package io.jans.as.server.model.common;

import io.jans.as.common.model.common.User;
import io.jans.as.common.model.registration.Client;
import io.jans.as.common.service.common.UserService;
import io.jans.as.model.authzdetails.AuthzDetails;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.model.crypto.AbstractCryptoProvider;
import io.jans.as.model.util.Util;
import io.jans.as.server.model.authorize.JwtAuthorizationRequest;
import io.jans.as.server.service.ClientService;
import io.jans.as.server.service.GrantService;
import io.jans.as.server.service.MetricService;
import io.jans.as.server.util.TokenHashUtil;
import io.jans.model.metric.MetricType;
import io.jans.model.token.TokenEntity;
import io.jans.model.token.TokenType;
import io.jans.service.CacheService;
import io.jans.util.StringHelper;
import jakarta.enterprise.context.Dependent;
import jakarta.enterprise.inject.Instance;
import jakarta.inject.Inject;
import java.lang.annotation.Annotation;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang.BooleanUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;

@Dependent
/* loaded from: input_file:io/jans/as/server/model/common/AuthorizationGrantList.class */
public class AuthorizationGrantList implements IAuthorizationGrantList {

    @Inject
    private Logger log;

    @Inject
    private Instance<AbstractAuthorizationGrant> grantInstance;

    @Inject
    private GrantService grantService;

    @Inject
    private UserService userService;

    @Inject
    private ClientService clientService;

    @Inject
    private AppConfiguration appConfiguration;

    @Inject
    private CacheService cacheService;

    @Inject
    private AbstractCryptoProvider cryptoProvider;

    @Inject
    private MetricService metricService;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: io.jans.as.server.model.common.AuthorizationGrantList$1, reason: invalid class name */
    /* loaded from: input_file:io/jans/as/server/model/common/AuthorizationGrantList$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$io$jans$model$token$TokenType = new int[TokenType.values().length];

