package org.finos.legend.server.pac4j.gitlab;

import com.fasterxml.jackson.annotation.JsonProperty;
import com.nimbusds.jose.util.DefaultResourceRetriever;
import com.nimbusds.oauth2.sdk.util.StringUtils;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.security.GeneralSecurityException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import org.finos.legend.server.pac4j.gitlab.ssl.TrustManagerComposite;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.http.url.DefaultUrlResolver;
import org.pac4j.oidc.client.OidcClient;
import org.pac4j.oidc.config.OidcConfiguration;
import org.pac4j.oidc.credentials.OidcCredentials;
import org.pac4j.oidc.credentials.authenticator.OidcAuthenticator;
import org.pac4j.oidc.profile.OidcProfile;
import org.pac4j.oidc.profile.creator.OidcProfileCreator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/finos/legend/server/pac4j/gitlab/GitlabClient.class */
public class GitlabClient extends OidcClient<OidcProfile, OidcConfiguration> {
    private static final Logger logger = LoggerFactory.getLogger(GitlabClient.class);

    @JsonProperty
    protected String clientId;

    @JsonProperty
    protected String secret;

    @JsonProperty
    protected String discoveryUri;

    @JsonProperty
    protected String scope;

    @JsonProperty
    protected String proxyHost;

    @JsonProperty
    protected int proxyPort;

    @JsonProperty
    protected String sslKeystore;

    public String getName() {
        return "gitlab";
    }

    protected void clientInit() {
        if (StringUtils.isNotBlank(this.sslKeystore)) {
            TrustManager[] trustManagerArr = {new TrustManagerComposite(this.sslKeystore)};
            try {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, trustManagerArr, null);
                SSLContext.setDefault(sSLContext);
            } catch (GeneralSecurityException e) {
                throw new RuntimeException("Cannot initialize Trust store", e);
            }
        }
        OidcConfiguration oidcConfiguration = new OidcConfiguration();
        oidcConfiguration.setClientId(this.clientId);
        oidcConfiguration.setSecret(this.secret);
        oidcConfiguration.setDiscoveryURI(this.discoveryUri);
        DefaultResourceRetriever defaultResourceRetriever = new DefaultResourceRetriever(oidcConfiguration.getConnectTimeout(), oidcConfiguration.getReadTimeout());
        if (this.proxyHost != null && !"".equals(this.proxyHost)) {
            logger.info("Using proxy {}:{}", this.proxyHost, Integer.valueOf(this.proxyPort));
            defaultResourceRetriever.setProxy(new Proxy(Proxy.Type.HTTP, new InetSocketAddress(this.proxyHost, this.proxyPort)));
        }
        oidcConfiguration.setResourceRetriever(defaultResourceRetriever);
        if (this.scope == null || "".equals(this.scope)) {
            this.scope = "openid profile";
        }
        oidcConfiguration.setScope(this.scope);
        setConfiguration(oidcConfiguration);
        setAuthenticator(new OidcAuthenticator(oidcConfiguration, this) { // from class: org.finos.legend.server.pac4j.gitlab.GitlabClient.1
            public void validate(OidcCredentials oidcCredentials, WebContext webContext) {
                if (GitlabClient.this.proxyHost == null || "".equals(GitlabClient.this.proxyHost)) {
                    super.validate(oidcCredentials, webContext);
                    return;
                }
                System.setProperty("https.proxyHost", GitlabClient.this.proxyHost);
                System.setProperty("https.proxyPort", String.valueOf(GitlabClient.this.proxyPort));
                super.validate(oidcCredentials, webContext);
                System.setProperty("https.proxyHost", "");
                System.setProperty("https.proxyPort", "");
            }
        });
        setProfileCreator(new OidcProfileCreator<OidcProfile>(oidcConfiguration) { // from class: org.finos.legend.server.pac4j.gitlab.GitlabClient.2
            public OidcProfile create(OidcCredentials oidcCredentials, WebContext webContext) {
                OidcProfile create = super.create(oidcCredentials, webContext);
                create.setId(create.getNickname());
                return create;
            }
        });
        setUrlResolver(new DefaultUrlResolver(true));
        super.clientInit();
    }

    public String getClientId() {
        return this.clientId;
    }

    public void setClientId(String str) {
        this.clientId = str;
    }

    public String getSecret() {
        return this.secret;
    }

    public void setSecret(String str) {
        this.secret = str;
    }

    public String getDiscoveryUri() {
        return this.discoveryUri;
    }

    public void setDiscoveryUri(String str) {
        this.discoveryUri = str;
    }

    public String getScope() {
        return this.scope;
    }

    public void setScope(String str) {
        this.scope = str;
    }

    public String getProxyHost() {
        return this.proxyHost;
    }

    public void setProxyHost(String str) {
        this.proxyHost = str;
    }

    public int getProxyPort() {
        return this.proxyPort;
    }

    public void setProxyPort(int i) {
        this.proxyPort = i;
    }

    public String getSslKeystore() {
        return this.sslKeystore;
    }

    public void setSslKeystore(String str) {
        this.sslKeystore = str;
    }
}
