package com.networknt.router.middleware;

import com.networknt.client.oauth.OauthHelper;
import com.networknt.client.oauth.SAMLBearerRequest;
import com.networknt.client.oauth.TokenResponse;
import com.networknt.common.DecryptUtil;
import com.networknt.config.Config;
import com.networknt.exception.ClientException;
import com.networknt.handler.Handler;
import com.networknt.handler.MiddlewareHandler;
import com.networknt.utility.ModuleRegistry;
import io.undertow.Handlers;
import io.undertow.server.HttpHandler;
import io.undertow.server.HttpServerExchange;
import io.undertow.util.Headers;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/networknt/router/middleware/SAMLTokenHandler.class */
public class SAMLTokenHandler implements MiddlewareHandler {
    public static final String CONFIG_NAME = "token";
    public static final String CLIENT_CONFIG_NAME = "client";
    public static final String ENABLED = "enabled";
    public static final String CONFIG_SECURITY = "security";
    public static Map<String, Object> config = Config.getInstance().getJsonMapConfigNoCache("token");
    static Logger logger = LoggerFactory.getLogger((Class<?>) SAMLTokenHandler.class);
    private volatile HttpHandler next;
    private String jwt;
    private long expire;
    static final String OAUTH = "oauth";
    static final String TOKEN = "token";
    static final String OAUTH_HTTP2_SUPPORT = "oauthHttp2Support";
    static final String SAMLAssertionHeader = "assertion";
    static final String JWTAssertionHeader = "client_assertion";
    static final String STATUS_SAMLBEARER_CREDENTIALS_TOKEN_NOT_AVAILABLE = "ERR10009";
    static Map<String, Object> clientConfig;
    static Map<String, Object> tokenConfig;
    static Map<String, Object> secretConfig;
    static boolean oauthHttp2Support;
    private final Object lock = new Object();

    public SAMLTokenHandler() {
        Map map;
        clientConfig = Config.getInstance().getJsonMapConfig("client");
        if (clientConfig != null && (map = (Map) clientConfig.get(OAUTH)) != null) {
            tokenConfig = (Map) map.get("token");
        }
        Map<String, Object> jsonMapConfig = Config.getInstance().getJsonMapConfig("security");
        if (jsonMapConfig != null) {
            Boolean bool = (Boolean) jsonMapConfig.get(OAUTH_HTTP2_SUPPORT);
            oauthHttp2Support = bool == null ? false : bool.booleanValue();
        }
        Map<String, Object> jsonMapConfig2 = Config.getInstance().getJsonMapConfig("secret");
        if (jsonMapConfig2 == null) {
            throw new ExceptionInInitializerError("Could not locate secret.yml");
        }
        secretConfig = DecryptUtil.decryptMap(jsonMapConfig2);
    }

    @Override // io.undertow.server.HttpHandler
    public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
        logger.debug(httpServerExchange.toString());
        getSAMLBearerToken(httpServerExchange.getRequestHeaders().getFirst(SAMLAssertionHeader), httpServerExchange.getRequestHeaders().getFirst(JWTAssertionHeader));
        httpServerExchange.getRequestHeaders().put(Headers.AUTHORIZATION, "Bearer " + this.jwt);
        httpServerExchange.getRequestHeaders().remove(SAMLAssertionHeader);
        httpServerExchange.getRequestHeaders().remove(JWTAssertionHeader);
        Handler.next(httpServerExchange, this.next);
    }

    @Override // com.networknt.handler.MiddlewareHandler
    public HttpHandler getNext() {
        return this.next;
    }

    @Override // com.networknt.handler.MiddlewareHandler
    public MiddlewareHandler setNext(HttpHandler httpHandler) {
        Handlers.handlerNotNull(httpHandler);
        this.next = httpHandler;
        return this;
    }

    @Override // com.networknt.handler.MiddlewareHandler
    public boolean isEnabled() {
        Object obj = config.get("enabled");
        return obj != null && ((Boolean) obj).booleanValue();
    }

    @Override // com.networknt.handler.MiddlewareHandler
    public void register() {
        ModuleRegistry.registerModule(SAMLTokenHandler.class.getName(), config, null);
    }

    private void getSAMLBearerToken(String str, String str2) throws ClientException {
        TokenResponse tokenFromSaml = OauthHelper.getTokenFromSaml(new SAMLBearerRequest(str, str2));
        synchronized (this.lock) {
            this.jwt = tokenFromSaml.getAccessToken();
            this.expire = System.currentTimeMillis() + (tokenFromSaml.getExpiresIn() * 1000);
            logger.info("Get client credentials token {} with expire_in {} seconds", this.jwt, Long.valueOf(tokenFromSaml.getExpiresIn()));
        }
    }
}
