package no.nav.security.mock.oauth2.http;

import com.nimbusds.oauth2.sdk.ErrorObject;
import com.nimbusds.oauth2.sdk.GeneralException;
import com.nimbusds.oauth2.sdk.GrantType;
import com.nimbusds.oauth2.sdk.OAuth2Error;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.openid.connect.sdk.AuthenticationRequest;
import java.net.URLEncoder;
import java.nio.charset.Charset;
import java.util.Iterator;
import java.util.Map;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.LinkedBlockingQueue;
import kotlin.KotlinNothingValueException;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin.Result;
import kotlin.ResultKt;
import kotlin.TuplesKt;
import kotlin.collections.MapsKt;
import kotlin.jvm.internal.Intrinsics;
import mu.KLogger;
import no.nav.security.mock.oauth2.OAuth2Config;
import no.nav.security.mock.oauth2.OAuth2Exception;
import no.nav.security.mock.oauth2.OAuth2ExceptionKt;
import no.nav.security.mock.oauth2.debugger.DebuggerRequestHandler;
import no.nav.security.mock.oauth2.extensions.HttpUrlExtensionsKt;
import no.nav.security.mock.oauth2.extensions.NimbusExtensionsKt;
import no.nav.security.mock.oauth2.grant.AuthorizationCodeHandler;
import no.nav.security.mock.oauth2.grant.ClientCredentialsGrantHandler;
import no.nav.security.mock.oauth2.grant.GrantHandler;
import no.nav.security.mock.oauth2.grant.JwtBearerGrantHandler;
import no.nav.security.mock.oauth2.grant.RefreshTokenGrantHandler;
import no.nav.security.mock.oauth2.grant.RefreshTokenManager;
import no.nav.security.mock.oauth2.grant.TokenExchangeGrantHandler;
import no.nav.security.mock.oauth2.grant.TokenExchangeGrantKt;
import no.nav.security.mock.oauth2.login.LoginRequestHandler;
import no.nav.security.mock.oauth2.token.DefaultOAuth2TokenCallback;
import no.nav.security.mock.oauth2.token.OAuth2TokenCallback;
import org.jetbrains.annotations.NotNull;

/* compiled from: OAuth2HttpRequestHandler.kt */
@Metadata(mv = {1, 4, 2}, bv = {1, 0, 3}, k = 1, d1 = {"��`\n\u0002\u0018\u0002\n\u0002\u0010��\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010$\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000b\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u0003\n\u0002\b\u0004\n\u0002\u0010\u000e\n��\u0018��2\u00020\u0001B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u000e\u0010\u0012\u001a\u00020\u00132\u0006\u0010\u0014\u001a\u00020\u0011J\u0010\u0010\u0015\u001a\u00020\u00162\u0006\u0010\u0017\u001a\u00020\u0018H\u0002J\u0010\u0010\u0019\u001a\u00020\u00162\u0006\u0010\u0017\u001a\u00020\u0018H\u0002J\u0010\u0010\u001a\u001a\u00020\u00162\u0006\u0010\u001b\u001a\u00020\u001cH\u0002J\u000e\u0010\u001d\u001a\u00020\u00162\u0006\u0010\u0017\u001a\u00020\u0018J\u0010\u0010\u001e\u001a\u00020\u00162\u0006\u0010\u0017\u001a\u00020\u0018H\u0002J\u0010\u0010\u001f\u001a\u00020\u00112\u0006\u0010 \u001a\u00020!H\u0002R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0005\u001a\u00020\u0006X\u0082\u0004¢\u0006\u0002\n��R\u001a\u0010\u0007\u001a\u000e\u0012\u0004\u0012\u00020\t\u0012\u0004\u0012\u00020\n0\bX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u000b\u001a\u00020\fX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\r\u001a\u00020\u000eX\u0082\u0004¢\u0006\u0002\n��R\u0014\u0010\u000f\u001a\b\u0012\u0004\u0012\u00020\u00110\u0010X\u0082\u0004¢\u0006\u0002\n��¨\u0006\""}, d2 = {"Lno/nav/security/mock/oauth2/http/OAuth2HttpRequestHandler;", "", "config", "Lno/nav/security/mock/oauth2/OAuth2Config;", "(Lno/nav/security/mock/oauth2/OAuth2Config;)V", "debuggerRequestHandler", "Lno/nav/security/mock/oauth2/debugger/DebuggerRequestHandler;", "grantHandlers", "", "Lcom/nimbusds/oauth2/sdk/GrantType;", "Lno/nav/security/mock/oauth2/grant/GrantHandler;", "loginRequestHandler", "Lno/nav/security/mock/oauth2/login/LoginRequestHandler;", "refreshTokenManager", "Lno/nav/security/mock/oauth2/grant/RefreshTokenManager;", "tokenCallbackQueue", "Ljava/util/concurrent/BlockingQueue;", "Lno/nav/security/mock/oauth2/token/OAuth2TokenCallback;", "enqueueTokenCallback", "", "oAuth2TokenCallback", "handleAuthenticationRequest", "Lno/nav/security/mock/oauth2/http/OAuth2HttpResponse;", "request", "Lno/nav/security/mock/oauth2/http/OAuth2HttpRequest;", "handleEndSessionRequest", "handleException", "error", "", "handleRequest", "handleTokenRequest", "tokenCallbackFromQueueOrDefault", "issuerId", "", "mock-oauth2-server"})
/* loaded from: input_file:no/nav/security/mock/oauth2/http/OAuth2HttpRequestHandler.class */
public final class OAuth2HttpRequestHandler {
    private final LoginRequestHandler loginRequestHandler;
    private final DebuggerRequestHandler debuggerRequestHandler;
    private final BlockingQueue<OAuth2TokenCallback> tokenCallbackQueue;
    private final RefreshTokenManager refreshTokenManager;
    private final Map<GrantType, GrantHandler> grantHandlers;
    private final OAuth2Config config;

