package de.adorsys.oauth.client.protocol;

import com.nimbusds.oauth2.sdk.AccessTokenResponse;
import com.nimbusds.oauth2.sdk.AuthorizationCode;
import com.nimbusds.oauth2.sdk.AuthorizationCodeGrant;
import com.nimbusds.oauth2.sdk.AuthorizationRequest;
import com.nimbusds.oauth2.sdk.AuthorizationSuccessResponse;
import com.nimbusds.oauth2.sdk.ResponseType;
import com.nimbusds.oauth2.sdk.TokenRequest;
import com.nimbusds.oauth2.sdk.auth.ClientSecretBasic;
import com.nimbusds.oauth2.sdk.auth.Secret;
import com.nimbusds.oauth2.sdk.http.HTTPResponse;
import com.nimbusds.oauth2.sdk.id.ClientID;
import com.nimbusds.oauth2.sdk.token.AccessToken;
import com.nimbusds.oauth2.sdk.token.BearerAccessToken;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.NameValuePair;
import org.apache.http.client.utils.URLEncodedUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/adorsys/oauth/client/protocol/OAuthProtocol.class */
public class OAuthProtocol {
    private static final Logger LOG = LoggerFactory.getLogger(OAuthProtocol.class);
    private URI authEndpoint;
    private URI tokenEndpoint;
    private ClientID clientId;
    private ClientSecretBasic clientSecretBasic;
    private String clientSecretValue;

    public static OAuthProtocol from(Map<String, String> map) {
        OAuthProtocol oAuthProtocol = new OAuthProtocol();
        oAuthProtocol.setAuthEndpoint(map.get("authEndpoint"));
        oAuthProtocol.setTokenEndpoint(map.get("tokenEndpoint"));
        oAuthProtocol.setClientId(map.get("clientId"));
        oAuthProtocol.setClientSecretValue(map.get("clientSecret"));
        return oAuthProtocol.initialize();
    }

    public URI extractURI(HttpServletRequest httpServletRequest) {
        try {
            return new URL(httpServletRequest.getScheme(), httpServletRequest.getServerName(), httpServletRequest.getServerPort(), httpServletRequest.getRequestURI() + (httpServletRequest.getQueryString() == null ? "" : "?" + httpServletRequest.getQueryString())).toURI();
        } catch (Exception e) {
            throw new IllegalStateException(e);
        }
    }

    private URI removeCodeParameterFromUri(URI uri) {
        try {
            String str = "";
            if (uri.getQuery() != null) {
                List<NameValuePair> parse = URLEncodedUtils.parse(uri, "UTF-8");
                ArrayList arrayList = new ArrayList();
                for (NameValuePair nameValuePair : parse) {
                    if (!"code".equalsIgnoreCase(nameValuePair.getName())) {
                        arrayList.add(nameValuePair);
                    }
                }
                if (arrayList.size() > 0) {
                    str = "?" + URLEncodedUtils.format(arrayList, "UTF-8");
                }
            }
            return new URL(uri.getScheme(), uri.getHost(), uri.getPort(), uri.getPath() + str).toURI();
        } catch (Exception e) {
            return uri;
        }
    }

    public void setAuthEndpoint(String str) {
        try {
            this.authEndpoint = new URI(str);
        } catch (URISyntaxException e) {
            throw new IllegalStateException("Invalid authEndpoint " + e.getMessage());
        }
    }

    public void setTokenEndpoint(String str) {
        try {
            this.tokenEndpoint = new URI(str);
        } catch (URISyntaxException e) {
            throw new IllegalStateException("Invalid tokenEndpoint " + e.getMessage());
        }
    }

    public void setClientId(String str) {
        this.clientId = new ClientID(str);
    }

    public void setClientSecretValue(String str) {
        this.clientSecretValue = str;
    }

    public OAuthProtocol initialize() {
        if (this.authEndpoint == null || this.tokenEndpoint == null || this.clientId == null) {
            throw new IllegalStateException("Endpoint/ClientId missing");
        }
        if (this.clientSecretValue != null) {
            this.clientSecretBasic = new ClientSecretBasic(this.clientId, new Secret(this.clientSecretValue));
        }
        return this;
    }

    public AccessToken resolveAccessToken(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("access_token");
        if (StringUtils.isNotEmpty(parameter)) {
            return new BearerAccessToken(parameter);
        }
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null || !header.contains("Bearer")) {
            return null;
        }
        try {
            return BearerAccessToken.parse(header);
        } catch (Exception e) {
            LOG.debug("invalid authorization-header {}", header);
            return null;
        }
    }

    public AccessTokenResponse runAuthorizationCodeFlow(URI uri) {
        AuthorizationCode resolveAuthorizationCode = resolveAuthorizationCode(uri);
        if (resolveAuthorizationCode == null) {
            return null;
        }
        return handleAuthorization(resolveAuthorizationCode, uri);
    }

    public void doAuthorizationRequest(HttpServletResponse httpServletResponse, URI uri) {
        AuthorizationRequest build = new AuthorizationRequest.Builder(new ResponseType(new ResponseType.Value[]{ResponseType.Value.CODE}), this.clientId).endpointURI(this.authEndpoint).redirectionURI(removeCodeParameterFromUri(uri)).build();
        String format = String.format("%s?%s", build.toHTTPRequest().getURL(), build.toHTTPRequest().getQuery());
        LOG.info("redirect to {}", format);
        try {
            httpServletResponse.sendRedirect(format);
        } catch (IOException e) {
            throw new IllegalStateException(e);
        }
    }

    private AuthorizationCode resolveAuthorizationCode(URI uri) {
        try {
            return AuthorizationSuccessResponse.parse(uri).getAuthorizationCode();
        } catch (Exception e) {
            LOG.trace("invalid authorization-response {}", uri);
            return null;
        }
    }

    private AccessTokenResponse handleAuthorization(AuthorizationCode authorizationCode, URI uri) {
        URI removeCodeParameterFromUri = removeCodeParameterFromUri(uri);
        try {
            HTTPResponse send = (this.clientSecretBasic == null ? new TokenRequest(this.tokenEndpoint, this.clientId, new AuthorizationCodeGrant(authorizationCode, removeCodeParameterFromUri)) : new TokenRequest(this.tokenEndpoint, this.clientSecretBasic, new AuthorizationCodeGrant(authorizationCode, removeCodeParameterFromUri))).toHTTPRequest().send();
            send.indicatesSuccess();
            return AccessTokenResponse.parse(send);
        } catch (Exception e) {
            LOG.error(e.getClass().getSimpleName() + " " + e.getMessage());
            return null;
        }
    }

    public String toString() {
        return String.format("authEndpoint=%s tokenEndpoint=%s clientId=%s", this.authEndpoint, this.tokenEndpoint, this.clientId);
    }
}
