package io.jans.casa.plugins.bioid.vm;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.nimbusds.oauth2.sdk.GeneralException;
import io.jans.casa.conf.OIDCClientSettings;
import io.jans.casa.core.pojo.User;
import io.jans.casa.misc.Utils;
import io.jans.casa.misc.WebUtils;
import io.jans.casa.plugins.bioid.BioIdService;
import io.jans.casa.service.IPersistenceService;
import io.jans.casa.service.ISessionContext;
import io.jans.inbound.oauth2.CodeGrantUtil;
import io.jans.inbound.oauth2.OAuthParams;
import io.jans.util.Pair;
import java.net.URISyntaxException;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.zkoss.bind.annotation.Init;
import org.zkoss.bind.annotation.QueryParam;
import org.zkoss.util.resource.Labels;
import org.zkoss.zk.ui.Sessions;

/* loaded from: input_file:io/jans/casa/plugins/bioid/vm/RedirectViewModel.class */
public class RedirectViewModel {
    private String text;
    private String title;
    private Logger logger = LoggerFactory.getLogger(getClass());
    private BioIdService bis = BioIdService.getInstance();
    private String serverUrl = ((IPersistenceService) Utils.managedBean(IPersistenceService.class)).getIssuerUrl();
    private ISessionContext sessionContext = (ISessionContext) Utils.managedBean(ISessionContext.class);
    private User user = this.sessionContext.getLoggedUser();
    private ObjectMapper mapper = new ObjectMapper();

    public String getText() {
        return this.text;
    }

    public String getTitle() {
        return this.title;
    }

    @Init
    public void init(@QueryParam("start") String str) {
        try {
            String storeBioIdCode = storeBioIdCode();
            String stringBuffer = WebUtils.getServletRequest().getRequestURL().toString();
            this.title = Labels.getLabel("general.error.general");
            CodeGrantUtil codeGrantUtil = new CodeGrantUtil(makeOAuthParams(this.bis.getCasaClient(), storeBioIdCode, stringBuffer));
            if (Utils.isNotEmpty(str)) {
                WebUtils.execRedirect(getAuthzRequestRedirectUrl(codeGrantUtil), false);
            } else {
                String str2 = (String) Optional.ofNullable(Sessions.getCurrent().getAttribute("st")).map((v0) -> {
                    return v0.toString();
                }).orElse(null);
                if (str2 == null) {
                    return;
                }
                Map parameterMap = WebUtils.getServletRequest().getParameterMap();
                for (Map.Entry entry : parameterMap.entrySet()) {
                    this.logger.info("Key: " + ((String) entry.getKey()) + ", value: " + Arrays.toString((Object[]) entry.getValue()));
                }
                if (!((String[]) parameterMap.get("state"))[0].equals(str2)) {
                    throw new GeneralException("State mismatch");
                }
                this.title = Labels.getLabel("bioid_success");
                this.text = Labels.getLabel("bioid_close");
            }
        } catch (Exception e) {
            this.text = e.getMessage();
            this.logger.error(this.text, e);
        }
    }

    private String storeBioIdCode() {
        String generateBioIdCode = this.bis.generateBioIdCode((byte) 25);
        HashMap hashMap = new HashMap();
        hashMap.put("code", generateBioIdCode);
        hashMap.put("expiration", Long.valueOf(new Date().getTime() + 60000));
        this.bis.setBioIdCode(this.user.getId(), hashMap);
        this.logger.debug("BioID code stored successfully");
        return generateBioIdCode;
    }

    private OAuthParams makeOAuthParams(OIDCClientSettings oIDCClientSettings, String str, String str2) {
        OAuthParams oAuthParams = new OAuthParams();
        oAuthParams.setAuthzEndpoint(this.serverUrl + "/jans-auth/restv1/authorize");
        oAuthParams.setTokenEndpoint(this.serverUrl + "/jans-auth/restv1/token");
        oAuthParams.setClientId(oIDCClientSettings.getClientId());
        oAuthParams.setClientSecret(oIDCClientSettings.getClientSecret());
        oAuthParams.setScopes(Collections.singletonList("openid"));
        oAuthParams.setRedirectUri(str2);
        HashMap hashMap = new HashMap();
        hashMap.put("acr_values", "agama");
        hashMap.put("agama_flow", makeAgamaFlowParam(str));
        hashMap.put("prompt", "login");
        oAuthParams.setCustParamsAuthReq(hashMap);
        return oAuthParams;
    }

    private String getAuthzRequestRedirectUrl(CodeGrantUtil codeGrantUtil) throws URISyntaxException {
        this.logger.info("Building an agama authentication request");
        Pair<String, String> makeAuthzRequest = codeGrantUtil.makeAuthzRequest();
        Sessions.getCurrent().setAttribute("st", makeAuthzRequest.getSecond());
        return (String) makeAuthzRequest.getFirst();
    }

    private String makeAgamaFlowParam(String str) {
        String str2 = null;
        try {
            str2 = this.mapper.writeValueAsString(Map.of("bioid_enrollment_code", str, "login_hint", this.user.getUserName()));
        } catch (Exception e) {
            this.logger.error(e.getMessage());
        }
        return "io.jans.agama.bioid.enroll-" + str2;
    }
}