    @NotNull
    public final OAuth2HttpResponse handleRequest(@NotNull OAuth2HttpRequest oAuth2HttpRequest) {
        KLogger kLogger;
        KLogger kLogger2;
        KLogger kLogger3;
        KLogger kLogger4;
        KLogger kLogger5;
        KLogger kLogger6;
        Intrinsics.checkNotNullParameter(oAuth2HttpRequest, "request");
        try {
            Result.Companion companion = Result.Companion;
            OAuth2HttpRequestHandler oAuth2HttpRequestHandler = this;
            kLogger = OAuth2HttpRequestHandlerKt.log;
            kLogger.debug("received request on url=" + oAuth2HttpRequest.getUrl() + " with headers=" + oAuth2HttpRequest.getHeaders());
            switch (oAuth2HttpRequest.type()) {
                case WELL_KNOWN:
                    OAuth2HttpResponse json = OAuth2HttpResponseKt.json(oAuth2HttpRequest.toWellKnown());
                    kLogger6 = OAuth2HttpRequestHandlerKt.log;
                    kLogger6.debug("returning well-known json data for url=" + oAuth2HttpRequest.getUrl());
                    return json;
                case AUTHORIZATION:
                    return oAuth2HttpRequestHandler.handleAuthenticationRequest(oAuth2HttpRequest);
                case TOKEN:
                    return oAuth2HttpRequestHandler.handleTokenRequest(oAuth2HttpRequest);
                case END_SESSION:
                    return oAuth2HttpRequestHandler.handleEndSessionRequest(oAuth2HttpRequest);
                case JWKS:
                    Map jSONObject = oAuth2HttpRequestHandler.config.getTokenProvider().publicJwkSet().toJSONObject();
                    Intrinsics.checkNotNullExpressionValue(jSONObject, "config.tokenProvider.publicJwkSet().toJSONObject()");
                    OAuth2HttpResponse json2 = OAuth2HttpResponseKt.json(jSONObject);
                    kLogger5 = OAuth2HttpRequestHandlerKt.log;
                    kLogger5.debug("handle jwks request");
                    return json2;
                case DEBUGGER:
                    OAuth2HttpResponse handleDebuggerForm = oAuth2HttpRequestHandler.debuggerRequestHandler.handleDebuggerForm(oAuth2HttpRequest);
                    kLogger4 = OAuth2HttpRequestHandlerKt.log;
                    kLogger4.debug("handle debugger request");
                    return handleDebuggerForm;
                case DEBUGGER_CALLBACK:
                    OAuth2HttpResponse handleDebuggerCallback = oAuth2HttpRequestHandler.debuggerRequestHandler.handleDebuggerCallback(oAuth2HttpRequest);
                    kLogger3 = OAuth2HttpRequestHandlerKt.log;
                    kLogger3.debug("handle debugger callback request");
                    return handleDebuggerCallback;
                case FAVICON:
                    return new OAuth2HttpResponse(null, 200, null, 5, null);
                default:
                    OAuth2HttpResponse notFound = OAuth2HttpResponseKt.notFound();
                    kLogger2 = OAuth2HttpRequestHandlerKt.log;
                    kLogger2.error("path '" + oAuth2HttpRequest.getUrl() + "' not found");
                    return notFound;
            }
        } catch (Throwable th) {
            Result.Companion companion2 = Result.Companion;
            Object obj = Result.constructor-impl(ResultKt.createFailure(th));
            Throwable th2 = Result.exceptionOrNull-impl(obj);
            return th2 == null ? (OAuth2HttpResponse) ((Void) obj) : handleException(th2);
        }
    }

