package pl.edu.icm.unity.oauth.rp.web;

import eu.unicore.util.configuration.ConfigurationException;
import eu.unicore.util.httpclient.ServerHostnameCheckingMode;
import java.io.IOException;
import java.io.StringReader;
import java.util.List;
import java.util.Properties;
import java.util.stream.Collectors;
import org.eclipse.jetty.util.StringUtil;
import org.springframework.util.CollectionUtils;
import pl.edu.icm.unity.Constants;
import pl.edu.icm.unity.engine.api.PKIManagement;
import pl.edu.icm.unity.engine.api.translation.TranslationProfileGenerator;
import pl.edu.icm.unity.exceptions.InternalException;
import pl.edu.icm.unity.oauth.BaseRemoteASProperties;
import pl.edu.icm.unity.oauth.as.OAuthTokenRepository;
import pl.edu.icm.unity.oauth.client.config.CustomProviderProperties;
import pl.edu.icm.unity.oauth.client.console.OAuthBaseConfiguration;
import pl.edu.icm.unity.oauth.rp.OAuthRPProperties;

/* loaded from: input_file:pl/edu/icm/unity/oauth/rp/web/OAuthRPConfiguration.class */
public class OAuthRPConfiguration extends OAuthBaseConfiguration {
    private int cacheTime;
    private OAuthRPProperties.VerificationProtocol verificationProtocol;
    private String verificationEndpoint;
    private boolean openIdMode;
    private List<String> requiredScopes;
    private PKIManagement pkiMan;
    private OAuthTokenRepository tokensDAO;

    public OAuthRPConfiguration(PKIManagement pKIManagement, OAuthTokenRepository oAuthTokenRepository) {
        this.pkiMan = pKIManagement;
        this.tokensDAO = oAuthTokenRepository;
        setVerificationProtocol(OAuthRPProperties.VerificationProtocol.unity);
    }

    public void fromProperties(String str) {
        Properties properties = new Properties();
        try {
            properties.load(new StringReader(str));
            OAuthRPProperties oAuthRPProperties = new OAuthRPProperties(properties, this.pkiMan, this.tokensDAO);
            setCacheTime(oAuthRPProperties.getIntValue(OAuthRPProperties.CACHE_TIME).intValue());
            setVerificationProtocol((OAuthRPProperties.VerificationProtocol) oAuthRPProperties.getEnumValue(OAuthRPProperties.VERIFICATION_PROTOCOL, OAuthRPProperties.VerificationProtocol.class));
            setVerificationEndpoint(oAuthRPProperties.getValue(OAuthRPProperties.VERIFICATION_ENDPOINT));
            setProfileEndpoint(oAuthRPProperties.getValue(BaseRemoteASProperties.PROFILE_ENDPOINT));
            setClientAuthenticationMode((CustomProviderProperties.ClientAuthnMode) oAuthRPProperties.getEnumValue(BaseRemoteASProperties.CLIENT_AUTHN_MODE, CustomProviderProperties.ClientAuthnMode.class));
            setClientAuthenticationModeForProfile((CustomProviderProperties.ClientAuthnMode) oAuthRPProperties.getEnumValue(BaseRemoteASProperties.CLIENT_AUTHN_MODE_FOR_PROFILE_ACCESS, CustomProviderProperties.ClientAuthnMode.class));
            setClientHttpMethodForProfileAccess((CustomProviderProperties.ClientHttpMethod) oAuthRPProperties.getEnumValue(BaseRemoteASProperties.CLIENT_HTTP_METHOD_FOR_PROFILE_ACCESS, CustomProviderProperties.ClientHttpMethod.class));
            setRequiredScopes((List) oAuthRPProperties.getListOfValues("requiredScopes.").stream().filter(StringUtil::isNotBlank).collect(Collectors.toList()));
            setClientId(oAuthRPProperties.getValue(BaseRemoteASProperties.CLIENT_ID));
            setClientSecret(oAuthRPProperties.getValue(BaseRemoteASProperties.CLIENT_SECRET));
            setOpenIdMode(oAuthRPProperties.getBooleanValue(OAuthRPProperties.OPENID_MODE).booleanValue());
            setClientHostnameChecking((ServerHostnameCheckingMode) oAuthRPProperties.getEnumValue(BaseRemoteASProperties.CLIENT_HOSTNAME_CHECKING, ServerHostnameCheckingMode.class));
            setClientTrustStore(oAuthRPProperties.getValue(BaseRemoteASProperties.CLIENT_TRUSTSTORE));
            if (oAuthRPProperties.isSet("embeddedTranslationProfile")) {
                setTranslationProfile(TranslationProfileGenerator.getProfileFromString(oAuthRPProperties.getValue("embeddedTranslationProfile")));
            } else {
                setTranslationProfile(TranslationProfileGenerator.generateIncludeInputProfile(oAuthRPProperties.getValue("translationProfile")));
            }
        } catch (IOException e) {
            throw new InternalException("Invalid configuration of the oauth-rp verificator", e);
        }
    }