        static {
            try {
                $SwitchMap$io$jans$model$token$TokenType[TokenType.AUTHORIZATION_CODE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$io$jans$model$token$TokenType[TokenType.REFRESH_TOKEN.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$io$jans$model$token$TokenType[TokenType.ACCESS_TOKEN.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$io$jans$model$token$TokenType[TokenType.ID_TOKEN.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$io$jans$model$token$TokenType[TokenType.LONG_LIVED_ACCESS_TOKEN.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            $SwitchMap$io$jans$as$server$model$common$AuthorizationGrantType = new int[AuthorizationGrantType.values().length];
            try {
                $SwitchMap$io$jans$as$server$model$common$AuthorizationGrantType[AuthorizationGrantType.AUTHORIZATION_CODE.ordinal()] = 1;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$io$jans$as$server$model$common$AuthorizationGrantType[AuthorizationGrantType.CLIENT_CREDENTIALS.ordinal()] = 2;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$io$jans$as$server$model$common$AuthorizationGrantType[AuthorizationGrantType.IMPLICIT.ordinal()] = 3;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$io$jans$as$server$model$common$AuthorizationGrantType[AuthorizationGrantType.RESOURCE_OWNER_PASSWORD_CREDENTIALS.ordinal()] = 4;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$io$jans$as$server$model$common$AuthorizationGrantType[AuthorizationGrantType.CIBA.ordinal()] = 5;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$io$jans$as$server$model$common$AuthorizationGrantType[AuthorizationGrantType.DEVICE_CODE.ordinal()] = 6;
            } catch (NoSuchFieldError e11) {
            }
            try {
                $SwitchMap$io$jans$as$server$model$common$AuthorizationGrantType[AuthorizationGrantType.TOKEN_EXCHANGE.ordinal()] = 7;
            } catch (NoSuchFieldError e12) {
            }
        }
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public void removeAuthorizationGrants(List<AuthorizationGrant> list) {
        if (list == null || list.isEmpty()) {
            return;
        }
        Iterator<AuthorizationGrant> it = list.iterator();
        while (it.hasNext()) {
            this.grantService.remove(it.next());
        }
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public AuthorizationGrant createAuthorizationGrant(User user, Client client, Date date) {
        AuthorizationGrant authorizationGrant = (AuthorizationGrant) this.grantInstance.select(SimpleAuthorizationGrant.class, new Annotation[0]).get();
        authorizationGrant.init(user, null, client, date);
        return authorizationGrant;
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public AuthorizationCodeGrant createAuthorizationCodeGrant(User user, Client client, Date date) {
        AuthorizationCodeGrant authorizationCodeGrant = (AuthorizationCodeGrant) this.grantInstance.select(AuthorizationCodeGrant.class, new Annotation[0]).get();
        authorizationCodeGrant.init(user, client, date);
        CacheGrant cacheGrant = new CacheGrant(authorizationCodeGrant, this.appConfiguration);
        this.cacheService.put(authorizationCodeGrant.getAuthorizationCode().getExpiresIn(), cacheGrant.cacheKey(), cacheGrant);
        this.log.trace("Put authorization grant in cache, code: {}, clientId: {}", Util.escapeLog(authorizationCodeGrant.getAuthorizationCode().getCode()), Util.escapeLog(authorizationCodeGrant.getClientId()));
        this.metricService.incCounter(MetricType.TOKEN_AUTHORIZATION_CODE_COUNT);
        return authorizationCodeGrant;
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public ImplicitGrant createImplicitGrant(User user, Client client, Date date) {
        ImplicitGrant implicitGrant = (ImplicitGrant) this.grantInstance.select(ImplicitGrant.class, new Annotation[0]).get();
        implicitGrant.init(user, client, date);
        return implicitGrant;
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public ClientCredentialsGrant createClientCredentialsGrant(User user, Client client) {
        ClientCredentialsGrant clientCredentialsGrant = (ClientCredentialsGrant) this.grantInstance.select(ClientCredentialsGrant.class, new Annotation[0]).get();
        clientCredentialsGrant.init(user, client);