    public final boolean enqueueTokenCallback(@NotNull OAuth2TokenCallback oAuth2TokenCallback) {
        Intrinsics.checkNotNullParameter(oAuth2TokenCallback, "oAuth2TokenCallback");
        return this.tokenCallbackQueue.add(oAuth2TokenCallback);
    }

    private final OAuth2HttpResponse handleEndSessionRequest(OAuth2HttpRequest oAuth2HttpRequest) {
        KLogger kLogger;
        kLogger = OAuth2HttpRequestHandlerKt.log;
        kLogger.debug("handle end session request " + oAuth2HttpRequest);
        String queryParameter = oAuth2HttpRequest.getUrl().queryParameter("post_logout_redirect_uri");
        if (queryParameter != null) {
            OAuth2HttpResponse redirect$default = OAuth2HttpResponseKt.redirect$default(queryParameter, null, 2, null);
            if (redirect$default != null) {
                return redirect$default;
            }
        }
        return OAuth2HttpResponseKt.html("logged out");
    }

    private final OAuth2HttpResponse handleAuthenticationRequest(OAuth2HttpRequest oAuth2HttpRequest) {
        KLogger kLogger;
        kLogger = OAuth2HttpRequestHandlerKt.log;
        kLogger.debug("received call to authorization endpoint");
        AuthenticationRequest asAuthenticationRequest = oAuth2HttpRequest.asAuthenticationRequest();
        GrantHandler grantHandler = this.grantHandlers.get(GrantType.AUTHORIZATION_CODE);
        if (grantHandler == null) {
            throw new NullPointerException("null cannot be cast to non-null type no.nav.security.mock.oauth2.grant.AuthorizationCodeHandler");
        }
        AuthorizationCodeHandler authorizationCodeHandler = (AuthorizationCodeHandler) grantHandler;
        String method = oAuth2HttpRequest.getMethod();
        switch (method.hashCode()) {
            case 70454:
                if (method.equals("GET")) {
                    return (this.config.getInteractiveLogin() || NimbusExtensionsKt.isPrompt(asAuthenticationRequest)) ? OAuth2HttpResponseKt.html(this.loginRequestHandler.loginHtml(oAuth2HttpRequest)) : OAuth2HttpResponseKt.authenticationSuccess(AuthorizationCodeHandler.authorizationCodeResponse$default(authorizationCodeHandler, asAuthenticationRequest, null, 2, null));
                }
                break;
            case 2461856:
                if (method.equals("POST")) {
                    return OAuth2HttpResponseKt.authenticationSuccess(authorizationCodeHandler.authorizationCodeResponse(asAuthenticationRequest, this.loginRequestHandler.loginSubmit(oAuth2HttpRequest)));
                }
                break;
        }
        OAuth2ExceptionKt.invalidRequest("Unsupported request method " + oAuth2HttpRequest.getMethod());
        throw new KotlinNothingValueException();
    }

