package pl.edu.icm.unity.oauth.as.token.access;

import io.imunity.idp.AccessProtocol;
import io.imunity.idp.ApplicationId;
import io.imunity.idp.LastIdPClinetAccessAttributeManagement;
import java.time.Instant;
import java.util.Optional;
import org.apache.logging.log4j.Logger;
import org.springframework.context.ApplicationEventPublisher;
import pl.edu.icm.unity.base.attribute.AttributeExt;
import pl.edu.icm.unity.base.endpoint.Endpoint;
import pl.edu.icm.unity.base.endpoint.ResolvedEndpoint;
import pl.edu.icm.unity.base.endpoint.idp.IdpStatistic;
import pl.edu.icm.unity.base.entity.EntityParam;
import pl.edu.icm.unity.base.exceptions.EngineException;
import pl.edu.icm.unity.base.exceptions.InternalException;
import pl.edu.icm.unity.base.identity.Identity;
import pl.edu.icm.unity.base.message.MessageSource;
import pl.edu.icm.unity.base.utils.Log;
import pl.edu.icm.unity.engine.api.AttributesManagement;
import pl.edu.icm.unity.engine.api.EndpointManagement;
import pl.edu.icm.unity.engine.api.EntityManagement;
import pl.edu.icm.unity.engine.api.authn.InvocationContext;
import pl.edu.icm.unity.engine.api.authn.LoginSession;
import pl.edu.icm.unity.engine.api.idp.statistic.IdpStatisticEvent;
import pl.edu.icm.unity.oauth.as.OAuthASProperties;
import pl.edu.icm.unity.oauth.as.OAuthRequestValidator;
import pl.edu.icm.unity.oauth.as.OAuthSystemAttributesProvider;

/* loaded from: input_file:pl/edu/icm/unity/oauth/as/token/access/OAuthTokenStatisticPublisher.class */
public class OAuthTokenStatisticPublisher {
    private static final Logger log = Log.getLogger("unity.server.oauth", OAuthTokenStatisticPublisher.class);
    private final ApplicationEventPublisher eventPublisher;
    private final MessageSource msg;
    private final EntityManagement idMan;
    private final ResolvedEndpoint endpoint;
    private final EndpointManagement endpointMan;
    private final LastIdPClinetAccessAttributeManagement lastIdPClinetAccessAttributeManagement;
    private final AttributesManagement unsecureAttributesMan;
    private final OAuthASProperties oauthConfig;
    private Endpoint authzEndpoint;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OAuthTokenStatisticPublisher(ApplicationEventPublisher applicationEventPublisher, MessageSource messageSource, EntityManagement entityManagement, OAuthRequestValidator oAuthRequestValidator, EndpointManagement endpointManagement, LastIdPClinetAccessAttributeManagement lastIdPClinetAccessAttributeManagement, AttributesManagement attributesManagement, OAuthASProperties oAuthASProperties, ResolvedEndpoint resolvedEndpoint) {
        this.eventPublisher = applicationEventPublisher;
        this.msg = messageSource;
        this.idMan = entityManagement;
        this.endpoint = resolvedEndpoint;
        this.endpointMan = endpointManagement;
        this.lastIdPClinetAccessAttributeManagement = lastIdPClinetAccessAttributeManagement;
        this.unsecureAttributesMan = attributesManagement;
        this.oauthConfig = oAuthASProperties;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void reportFailAsLoggedClient() {
        LoginSession loginSession = InvocationContext.getCurrent().getLoginSession();
        if (loginSession == null) {
            log.debug("Can not retrieve identity of the OAuth client, skippig error reporting");
            return;
        }
        EntityParam entityParam = new EntityParam(Long.valueOf(loginSession.getEntityId()));
        try {
            Identity identity = (Identity) this.idMan.getEntity(entityParam).getIdentities().stream().filter(identity2 -> {
                return identity2.getTypeId().equals("userName");
            }).findFirst().orElse(null);
            try {
                reportFail(identity != null ? identity.getComparableValue() : null, getClientName(entityParam));
            } catch (Exception e) {
                log.debug("Can not retrieving client name attribute of the OAuth client", e);
            }
        } catch (Exception e2) {
            log.debug("Can not retrieving identity of the OAuth client", e2);
        }
    }

    private String getClientName(EntityParam entityParam) {
        try {
            Optional findFirst = this.unsecureAttributesMan.getAllAttributes(entityParam, true, this.oauthConfig.getValue(OAuthASProperties.CLIENTS_GROUP), (String) null, false).stream().filter(attributeExt -> {
                return attributeExt.getName().equals(OAuthSystemAttributesProvider.CLIENT_NAME);
            }).findFirst();
            if (findFirst.isEmpty()) {
                return null;
            }
            return (String) ((AttributeExt) findFirst.get()).getValues().get(0);
        } catch (EngineException e) {
            throw new InternalException("Internal error, can not retrieve OAuth client's data", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void reportFail(String str, String str2) {
        report(str, str2, IdpStatistic.Status.FAILED);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void reportSuccess(String str, String str2, EntityParam entityParam) {
        report(str, str2, IdpStatistic.Status.SUCCESSFUL);
        try {
            this.lastIdPClinetAccessAttributeManagement.setAttribute(entityParam, AccessProtocol.OAuth, new ApplicationId(str), Instant.now());
        } catch (EngineException e) {
            log.debug("Can not set last access attribute", e);
        }
    }

    private void report(String str, String str2, IdpStatistic.Status status) {
        Endpoint endpoint = getEndpoint();
        this.eventPublisher.publishEvent(new IdpStatisticEvent(endpoint.getName(), endpoint.getConfiguration().getDisplayedName() != null ? endpoint.getConfiguration().getDisplayedName().getValue(this.msg) : null, str, str2, status));
    }

    private Endpoint getEndpoint() {
        if (this.authzEndpoint != null) {
            return this.authzEndpoint;
        }
        try {
            Optional findFirst = this.endpointMan.getEndpoints().stream().filter(endpoint -> {
                return endpoint.getConfiguration().getTag().equals(this.endpoint.getEndpoint().getConfiguration().getTag());
            }).findFirst();
            if (!findFirst.isPresent()) {
                return this.endpoint.getEndpoint();
            }
            this.authzEndpoint = (Endpoint) findFirst.get();
            return this.authzEndpoint;
        } catch (Exception e) {
            log.debug("Can not get relateed OAauth authz endpoint for token endpoint " + this.endpoint.getName(), e);
            return this.endpoint.getEndpoint();
        }
    }
}
