package io.jans.idp.keycloak.util;

import com.fasterxml.jackson.databind.JsonNode;
import io.jans.idp.keycloak.config.JansConfigSource;
import jakarta.ws.rs.WebApplicationException;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringUtils;
import org.apache.http.impl.client.HttpClientBuilder;
import org.keycloak.broker.provider.util.SimpleHttp;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/jans/idp/keycloak/util/JansUtil.class */
public class JansUtil {
    private static Logger logger = LoggerFactory.getLogger(JansUtil.class);
    private JansConfigSource jansConfigSource = new JansConfigSource();
    private Map<String, String> configProperties;

    public JansUtil() {
        this.configProperties = null;
        logger.debug("\nJ ansUtil() - Getting properties");
        this.configProperties = this.jansConfigSource.getProperties();
        if (this.configProperties == null || this.configProperties.isEmpty()) {
            throw new WebApplicationException("Config properties is null!!!");
        }
    }

    public String getTokenEndpoint() {
        logger.debug("\n JansUtil::getTokenEndpoint() - configProperties.get(Constants.AUTH_TOKEN_ENDPOINT)():{}", this.configProperties.get(Constants.AUTH_TOKEN_ENDPOINT));
        return this.configProperties.get(Constants.AUTH_TOKEN_ENDPOINT);
    }

    public String getScimUserEndpoint() {
        logger.debug(" \n JansUtil::getScimUserEndpoint() - configProperties.get(Constants.SCIM_USER_ENDPOINT)():{}", this.configProperties.get(Constants.SCIM_USER_ENDPOINT));
        return this.configProperties.get(Constants.SCIM_USER_ENDPOINT);
    }

    public String getScimUserSearchEndpoint() {
        logger.debug("\n JansUtil::getScimUserSearchEndpoint() - configProperties.get(Constants.SCIM_USER_SEARCH_ENDPOINT)():{}", this.configProperties.get(Constants.SCIM_USER_SEARCH_ENDPOINT));
        return this.configProperties.get(Constants.SCIM_USER_SEARCH_ENDPOINT);
    }

    public String getClientId() {
        logger.debug(" \n JansUtil::getClientId() - configProperties.get(Constants.KEYCLOAK_SCIM_CLIENT_ID)():{}", this.configProperties.get(Constants.KEYCLOAK_SCIM_CLIENT_ID));
        return this.configProperties.get(Constants.KEYCLOAK_SCIM_CLIENT_ID);
    }

    public String getClientPassword() {
        logger.debug(" \n JansUtil::getClientPassword() - configProperties.get(Constants.KEYCLOAK_SCIM_CLIENT_PASSWORD)():{}", this.configProperties.get(Constants.KEYCLOAK_SCIM_CLIENT_PASSWORD));
        return this.configProperties.get(Constants.KEYCLOAK_SCIM_CLIENT_PASSWORD);
    }

    public String getScimOauthScope() {
        logger.debug(" \n  JansUtil::getScimOauthScope() - configProperties.get(Constants.SCIM_OAUTH_SCOPE)():{}", this.configProperties.get(Constants.SCIM_OAUTH_SCOPE));
        return this.configProperties.get(Constants.SCIM_OAUTH_SCOPE);
    }

    public String requestScimAccessToken() throws IOException {
        logger.info(" \n JansUtil::requestScimAccessToken() ");
        ArrayList arrayList = new ArrayList();
        arrayList.add(getScimOauthScope());
        String requestAccessToken = requestAccessToken(getClientId(), arrayList);
        logger.info("JansUtil::requestScimAccessToken() - token:{} ", requestAccessToken);
        return requestAccessToken;
    }

    public String requestAccessToken(String str, List<String> list) throws IOException {
        logger.info("JansUtil::requestAccessToken() - Request for AccessToken - clientId:{}, scope:{} ", str, list);
        String accessToken = getAccessToken(getTokenEndpoint(), str, list);
        logger.info("JansUtil::requestAccessToken() - oAuth AccessToken response - token:{}", accessToken);
        return accessToken;
    }

    public String getAccessToken(String str, String str2, List<String> list) throws IOException {
        logger.info("JansUtil::getAccessToken() - Access Token Request - tokenUrl:{}, clientId:{}, scopes:{}", new Object[]{str, str2, list});
        String clientPassword = getClientPassword();
        logger.info("JansUtil::getAccessToken() - Access Token Request - clientId:{}, clientSecret:{}", str2, clientPassword);
        HashSet hashSet = new HashSet(list);
        StringBuilder sb = new StringBuilder(Constants.SCOPE_TYPE_OPENID);
        Iterator it = hashSet.iterator();
        while (it.hasNext()) {
            sb.append(" ").append((String) it.next());
        }
        logger.info("JansUtil::getAccessToken() - Scope required  - {}", sb);
        String requestAccessToken = requestAccessToken(str, str2, clientPassword, sb.toString(), Constants.CLIENT_CREDENTIALS, Constants.CLIENT_SECRET_BASIC, "application/x-www-form-urlencoded");
        logger.info("JansUtil::getAccessToken() - Final token token  - {}", requestAccessToken);
        return requestAccessToken;
    }

