package io.jans.as.server.service;

import com.google.common.collect.Lists;
import io.jans.as.model.config.StaticConfiguration;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.server.model.common.AuthorizationGrant;
import io.jans.as.server.model.common.CacheGrant;
import io.jans.as.server.model.ldap.TokenEntity;
import io.jans.as.server.model.ldap.TokenType;
import io.jans.as.server.util.TokenHashUtil;
import io.jans.orm.PersistenceEntryManager;
import io.jans.orm.search.filter.Filter;
import io.jans.service.CacheService;
import io.jans.service.cache.CacheConfiguration;
import jakarta.ejb.Stateless;
import jakarta.inject.Inject;
import jakarta.inject.Named;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import org.apache.commons.lang.BooleanUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;

@Named
@Stateless
/* loaded from: input_file:io/jans/as/server/service/GrantService.class */
public class GrantService {

    @Inject
    private Logger log;

    @Inject
    private PersistenceEntryManager persistenceEntryManager;

    @Inject
    private ClientService clientService;

    @Inject
    private CacheService cacheService;

    @Inject
    private StaticConfiguration staticConfiguration;

    @Inject
    private AppConfiguration appConfiguration;

    @Inject
    private CacheConfiguration cacheConfiguration;

    public static String generateGrantId() {
        return UUID.randomUUID().toString();
    }

    public String buildDn(String str) {
        return String.format("tknCde=%s,", str) + tokenBaseDn();
    }

    private String tokenBaseDn() {
        return this.staticConfiguration.getBaseDn().getTokens();
    }

    public void merge(TokenEntity tokenEntity) {
        this.persistenceEntryManager.merge(tokenEntity);
    }

    public void mergeSilently(TokenEntity tokenEntity) {
        try {
            this.persistenceEntryManager.merge(tokenEntity);
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
        }
    }

    public void persist(TokenEntity tokenEntity) {
        this.persistenceEntryManager.persist(tokenEntity);
    }

    public void remove(TokenEntity tokenEntity) {
        this.persistenceEntryManager.remove(tokenEntity);
        this.log.trace("Removed token from LDAP, code: {}", tokenEntity.getTokenCode());
    }

    public void removeSilently(TokenEntity tokenEntity) {
        try {
            remove(tokenEntity);
            if (StringUtils.isNotBlank(tokenEntity.getAuthorizationCode())) {
                this.cacheService.remove(CacheGrant.cacheKey(tokenEntity.getAuthorizationCode(), tokenEntity.getGrantId()));
            }
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
        }
    }

    public void remove(List<TokenEntity> list) {
        if (list == null || list.isEmpty()) {
            return;
        }
        Iterator<TokenEntity> it = list.iterator();
        while (it.hasNext()) {
            try {
                remove(it.next());
            } catch (Exception e) {
                this.log.error("Failed to remove entry", e);
            }
        }
    }

    public void removeSilently(List<TokenEntity> list) {
        if (list == null || list.isEmpty()) {
            return;
        }
        Iterator<TokenEntity> it = list.iterator();
        while (it.hasNext()) {
            removeSilently(it.next());
        }
    }

    public void remove(AuthorizationGrant authorizationGrant) {
        if (authorizationGrant == null || authorizationGrant.getTokenEntity() == null) {
            return;
        }
        try {
            remove(authorizationGrant.getTokenEntity());
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
        }
    }

    public List<TokenEntity> getGrantsOfClient(String str) {
        try {
            return this.persistenceEntryManager.findEntries(this.clientService.buildClientDn(str), TokenEntity.class, Filter.createPresenceFilter("tknCde"));
        } catch (Exception e) {
            logException(e);
            return Collections.emptyList();
        }
    }

    public TokenEntity getGrantByCode(String str) {
        Object obj = this.cacheService.get(TokenHashUtil.hash(str));
        return obj instanceof TokenEntity ? (TokenEntity) obj : load(buildDn(TokenHashUtil.hash(str)));
    }

    private void logException(Exception exc) {
        if (BooleanUtils.isTrue(this.appConfiguration.getLogNotFoundEntityAsError())) {
            this.log.error(exc.getMessage(), exc);
        } else {
            this.log.trace(exc.getMessage(), exc);
        }
    }

    private TokenEntity load(String str) {
        try {
            return (TokenEntity) this.persistenceEntryManager.find(TokenEntity.class, str);
        } catch (Exception e) {
            logException(e);
            return null;
        }
    }

    public List<TokenEntity> getGrantsByGrantId(String str) {
        try {
            return this.persistenceEntryManager.findEntries(tokenBaseDn(), TokenEntity.class, Filter.createEqualityFilter("grtId", str));
        } catch (Exception e) {
            logException(e);
            return Collections.emptyList();
        }
    }

    public List<TokenEntity> getGrantsByAuthorizationCode(String str) {
        try {
            return this.persistenceEntryManager.findEntries(tokenBaseDn(), TokenEntity.class, Filter.createEqualityFilter("authzCode", TokenHashUtil.hash(str)));
        } catch (Exception e) {
            logException(e);
            return Collections.emptyList();
        }
    }

    public List<TokenEntity> getGrantsBySessionDn(String str) {
        ArrayList arrayList = new ArrayList();
        try {
            List findEntries = this.persistenceEntryManager.findEntries(tokenBaseDn(), TokenEntity.class, Filter.createEqualityFilter("ssnId", str));
            if (findEntries != null) {
                arrayList.addAll(findEntries);
            }
        } catch (Exception e) {
            logException(e);
        }
        return arrayList;
    }

    public void logout(String str) {
        List<TokenEntity> grantsBySessionDn = getGrantsBySessionDn(str);
        filterOutRefreshTokenFromDeletion(grantsBySessionDn);
        removeSilently(grantsBySessionDn);
    }

    public void filterOutRefreshTokenFromDeletion(List<TokenEntity> list) {
        if (BooleanUtils.isTrue(this.appConfiguration.getRemoveRefreshTokensForClientOnLogout())) {
            return;
        }
        ArrayList newArrayList = Lists.newArrayList();
        for (TokenEntity tokenEntity : list) {
            if (tokenEntity.getTokenTypeEnum() == TokenType.REFRESH_TOKEN && !tokenEntity.getAttributes().isOnlineAccess()) {
                newArrayList.add(tokenEntity);
            }
        }
        if (newArrayList.isEmpty()) {
            return;
        }
        this.log.trace("Refresh tokens are not removed on logout (because removeRefreshTokensForClientOnLogout configuration property is false or online_access scope is used).");
        list.removeAll(newArrayList);
    }

    public void removeAllTokensBySession(String str) {
        removeSilently(getGrantsBySessionDn(str));
    }

    public void removeByCode(String str) {
        TokenEntity grantByCode = getGrantByCode(str);
        if (grantByCode != null) {
            removeSilently(grantByCode);
        }
        this.cacheService.remove(CacheGrant.cacheKey(str, null));
    }

    public void removeAuthorizationCode(String str) {
        this.cacheService.remove(CacheGrant.cacheKey(str, null));
    }

    public void removeAllByAuthorizationCode(String str) {
        removeSilently(getGrantsByAuthorizationCode(str));
    }

    public void removeAllByGrantId(String str) {
        removeSilently(getGrantsByGrantId(str));
    }
}
