package pl.edu.icm.unity.oauth.as.token.access;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.nimbusds.oauth2.sdk.token.AccessToken;
import java.util.Date;
import java.util.List;
import java.util.Optional;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import pl.edu.icm.unity.base.token.Token;
import pl.edu.icm.unity.engine.api.token.SecuredTokensManagement;
import pl.edu.icm.unity.engine.api.token.TokensManagement;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.exceptions.IllegalIdentityValueException;
import pl.edu.icm.unity.exceptions.IllegalTypeException;
import pl.edu.icm.unity.oauth.as.OAuthToken;
import pl.edu.icm.unity.oauth.as.token.BearerJWTAccessToken;
import pl.edu.icm.unity.types.basic.EntityParam;

@Component
/* loaded from: input_file:pl/edu/icm/unity/oauth/as/token/access/OAuthAccessTokenRepository.class */
public class OAuthAccessTokenRepository {
    public static final String INTERNAL_ACCESS_TOKEN = "oauth2Access";
    private final TokensManagement tokensMan;
    private final SecuredTokensManagement securedTokensManagement;

    @Autowired
    public OAuthAccessTokenRepository(TokensManagement tokensManagement, SecuredTokensManagement securedTokensManagement) {
        this.tokensMan = tokensManagement;
        this.securedTokensManagement = securedTokensManagement;
    }

    public void storeAccessToken(AccessToken accessToken, OAuthToken oAuthToken, EntityParam entityParam, Date date, Date date2) throws IllegalIdentityValueException, IllegalTypeException, JsonProcessingException {
        this.tokensMan.addToken(INTERNAL_ACCESS_TOKEN, getTokenUniqueKey(accessToken), entityParam, oAuthToken.getSerialized(), date, date2);
    }

    public void updateAccessTokenExpiration(Token token, Date date) {
        if (!INTERNAL_ACCESS_TOKEN.equals(token.getType())) {
            throw new IllegalArgumentException("Only access token can be updated with this method");
        }
        this.tokensMan.updateToken(INTERNAL_ACCESS_TOKEN, token.getValue(), date, token.getContents());
    }

    public Token readAccessToken(String str) {
        return this.tokensMan.getTokenById(INTERNAL_ACCESS_TOKEN, extractTokenKey(str));
    }

    private String extractTokenKey(String str) {
        return tryGetJWTID(str).orElse(str);
    }

    private Optional<String> tryGetJWTID(String str) {
        return BearerJWTAccessToken.tryParseJWTClaimSet(str).map(jWTClaimsSet -> {
            return jWTClaimsSet.getJWTID();
        });
    }

    public void removeAccessToken(String str) {
        this.tokensMan.removeToken(INTERNAL_ACCESS_TOKEN, str);
    }

    public List<Token> getAllAccessTokens() throws EngineException {
        return this.securedTokensManagement.getAllTokens(INTERNAL_ACCESS_TOKEN);
    }

    public List<Token> getOwnedAccessTokens() throws EngineException {
        return this.securedTokensManagement.getOwnedTokens(INTERNAL_ACCESS_TOKEN);
    }

    private static String getTokenUniqueKey(AccessToken accessToken) {
        return accessToken instanceof BearerJWTAccessToken ? ((BearerJWTAccessToken) accessToken).getClaimsSet().getJWTID() : accessToken.getValue();
    }

    public void removeWithAuthorization(String str) throws EngineException {
        this.securedTokensManagement.removeToken(INTERNAL_ACCESS_TOKEN, str);
    }

    public void removeOwnedByClient(long j, long j2) throws EngineException {
        for (Token token : this.tokensMan.getOwnedTokens(INTERNAL_ACCESS_TOKEN, new EntityParam(Long.valueOf(j2)))) {
            if (OAuthToken.getInstanceFromJson(token.getContents()).getClientId() == j) {
                this.tokensMan.removeToken(token.getType(), token.getValue());
            }
        }
    }
}
