package io.jans.casa.plugins.acctlinking.vm;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.jans.as.model.util.Base64Util;
import io.jans.casa.conf.OIDCClientSettings;
import io.jans.casa.misc.Utils;
import io.jans.casa.misc.WebUtils;
import io.jans.casa.plugins.acctlinking.AccountsLinkingService;
import io.jans.casa.service.IPersistenceService;
import io.jans.casa.service.ISessionContext;
import io.jans.inbound.oauth2.CodeGrantUtil;
import io.jans.inbound.oauth2.OAuthParams;
import io.jans.service.cache.CacheInterface;
import io.jans.util.Pair;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.util.AbstractMap;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.zkoss.bind.annotation.Init;
import org.zkoss.bind.annotation.QueryParam;
import org.zkoss.util.resource.Labels;
import org.zkoss.zk.ui.Component;
import org.zkoss.zk.ui.Sessions;
import org.zkoss.zk.ui.event.Event;
import org.zkoss.zk.ui.event.EventQueues;
import org.zkoss.zk.ui.select.annotation.WireVariable;

/* loaded from: input_file:io/jans/casa/plugins/acctlinking/vm/SiteRedirectVM.class */
public class SiteRedirectVM {
    private static final String STATE_ATTR = "st";

    @WireVariable
    private ISessionContext sessionContext;
    private String userName;
    private String text;
    private String title;
    private Logger logger = LoggerFactory.getLogger(getClass());
    private AccountsLinkingService als = AccountsLinkingService.getInstance();
    private ObjectMapper mapper = new ObjectMapper();
    private String serverUrl = ((IPersistenceService) Utils.managedBean(IPersistenceService.class)).getIssuerUrl();
    private CacheInterface cache = (CacheInterface) Utils.managedBean(CacheInterface.class);

    public String getText() {
        return this.text;
    }

    public String getTitle() {
        return this.title;
    }

    @Init
    public void init(@QueryParam("provider") String str) {
        try {
            this.logger.debug("Initializing ViewModel");
            this.userName = this.sessionContext.getLoggedUser().getUserName();
            this.title = Labels.getLabel("general.error.general");
            CodeGrantUtil codeGrantUtil = new CodeGrantUtil(makeOAuthParams(this.als.getCasaClient(), str, WebUtils.getServletRequest().getRequestURL().toString()));
            if (Utils.isNotEmpty(str)) {
                this.text = Labels.getLabel("al.link_redirect_failed", new String[]{str});
                String authzRequestRedirectUrl = getAuthzRequestRedirectUrl(codeGrantUtil);
                EventQueues.lookup(AccountsLinkingVM.LINK_QUEUE, "session", true).publish(new Event(AccountsLinkingVM.EVENT_NAME, (Component) null, str));
                WebUtils.execRedirect(authzRequestRedirectUrl, false);
            } else {
                String str2 = (String) Optional.ofNullable(Sessions.getCurrent().getAttribute(STATE_ATTR)).map((v0) -> {
                    return v0.toString();
                }).orElse(null);
                if (str2 == null) {
                    return;
                }
                String parseCode = codeGrantUtil.parseCode((Map) WebUtils.getServletRequest().getParameterMap().entrySet().stream().map(entry -> {
                    String[] strArr = (String[]) entry.getValue();
                    return new AbstractMap.SimpleEntry((String) entry.getKey(), (strArr == null || strArr.length == 0) ? Collections.emptyList() : Arrays.asList(strArr));
                }).collect(Collectors.toMap((v0) -> {
                    return v0.getKey();
                }, (v0) -> {
                    return v0.getValue();
                })), str2);
                this.logger.info("Got an authz code at callback URL");
                codeGrantUtil.getTokenResponse(parseCode);
                this.logger.info("Notifying linking page...");
                EventQueues.lookup(AccountsLinkingVM.LINK_QUEUE, "session", true).publish(new Event(AccountsLinkingVM.EVENT_NAME, (Component) null, (Object) null));
                this.title = Labels.getLabel("al.linking_result.success");
                this.text = Labels.getLabel("al.linking_result.success_close");
            }
        } catch (Exception e) {
            this.text = e.getMessage();
            this.logger.error(this.text, e);
        }
    }

    private String getAuthzRequestRedirectUrl(CodeGrantUtil codeGrantUtil) throws URISyntaxException {
        this.logger.info("Building an agama authentication request");
        Pair<String, String> makeAuthzRequest = codeGrantUtil.makeAuthzRequest();
        Sessions.getCurrent().setAttribute(STATE_ATTR, makeAuthzRequest.getSecond());
        return (String) makeAuthzRequest.getFirst();
    }

    private OAuthParams makeOAuthParams(OIDCClientSettings oIDCClientSettings, String str, String str2) {
        OAuthParams oAuthParams = new OAuthParams();
        oAuthParams.setAuthzEndpoint(this.serverUrl + "/jans-auth/restv1/authorize");
        oAuthParams.setTokenEndpoint(this.serverUrl + "/jans-auth/restv1/token");
        oAuthParams.setClientId(oIDCClientSettings.getClientId());
        oAuthParams.setClientSecret(oIDCClientSettings.getClientSecret());
        oAuthParams.setScopes(Collections.singletonList("openid"));
        oAuthParams.setRedirectUri(str2);
        HashMap hashMap = new HashMap();
        if (str != null) {
            AccountsLinkingService accountsLinkingService = this.als;
            hashMap.put("acr_values", "agama_" + AccountsLinkingService.CASA_AGAMA_FLOW + "-" + buildFlowParams(str));
        }
        hashMap.put("prompt", "login");
        oAuthParams.setCustParamsAuthReq(hashMap);
        return oAuthParams;
    }

    private String buildFlowParams(String str) {
        String str2 = Math.random();
        int intValue = Long.valueOf(AccountsLinkingVM.ENROLL_TIME_MS).intValue() / 1000;
        this.logger.debug("Writing uid ref to cache");
        this.cache.put(2 * intValue, str2, this.userName);
        String str3 = null;
        try {
            str3 = Base64Util.base64urlencode(this.mapper.writeValueAsString(Map.of("providerId", str, "uidRef", str2)).getBytes(StandardCharsets.UTF_8));
        } catch (JsonProcessingException e) {
            this.logger.error(e.getMessage());
        }
        return str3;
    }
}
