package ca.ibodrov.mica.server.oidc;

import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.datatype.jdk8.Jdk8Module;
import java.io.IOException;
import java.io.InputStream;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.runtime.ObjectMethods;
import java.net.URI;
import java.net.URLEncoder;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.nio.charset.StandardCharsets;
import java.time.Duration;
import java.util.Optional;

/* loaded from: input_file:ca/ibodrov/mica/server/oidc/OidcClient.class */
public class OidcClient {
    private final HttpClient client = HttpClient.newBuilder().version(HttpClient.Version.HTTP_1_1).followRedirects(HttpClient.Redirect.NEVER).connectTimeout(Duration.ofSeconds(10)).build();
    private final ObjectMapper objectMapper = new ObjectMapper().registerModule(new Jdk8Module()).configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
    private final URI tokenEndpoint;
    private final URI userinfoEndpoint;
    private final String clientId;
    private final String clientSecret;

    /* loaded from: input_file:ca/ibodrov/mica/server/oidc/OidcClient$CodeExchangeResponse.class */
    public static final class CodeExchangeResponse extends Record {

        @JsonProperty("access_token")
        private final Optional<String> accessToken;
        private final Optional<String> error;

        public CodeExchangeResponse(@JsonProperty("access_token") Optional<String> optional, Optional<String> optional2) {
            this.accessToken = optional;
            this.error = optional2;
        }

        @Override // java.lang.Record
        public final String toString() {
            return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, CodeExchangeResponse.class), CodeExchangeResponse.class, "accessToken;error", "FIELD:Lca/ibodrov/mica/server/oidc/OidcClient$CodeExchangeResponse;->accessToken:Ljava/util/Optional;", "FIELD:Lca/ibodrov/mica/server/oidc/OidcClient$CodeExchangeResponse;->error:Ljava/util/Optional;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final int hashCode() {
            return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, CodeExchangeResponse.class), CodeExchangeResponse.class, "accessToken;error", "FIELD:Lca/ibodrov/mica/server/oidc/OidcClient$CodeExchangeResponse;->accessToken:Ljava/util/Optional;", "FIELD:Lca/ibodrov/mica/server/oidc/OidcClient$CodeExchangeResponse;->error:Ljava/util/Optional;").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final boolean equals(Object obj) {
            return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, CodeExchangeResponse.class, Object.class), CodeExchangeResponse.class, "accessToken;error", "FIELD:Lca/ibodrov/mica/server/oidc/OidcClient$CodeExchangeResponse;->accessToken:Ljava/util/Optional;", "FIELD:Lca/ibodrov/mica/server/oidc/OidcClient$CodeExchangeResponse;->error:Ljava/util/Optional;").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
        }

        @JsonProperty("access_token")
        public Optional<String> accessToken() {
            return this.accessToken;
        }

        public Optional<String> error() {
            return this.error;
        }
    }

    public OidcClient(URI uri, URI uri2, String str, String str2) {
        this.tokenEndpoint = uri;
        this.userinfoEndpoint = uri2;
        this.clientId = str;
        this.clientSecret = str2;
    }

    public CodeExchangeResponse exchangeCodeForAccessToken(String str, URI uri) {
        try {
            return (CodeExchangeResponse) parseResponseAsJson(this.client.send(HttpRequest.newBuilder().uri(this.tokenEndpoint).header("Content-Type", "application/x-www-form-urlencoded").POST(HttpRequest.BodyPublishers.ofString("code=%s&client_id=%s&client_secret=%s&redirect_uri=%s&grant_type=authorization_code".formatted(URLEncoder.encode(str, StandardCharsets.UTF_8), URLEncoder.encode(this.clientId, StandardCharsets.UTF_8), URLEncoder.encode(this.clientSecret, StandardCharsets.UTF_8), URLEncoder.encode(uri.toASCIIString(), StandardCharsets.UTF_8)))).build(), HttpResponse.BodyHandlers.ofInputStream()), CodeExchangeResponse.class);
        } catch (IOException | InterruptedException e) {
            throw new RuntimeException(e);
        }
    }

    public OidcUserInfo fetchUserInfo(String str) {
        try {
            return (OidcUserInfo) parseResponseAsJson(this.client.send(HttpRequest.newBuilder().uri(this.userinfoEndpoint).header("Authorization", "Bearer " + str).GET().build(), HttpResponse.BodyHandlers.ofInputStream()), OidcUserInfo.class);
        } catch (IOException | InterruptedException e) {
            throw new RuntimeException(e);
        }
    }

    private <T> T parseResponseAsJson(HttpResponse<InputStream> httpResponse, Class<T> cls) throws IOException {
        if (httpResponse.headers().firstValue("Content-Type").filter(str -> {
            return str.toLowerCase().contains("json");
        }).isEmpty()) {
            throw new RuntimeException("Not a JSON response, status code: " + httpResponse.statusCode());
        }
        InputStream inputStream = (InputStream) httpResponse.body();
        try {
            T t = (T) this.objectMapper.readValue(inputStream, cls);
            if (inputStream != null) {
                inputStream.close();
            }
            return t;
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }
}
