, "Error occurred while generating key pairs");
                return true;
            } catch (JOSEException e2) {
                LOG.error("Error occurred while generating JWT token", e2);
                handleServerError(messageContext2, "Error occurred while generating JWT token");
                return true;
            }
        } catch (UserStoreException e3) {
            LOG.error("Error occurred authenticating user.", e3);
            handleServerError(messageContext2, "Error occurred authenticating user.");
            return true;
        }
    }

    public String populateJWTToken(JWTTokenInfoDTO jWTTokenInfoDTO) throws JOSEException, NoSuchAlgorithmException {
        return new JWTTokenGenerator().generateJWTToken(jWTTokenInfoDTO);
    }

    private void handleServerError(org.apache.axis2.context.MessageContext messageContext, String str) {
        Utils.setJsonPayLoad(messageContext, Utils.createJsonErrorObject(str));
        messageContext.setProperty("HTTP_SC", Constants.INTERNAL_SERVER_ERROR);
        messageContext.removeProperty("NO_ENTITY_BODY");
    }
}
