package io.jans.configapi.util;

import io.jans.as.client.TokenResponse;
import io.jans.as.common.model.registration.Client;
import io.jans.as.common.service.common.EncryptionService;
import io.jans.as.model.common.ScopeType;
import io.jans.as.model.uma.wrapper.Token;
import io.jans.as.model.util.Util;
import io.jans.as.persistence.model.Scope;
import io.jans.configapi.configuration.ConfigurationFactory;
import io.jans.configapi.core.rest.ProtectedApi;
import io.jans.configapi.security.api.ApiProtectionCache;
import io.jans.configapi.security.client.AuthClientFactory;
import io.jans.configapi.service.auth.ClientService;
import io.jans.configapi.service.auth.ConfigurationService;
import io.jans.configapi.service.auth.ScopeService;
import io.jans.util.security.StringEncrypter;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.inject.Inject;
import jakarta.ws.rs.WebApplicationException;
import jakarta.ws.rs.container.ResourceInfo;
import jakarta.ws.rs.core.Response;
import java.lang.reflect.Field;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.collections4.CollectionUtils;
import org.slf4j.Logger;

@ApplicationScoped
/* loaded from: input_file:io/jans/configapi/util/AuthUtil.class */
public class AuthUtil {

    @Inject
    Logger log;

    @Inject
    ConfigurationFactory configurationFactory;

    @Inject
    ConfigurationService configurationService;

    @Inject
    ClientService clientService;

    @Inject
    ScopeService scopeService;

    @Inject
    EncryptionService encryptionService;

    public String getOpenIdConfigurationEndpoint() {
        return this.configurationService.find().getOpenIdConfigurationEndpoint();
    }

    public String getAuthOpenidConfigurationUrl() {
        return this.configurationFactory.getApiAppConfiguration().getAuthOpenidConfigurationUrl();
    }

    public String getIssuer() {
        return this.configurationService.find().getIssuer();
    }

    public String getServiceUrl(String str) {
        return getIssuer() + str;
    }

    public String getClientId() {
        return this.configurationFactory.getApiClientId();
    }

    public List<String> getUserExclusionAttributes() {
        return this.configurationFactory.getApiAppConfiguration().getUserExclusionAttributes();
    }

    public String getUserExclusionAttributesAsString() {
        List<String> userExclusionAttributes = getUserExclusionAttributes();
        if (userExclusionAttributes == null) {
            return null;
        }
        return (String) userExclusionAttributes.stream().collect(Collectors.joining(","));
    }

    public List<String> getUserMandatoryAttributes() {
        return this.configurationFactory.getApiAppConfiguration().getUserMandatoryAttributes();
    }

    public String getTokenUrl() {
        return this.configurationService.find().getTokenEndpoint();
    }

    public String getTokenRevocationEndpoint() {
        return this.configurationService.find().getTokenRevocationEndpoint();
    }

    public Client getClient(String str) {
        return this.clientService.getClientByInum(str);
    }

    public String getClientPassword(String str) {
        return getClient(str).getClientSecret();
    }

    public String getClientDecryptPassword(String str) {
        return decryptPassword(getClientPassword(str));
    }

    public String decryptPassword(String str) {
        String str2 = null;
        if (str != null) {
            try {
                str2 = this.encryptionService.decrypt(str);
            } catch (StringEncrypter.EncryptionException e) {
                this.log.error("Failed to decrypt password", e);
            }
        }
        return str2;
    }

    public String encryptPassword(String str) {
        String str2 = null;
        if (str != null) {
            try {
                str2 = this.encryptionService.encrypt(str);
            } catch (StringEncrypter.EncryptionException e) {
                this.log.error("Failed to decrypt password", e);
            }
        }
        return str2;
    }

    public List<Scope> getResourceScopeList(String str, String str2) {
        this.log.trace(" ResourceScopeList requested for method:{}, path:{}", str, str2);
        List list = (List) ApiProtectionCache.getAllResources().keySet().stream().filter(str3 -> {
            return str3.contains(str2);
        }).collect(Collectors.toList());
        if (list == null || list.isEmpty()) {
            throw new WebApplicationException("No matching resource found .", Response.status(Response.Status.UNAUTHORIZED).build());
        }
        List<Scope> list2 = null;
        Iterator it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            String str4 = (String) it.next();
            String[] split = str4.split(":::");
            if (split != null && split.length > 1) {
                String str5 = split[0];
                String str6 = split[1];
                this.log.trace(" Resource Scopes - httpmethod:{} , pathUrl:{} ", str5, str6);
                if (str6 != null && str6.contains(str2)) {
                    this.log.trace(" Matching url with path:{} , pathUrl:{} ", str2, str6);
                    if (str5.contains(str)) {
                        list2 = ApiProtectionCache.getResourceScopes(str4);
                        this.log.trace(" scopeList:{} for the method:{} ", list2, str);
                        break;
                    }
                }
            }
        }
        return list2;
    }