    public String requestAccessToken(String str, String str2, String str3, String str4, String str5, String str6, String str7) throws IOException {
        logger.info("JansUtil::requestAccessToken() - Request for Access Token -  tokenUrl:{}, clientId:{}, clientSecret:{}, scope:{}, grantType:{}, authenticationMethod:{}, mediaType:{}", new Object[]{str, str2, str3, str4, str5, str6, str7});
        String str8 = null;
        try {
            logger.info(" JansUtil::requestAccessToken() - this.getEncodedCredentials():{}", getEncodedCredentials(str2, str3));
            JsonNode asJson = SimpleHttp.doPost(str, HttpClientBuilder.create().build()).header("Authorization", "Basic " + getEncodedCredentials(str2, str3)).header("Content-Type", str7).param("grant_type", Constants.CLIENT_CREDENTIALS).param("username", str2 + ":" + str3).param("scope", str4).param("client_id", str2).param("client_secret", str3).param("authorization_method", Constants.CLIENT_SECRET_BASIC).asJson();
            logger.info("\n JansUtil::requestAccessToken() - POST Request for Access Token -  jsonNode:{} ", asJson);
            str8 = getToken(asJson);
            logger.info("\n JansUtil::requestAccessToken() - After Post request for Access Token -  token:{} ", str8);
        } catch (Exception e) {
            e.printStackTrace();
            logger.error("\n JansUtil::requestAccessToken() - Post error is ", e);
        }
        return str8;
    }

    public String requestUserToken(String str, String str2, String str3, String str4, String str5, String str6, String str7) throws IOException {
        logger.info("JansUtil::requestUserToken() - Request for Access Token -  tokenUrl:{}, username:{}, password:{}, scope:{}, grantType:{}, authenticationMethod:{}, mediaType:{}", new Object[]{str, str2, str3, str4, str5, str6, str7});
        String str8 = null;
        try {
            String clientId = getClientId();
            String clientPassword = getClientPassword();
            logger.info(" JansUtil::requestUserToken() - clientId:{} , clientSecret:{}, this.getEncodedCredentials():{}", new Object[]{clientId, clientPassword, getEncodedCredentials(clientId, clientPassword)});
            JsonNode asJson = SimpleHttp.doPost(str, HttpClientBuilder.create().build()).header("Authorization", "Basic " + getEncodedCredentials(clientId, clientPassword)).header("Content-Type", str7).param("grant_type", str5).param("username", str2).param(Constants.RESOURCE_OWNER_PASSWORD_CREDENTIALS, str3).asJson();
            logger.info("\n JansUtil::requestUserToken() - After invoking post request for user token -  jsonNode:{} ", asJson);
            str8 = getToken(asJson);
            logger.info("\n JansUtil::requestUserToken() -POST Request for Access Token -  token:{} ", str8);
        } catch (Exception e) {
            e.printStackTrace();
            logger.error("\n JansUtil::requestUserToken() - Post error is ", e);
        }
        return str8;
    }

    private boolean validateTokenScope(JsonNode jsonNode, String str) {
        logger.info(" \n\n JansUtil::validateTokenScope() - jsonNode:{}, scope:{}", jsonNode, str);
        boolean z = false;
        try {
            List list = (List) Stream.of((Object[]) str.split(" ", -1)).collect(Collectors.toList());
            if (jsonNode != null && jsonNode.get("scope") != null) {
                JsonNode jsonNode2 = jsonNode.get("scope");
                logger.info("\n\n *** JansUtil::validateTokenScope() -  value:{}", jsonNode2);
                if (jsonNode2 != null) {
                    String jsonNode3 = jsonNode2.toString();
                    logger.info("JansUtil::validateTokenScope() - scope:{}, responseScope:{}, responseScope.contains(scope):{}", new Object[]{str, jsonNode3, Boolean.valueOf(jsonNode3.contains(str))});
                    if (list.contains(jsonNode3)) {
                        z = true;
                    }
                }
            }
            logger.info("JansUtil::validateTokenScope() - validScope:{}", Boolean.valueOf(z));
        } catch (Exception e) {
            e.printStackTrace();
            logger.error("\n JansUtil::validateTokenScope() - Error while validating token scope from response is ", e);
        }
        return z;
    }

    private String getToken(JsonNode jsonNode) {
        logger.info(" \n\n JansUtil::getToken() - jsonNode:{}", jsonNode);
        String str = null;
        if (jsonNode != null) {
            try {
                if (jsonNode.get("access_token") != null) {
                    JsonNode jsonNode2 = jsonNode.get("access_token");
                    logger.info("\n\n *** JansUtil::getToken() - value:{}", jsonNode2);
                    if (jsonNode2 != null) {
                        str = jsonNode2.asText();
                    }
                    logger.info("getToken() - token:{}", str);
                }
            } catch (Exception e) {
                e.printStackTrace();
                logger.error("\n\n Error while getting token from response is ", e);
            }
        }
        return str;
    }

    private boolean hasCredentials(String str, String str2) {
        return StringUtils.isNotBlank(str) && StringUtils.isNotBlank(str2);
    }

    private String getCredentials(String str, String str2) throws UnsupportedEncodingException {
        logger.info("getCredentials() - authUsername:{}, authPassword:{}", str, str2);
        return URLEncoder.encode(str, Constants.UTF8_STRING_ENCODING) + ":" + URLEncoder.encode(str2, Constants.UTF8_STRING_ENCODING);
    }

    private String getEncodedCredentials(String str, String str2) {
        logger.info("getEncodedCredentials() - authUsername:{}, authPassword:{}", str, str2);
        try {
            if (hasCredentials(str, str2)) {
                return Base64.encodeBase64String(getBytes(getCredentials(str, str2)));
            }
            return null;
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
            return null;
        }
    }

    private static byte[] getBytes(String str) {
        return str.getBytes(StandardCharsets.UTF_8);
    }
}