    public String toProperties() throws ConfigurationException {
        Properties properties = new Properties();
        properties.put("unity.oauth2-rp.clientId", getClientId());
        properties.put("unity.oauth2-rp.clientSecret", getClientSecret());
        if (!CollectionUtils.isEmpty(this.requiredScopes)) {
            for (int i = 0; i < this.requiredScopes.size(); i++) {
                String str = this.requiredScopes.get(i);
                if (StringUtil.isNotBlank(str)) {
                    properties.put("unity.oauth2-rp.requiredScopes." + (i + 1), str.trim());
                }
            }
        }
        properties.put("unity.oauth2-rp.openidConnectMode", String.valueOf(this.openIdMode));
        if (getVerificationEndpoint() != null) {
            properties.put("unity.oauth2-rp.verificationEndpoint", getVerificationEndpoint());
        }
        if (this.verificationProtocol != null) {
            properties.put("unity.oauth2-rp.verificationProtocol", this.verificationProtocol.toString());
        }
        if (getProfileEndpoint() != null) {
            properties.put("unity.oauth2-rp.profileEndpoint", getProfileEndpoint());
        }
        properties.put("unity.oauth2-rp.cacheTime", String.valueOf(this.cacheTime));
        if (getClientAuthenticationMode() != null) {
            properties.put("unity.oauth2-rp.clientAuthenticationMode", getClientAuthenticationMode().toString());
        }
        if (getClientAuthenticationModeForProfile() != null) {
            properties.put("unity.oauth2-rp.clientAuthenticationModeForProfileAccess", getClientAuthenticationModeForProfile().toString());
        }
        if (getClientHttpMethodForProfileAccess() != null) {
            properties.put("unity.oauth2-rp.httpMethodForProfileAccess", getClientHttpMethodForProfileAccess().toString());
        }
        try {
            properties.put("unity.oauth2-rp.embeddedTranslationProfile", Constants.MAPPER.writeValueAsString(getTranslationProfile().toJsonObject()));
            if (getClientHostnameChecking() != null) {
                properties.put("unity.oauth2-rp.httpClientHostnameChecking", getClientHostnameChecking().toString());
            }
            if (getClientTrustStore() != null) {
                properties.put("unity.oauth2-rp.httpClientTruststore", getClientTrustStore());
            }
            return new OAuthRPProperties(properties, this.pkiMan, this.tokensDAO).getAsString();
        } catch (Exception e) {
            throw new InternalException("Can't serialize authenticator translation profile to JSON", e);
        }
    }

    public int getCacheTime() {
        return this.cacheTime;
    }

    public void setCacheTime(int i) {
        this.cacheTime = i;
    }

    public OAuthRPProperties.VerificationProtocol getVerificationProtocol() {
        return this.verificationProtocol;
    }

    public void setVerificationProtocol(OAuthRPProperties.VerificationProtocol verificationProtocol) {
        this.verificationProtocol = verificationProtocol;
    }

    public String getVerificationEndpoint() {
        return this.verificationEndpoint;
    }

    public void setVerificationEndpoint(String str) {
        this.verificationEndpoint = str;
    }

    public boolean isOpenIdMode() {
        return this.openIdMode;
    }

    public void setOpenIdMode(boolean z) {
        this.openIdMode = z;
    }

    public List<String> getRequiredScopes() {
        return this.requiredScopes;
    }

    public void setRequiredScopes(List<String> list) {
        this.requiredScopes = list;
    }
}