        return clientCredentialsGrant;
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public ResourceOwnerPasswordCredentialsGrant createResourceOwnerPasswordCredentialsGrant(User user, Client client) {
        ResourceOwnerPasswordCredentialsGrant resourceOwnerPasswordCredentialsGrant = (ResourceOwnerPasswordCredentialsGrant) this.grantInstance.select(ResourceOwnerPasswordCredentialsGrant.class, new Annotation[0]).get();
        resourceOwnerPasswordCredentialsGrant.init(user, client);
        return resourceOwnerPasswordCredentialsGrant;
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public TokenExchangeGrant createTokenExchangeGrant(User user, Client client) {
        TokenExchangeGrant tokenExchangeGrant = (TokenExchangeGrant) this.grantInstance.select(TokenExchangeGrant.class, new Annotation[0]).get();
        tokenExchangeGrant.init(user, client);
        return tokenExchangeGrant;
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public CIBAGrant createCIBAGrant(CibaRequestCacheControl cibaRequestCacheControl) {
        CIBAGrant cIBAGrant = (CIBAGrant) this.grantInstance.select(CIBAGrant.class, new Annotation[0]).get();
        cIBAGrant.init(cibaRequestCacheControl);
        CacheGrant cacheGrant = new CacheGrant(cIBAGrant, this.appConfiguration);
        this.cacheService.put(cibaRequestCacheControl.getExpiresIn(), cacheGrant.getAuthReqId(), cacheGrant);
        this.log.trace("Ciba grant saved in cache, authReqId: {}, grantId: {}", Util.escapeLog(cIBAGrant.getAuthReqId()), Util.escapeLog(cIBAGrant.getGrantId()));
        return cIBAGrant;
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public CIBAGrant getCIBAGrant(String str) {
        Object obj = this.cacheService.get(str);
        if (obj == null) {
            obj = this.cacheService.get(str);
            this.log.trace("Failed to fetch CIBA grant from cache, authReqId: {}", Util.escapeLog(str));
        }
        if (obj instanceof CacheGrant) {
            return ((CacheGrant) obj).asCibaGrant(this.grantInstance);
        }
        return null;
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public DeviceCodeGrant createDeviceGrant(DeviceAuthorizationCacheControl deviceAuthorizationCacheControl, User user) {
        DeviceCodeGrant deviceCodeGrant = (DeviceCodeGrant) this.grantInstance.select(DeviceCodeGrant.class, new Annotation[0]).get();
        deviceCodeGrant.init(deviceAuthorizationCacheControl, user);
        CacheGrant cacheGrant = new CacheGrant(deviceCodeGrant, this.appConfiguration);
        this.cacheService.put(deviceAuthorizationCacheControl.getExpiresIn(), cacheGrant.getDeviceCode(), cacheGrant);
        this.log.trace("Device code grant saved in cache, deviceCode: {}, grantId: {}", Util.escapeLog(deviceCodeGrant.getDeviceCode()), Util.escapeLog(deviceCodeGrant.getGrantId()));
        return deviceCodeGrant;
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public DeviceCodeGrant getDeviceCodeGrant(String str) {
        Object obj = this.cacheService.get(str);
        if (obj == null) {
            obj = this.cacheService.get(str);
            this.log.trace("Failed to fetch Device code grant from cache, deviceCode: {}", Util.escapeLog(str));
        }
        if (obj instanceof CacheGrant) {
            return ((CacheGrant) obj).asDeviceCodeGrant(this.grantInstance);
        }
        return null;
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public AuthorizationCodeGrant getAuthorizationCodeGrant(String str) {
        Object obj = this.cacheService.get(CacheGrant.cacheKey(str, null));
        if (obj == null) {
            obj = this.cacheService.get(CacheGrant.cacheKey(str, null));
            this.log.trace("Failed to fetch authorization grant from cache, code: {}", Util.escapeLog(str));
        }
        if (obj instanceof CacheGrant) {
            return ((CacheGrant) obj).asCodeGrant(this.grantInstance);
        }
        return null;
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public AuthorizationGrant getAuthorizationGrantByRefreshToken(String str, String str2) {
        return BooleanUtils.isFalse(this.appConfiguration.getPersistRefreshToken()) ? assertTokenType((TokenEntity) this.cacheService.get(TokenHashUtil.hash(str2)), TokenType.REFRESH_TOKEN, str) : assertTokenType(this.grantService.getGrantByCode(str2), TokenType.REFRESH_TOKEN, str);
    }