    private final OAuth2HttpResponse handleTokenRequest(OAuth2HttpRequest oAuth2HttpRequest) {
        KLogger kLogger;
        kLogger = OAuth2HttpRequestHandlerKt.log;
        kLogger.debug("handle token request " + oAuth2HttpRequest);
        GrantType grantType = oAuth2HttpRequest.grantType();
        OAuth2TokenCallback oAuth2TokenCallback = tokenCallbackFromQueueOrDefault(HttpUrlExtensionsKt.issuerId(oAuth2HttpRequest.getUrl()));
        GrantHandler grantHandler = this.grantHandlers.get(grantType);
        if (grantHandler != null) {
            return OAuth2HttpResponseKt.json(grantHandler.tokenResponse(oAuth2HttpRequest, HttpUrlExtensionsKt.toIssuerUrl(oAuth2HttpRequest.getUrl()), oAuth2TokenCallback));
        }
        OAuth2ExceptionKt.invalidGrant(grantType);
        throw new KotlinNothingValueException();
    }

    private final OAuth2TokenCallback tokenCallbackFromQueueOrDefault(String str) {
        Object obj;
        OAuth2TokenCallback peek = this.tokenCallbackQueue.peek();
        if (Intrinsics.areEqual(str, peek != null ? peek.issuerId() : null)) {
            OAuth2TokenCallback take = this.tokenCallbackQueue.take();
            Intrinsics.checkNotNullExpressionValue(take, "tokenCallbackQueue.take()");
            return take;
        }
        Iterator<T> it = this.config.getTokenCallbacks().iterator();
        while (true) {
            if (!it.hasNext()) {
                obj = null;
                break;
            }
            Object next = it.next();
            if (Intrinsics.areEqual(((OAuth2TokenCallback) next).issuerId(), str)) {
                obj = next;
                break;
            }
        }
        OAuth2TokenCallback oAuth2TokenCallback = (OAuth2TokenCallback) obj;
        return oAuth2TokenCallback != null ? oAuth2TokenCallback : new DefaultOAuth2TokenCallback(str, null, null, null, 0L, 30, null);
    }

    private final OAuth2HttpResponse handleException(Throwable th) {
        KLogger kLogger;
        ErrorObject errorObject;
        kLogger = OAuth2HttpRequestHandlerKt.log;
        kLogger.error("received exception when handling request.", th);
        String encode = URLEncoder.encode(th.getMessage(), Charset.forName("UTF-8"));
        if (th instanceof OAuth2Exception) {
            errorObject = ((OAuth2Exception) th).getErrorObject();
        } else if (th instanceof ParseException) {
            errorObject = ((ParseException) th).getErrorObject();
            if (errorObject == null) {
                errorObject = OAuth2Error.INVALID_REQUEST.setDescription("failed to parse request: " + encode);
            }
        } else {
            errorObject = th instanceof GeneralException ? ((GeneralException) th).getErrorObject() : null;
        }
        if (errorObject == null) {
            errorObject = OAuth2Error.SERVER_ERROR.setDescription("unexpected exception with message: " + encode);
            Intrinsics.checkNotNullExpressionValue(errorObject, "OAuth2Error.SERVER_ERROR…tion with message: $msg\")");
        }
        return OAuth2HttpResponseKt.oauth2Error(errorObject);
    }

    public OAuth2HttpRequestHandler(@NotNull OAuth2Config oAuth2Config) {
        Intrinsics.checkNotNullParameter(oAuth2Config, "config");
        this.config = oAuth2Config;
        this.loginRequestHandler = new LoginRequestHandler(OAuth2HttpResponseKt.getTemplateMapper());
        this.debuggerRequestHandler = new DebuggerRequestHandler(OAuth2HttpResponseKt.getTemplateMapper());
        this.tokenCallbackQueue = new LinkedBlockingQueue();
        this.refreshTokenManager = new RefreshTokenManager(null, 1, null);
        this.grantHandlers = MapsKt.mapOf(new Pair[]{TuplesKt.to(GrantType.AUTHORIZATION_CODE, new AuthorizationCodeHandler(this.config.getTokenProvider(), this.refreshTokenManager)), TuplesKt.to(GrantType.CLIENT_CREDENTIALS, new ClientCredentialsGrantHandler(this.config.getTokenProvider())), TuplesKt.to(GrantType.JWT_BEARER, new JwtBearerGrantHandler(this.config.getTokenProvider())), TuplesKt.to(TokenExchangeGrantKt.getTOKEN_EXCHANGE(), new TokenExchangeGrantHandler(this.config.getTokenProvider())), TuplesKt.to(GrantType.REFRESH_TOKEN, new RefreshTokenGrantHandler(this.config.getTokenProvider(), this.refreshTokenManager))});
    }
}