    public AuthorizationGrant assertTokenType(TokenEntity tokenEntity, TokenType tokenType, String str) {
        AuthorizationGrant asGrant;
        if (tokenEntity == null || tokenEntity.getTokenTypeEnum() != tokenType || (asGrant = asGrant(tokenEntity)) == null || !asGrant.getClientId().equals(str)) {
            return null;
        }
        return asGrant;
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public List<AuthorizationGrant> getAuthorizationGrant(String str) {
        ArrayList arrayList = new ArrayList();
        try {
            Iterator it = new ArrayList(this.grantService.getGrantsOfClient(str)).iterator();
            while (it.hasNext()) {
                AuthorizationGrant asGrant = asGrant((TokenEntity) it.next());
                if (asGrant != null) {
                    arrayList.add(asGrant);
                }
            }
        } catch (Exception e) {
            this.log.trace(e.getMessage(), e);
        }
        return arrayList;
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public AuthorizationGrant getAuthorizationGrantByAccessToken(String str) {
        TokenEntity grantByCode = this.grantService.getGrantByCode(str);
        if (grantByCode == null) {
            return null;
        }
        if (grantByCode.getTokenTypeEnum() == TokenType.ACCESS_TOKEN || grantByCode.getTokenTypeEnum() == TokenType.LONG_LIVED_ACCESS_TOKEN) {
            return asGrant(grantByCode);
        }
        return null;
    }

    @Override // io.jans.as.server.model.common.IAuthorizationGrantList
    public AuthorizationGrant getAuthorizationGrantByIdToken(String str) {
        TokenEntity grantByCode;
        if (StringUtils.isBlank(str) || (grantByCode = this.grantService.getGrantByCode(str)) == null || grantByCode.getTokenTypeEnum() != TokenType.ID_TOKEN) {
            return null;
        }
        return asGrant(grantByCode);
    }

    public AuthorizationGrant asGrant(TokenEntity tokenEntity) {
        AuthorizationGrantType fromString;
        AuthorizationGrant authorizationGrant;
        if (tokenEntity == null || (fromString = AuthorizationGrantType.fromString(tokenEntity.getGrantType())) == null) {
            return null;
        }
        String userId = tokenEntity.getUserId();
        User user = null;
        if (StringHelper.isNotEmpty(userId)) {
            user = this.userService.getUser(userId, new String[0]);
        }
        Client client = this.clientService.getClient(tokenEntity.getClientId());
        Date authenticationTime = tokenEntity.getAuthenticationTime();
        String nonce = tokenEntity.getNonce();
        switch (fromString) {
            case AUTHORIZATION_CODE:
                AuthorizationCodeGrant authorizationCodeGrant = (AuthorizationCodeGrant) this.grantInstance.select(AuthorizationCodeGrant.class, new Annotation[0]).get();
                authorizationCodeGrant.init(user, client, authenticationTime);
                authorizationGrant = authorizationCodeGrant;
                break;
            case CLIENT_CREDENTIALS:
                ClientCredentialsGrant clientCredentialsGrant = (ClientCredentialsGrant) this.grantInstance.select(ClientCredentialsGrant.class, new Annotation[0]).get();
                clientCredentialsGrant.init(user, client);
                authorizationGrant = clientCredentialsGrant;
                break;
            case IMPLICIT:
                ImplicitGrant implicitGrant = (ImplicitGrant) this.grantInstance.select(ImplicitGrant.class, new Annotation[0]).get();
                implicitGrant.init(user, client, authenticationTime);
                authorizationGrant = implicitGrant;
                break;
            case RESOURCE_OWNER_PASSWORD_CREDENTIALS:
                ResourceOwnerPasswordCredentialsGrant resourceOwnerPasswordCredentialsGrant = (ResourceOwnerPasswordCredentialsGrant) this.grantInstance.select(ResourceOwnerPasswordCredentialsGrant.class, new Annotation[0]).get();
                resourceOwnerPasswordCredentialsGrant.init(user, client);
                authorizationGrant = resourceOwnerPasswordCredentialsGrant;
                break;
            case CIBA:
                AuthorizationGrant authorizationGrant2 = (CIBAGrant) this.grantInstance.select(CIBAGrant.class, new Annotation[0]).get();
                authorizationGrant2.init(user, AuthorizationGrantType.CIBA, client, tokenEntity.getCreationDate());
                authorizationGrant = authorizationGrant2;
                break;
            case DEVICE_CODE:
                AuthorizationGrant authorizationGrant3 = (DeviceCodeGrant) this.grantInstance.select(DeviceCodeGrant.class, new Annotation[0]).get();
                authorizationGrant3.init(user, AuthorizationGrantType.DEVICE_CODE, client, tokenEntity.getCreationDate());
                authorizationGrant = authorizationGrant3;
                break;
            case TOKEN_EXCHANGE:
                AuthorizationGrant authorizationGrant4 = (TokenExchangeGrant) this.grantInstance.select(TokenExchangeGrant.class, new Annotation[0]).get();
                authorizationGrant4.init(user, AuthorizationGrantType.TOKEN_EXCHANGE, client, tokenEntity.getCreationDate());
                authorizationGrant = authorizationGrant4;
                break;
            default:
                return null;
        }
        String grantId = tokenEntity.getGrantId();
        String jwtRequest = tokenEntity.getJwtRequest();
        String authMode = tokenEntity.getAuthMode();
        String sessionDn = tokenEntity.getSessionDn();
        String claims = tokenEntity.getClaims();
        authorizationGrant.setTokenBindingHash(tokenEntity.getTokenBindingHash());
        authorizationGrant.setNonce(nonce);
        authorizationGrant.setX5ts256(tokenEntity.getAttributes().getX5cs256());
        authorizationGrant.setDpopJkt(tokenEntity.getAttributes().getDpopJkt());
        authorizationGrant.setTokenEntity(tokenEntity);
        if (StringUtils.isNotBlank(grantId)) {
            authorizationGrant.setGrantId(grantId);
        }
        authorizationGrant.setScopes(Util.splittedStringAsList(tokenEntity.getScope(), " "));
        authorizationGrant.setAuthzDetails(AuthzDetails.ofSilently(tokenEntity.getAttributes().getAuthorizationDetails()));
        authorizationGrant.setCodeChallenge(tokenEntity.getCodeChallenge());
        authorizationGrant.setCodeChallengeMethod(tokenEntity.getCodeChallengeMethod());
        if (StringUtils.isNotBlank(jwtRequest)) {
            try {
                authorizationGrant.setJwtAuthorizationRequest(new JwtAuthorizationRequest(this.appConfiguration, this.cryptoProvider, jwtRequest, client));
            } catch (Exception e) {
                this.log.trace(e.getMessage(), e);
            }
        }
        authorizationGrant.setAcrValues(authMode);
        authorizationGrant.setSessionDn(sessionDn);
        authorizationGrant.setClaims(claims);
        if (tokenEntity.getTokenTypeEnum() != null) {
            switch (AnonymousClass1.$SwitchMap$io$jans$model$token$TokenType[tokenEntity.getTokenTypeEnum().ordinal()]) {
                case 1:
                    if (authorizationGrant instanceof AuthorizationCodeGrant) {
                        AuthorizationCode authorizationCode = new AuthorizationCode(tokenEntity.getTokenCode(), tokenEntity.getCreationDate(), tokenEntity.getExpirationDate());
                        AuthorizationCodeGrant authorizationCodeGrant2 = (AuthorizationCodeGrant) authorizationGrant;
                        authorizationCode.setX5ts256(authorizationCodeGrant2.getX5ts256());
                        authorizationCodeGrant2.setAuthorizationCode(authorizationCode);
                        break;
                    }
                    break;
                case 2:
                    RefreshToken refreshToken = new RefreshToken(tokenEntity.getTokenCode(), tokenEntity.getCreationDate(), tokenEntity.getExpirationDate());
                    refreshToken.setX5ts256(authorizationGrant.getX5ts256());
                    authorizationGrant.setRefreshTokens(Collections.singletonList(refreshToken));
                    break;
                case 3:
                    AccessToken accessToken = new AccessToken(tokenEntity.getTokenCode(), tokenEntity.getCreationDate(), tokenEntity.getExpirationDate());
                    accessToken.setDpop(tokenEntity.getDpop());
                    accessToken.setX5ts256(authorizationGrant.getX5ts256());
                    authorizationGrant.setAccessTokens(Collections.singletonList(accessToken));
                    break;
                case 4:
                    IdToken idToken = new IdToken(tokenEntity.getTokenCode(), tokenEntity.getCreationDate(), tokenEntity.getExpirationDate());
                    idToken.setX5ts256(authorizationGrant.getX5ts256());
                    authorizationGrant.setIdToken(idToken);
                    break;
                case 5:
                    AccessToken accessToken2 = new AccessToken(tokenEntity.getTokenCode(), tokenEntity.getCreationDate(), tokenEntity.getExpirationDate());
                    accessToken2.setX5ts256(authorizationGrant.getX5ts256());
                    authorizationGrant.setLongLivedAccessToken(accessToken2);
                    break;
            }
        }
        return authorizationGrant;
    }
}