    public List<String> getAllResourceScopes() {
        Map<String, Scope> allScopes = ApiProtectionCache.getAllScopes();
        this.log.trace("All Resource Scopes - scopeMap:{}", allScopes);
        ArrayList arrayList = null;
        if (allScopes != null && !allScopes.isEmpty()) {
            arrayList = new ArrayList(allScopes.keySet());
        }
        this.log.trace("All Resource Scopes - scopeStrList:{} ", arrayList);
        return arrayList;
    }

    public List<String> getRequestedScopes(String str) {
        List<Scope> resourceScopes = ApiProtectionCache.getResourceScopes(str);
        this.log.trace("Requested scopes:{} for path:{} ", resourceScopes, str);
        ArrayList arrayList = new ArrayList();
        if (resourceScopes != null && !resourceScopes.isEmpty()) {
            Iterator<Scope> it = resourceScopes.iterator();
            while (it.hasNext()) {
                arrayList.add(it.next().getId());
            }
        }
        this.log.trace("Requested scopeStrList:{} for path:{}", arrayList, str);
        return arrayList;
    }

    public List<String> getRequestedScopes(String str, String str2) {
        this.log.trace("Requested scopes for path:{} and method:{} ", str2, str);
        List<Scope> resourceScopeList = getResourceScopeList(str, str2);
        this.log.trace("Requested scopeList:{} for path:{} and method:{} ", new Object[]{resourceScopeList, str2, str});
        ArrayList arrayList = new ArrayList();
        if (resourceScopeList != null && !resourceScopeList.isEmpty()) {
            Iterator<Scope> it = resourceScopeList.iterator();
            while (it.hasNext()) {
                arrayList.add(it.next().getId());
            }
        }
        this.log.trace("Final scopeStrList:{} for path:{} and method:{} ", new Object[]{arrayList, str2, str});
        return arrayList;
    }

    public List<String> getRequestedScopes(ResourceInfo resourceInfo) {
        this.log.trace("Requested scopes for resourceInfo:{} ", resourceInfo);
        ProtectedApi annotation = resourceInfo.getResourceClass().getAnnotation(ProtectedApi.class);
        ArrayList arrayList = new ArrayList();
        if (annotation == null) {
            addMethodScopes(resourceInfo, arrayList);
        } else {
            arrayList.addAll((Collection) Stream.of((Object[]) annotation.scopes()).collect(Collectors.toList()));
            addMethodScopes(resourceInfo, arrayList);
        }
        this.log.trace("Requested scopes:{} for resourceInfo:{} ", arrayList, resourceInfo);
        return arrayList;
    }

    public boolean validateScope(List<String> list, List<String> list2) {
        return new HashSet(list).containsAll(new HashSet(list2));
    }

    private void addMethodScopes(ResourceInfo resourceInfo, List<String> list) {
        ProtectedApi annotation = resourceInfo.getResourceMethod().getAnnotation(ProtectedApi.class);
        if (annotation != null) {
            list.addAll((Collection) Stream.of((Object[]) annotation.scopes()).collect(Collectors.toList()));
        }
    }

    public Token requestAccessToken(String str, String str2, List<String> list) {
        this.log.debug("Access Token Request - tokenUrl:{}, clientId:{}, scopes:{}", new Object[]{str, str2, list});
        String clientDecryptPassword = getClientDecryptPassword(str2);
        HashSet hashSet = new HashSet(list);
        StringBuilder sb = new StringBuilder(ScopeType.OPENID.getValue());
        Iterator it = hashSet.iterator();
        while (it.hasNext()) {
            sb.append(" ").append((String) it.next());
        }
        this.log.debug("Scope required  - {}", sb);
        TokenResponse requestAccessToken = AuthClientFactory.requestAccessToken(str, str2, clientDecryptPassword, sb.toString());
        if (requestAccessToken == null) {
            return null;
        }
        this.log.debug("Token Response - tokenScope: {}, tokenAccessToken: {} ", requestAccessToken.getScope(), requestAccessToken.getAccessToken());
        String accessToken = requestAccessToken.getAccessToken();
        Integer expiresIn = requestAccessToken.getExpiresIn();
        if (Util.allNotBlank(new String[]{accessToken})) {
            return new Token((String) null, (String) null, accessToken, ScopeType.OPENID.getValue(), expiresIn);
        }
        return null;
    }

    public void assignAllScope(String str) {
        this.log.trace("Client to be assigned all scope - {} ", str);
        Client clientByInum = this.clientService.getClientByInum(str);
        if (clientByInum == null) {
            return;
        }
        String[] allScopesArray = getAllScopesArray(getScopeWithDn(getAllScopes()));
        this.log.debug(" scope to be assigned - {} ", Arrays.asList(allScopesArray));
        clientByInum.setScopes(allScopesArray);
        this.clientService.updateClient(clientByInum);
        this.log.debug(" Verify scopes post assignment, clientId: {} , scopes: {}", str, Arrays.asList(this.clientService.getClientByInum(str).getScopes()));
    }

    public List<String> getAllScopes() {
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = ApiProtectionCache.getAllScopes().keySet().iterator();
        while (it.hasNext()) {
            arrayList.add(ApiProtectionCache.getScope(it.next()).getInum());
        }
        return arrayList;
    }

    public String[] getAllScopesArray(List<String> list) {
        String[] strArr = null;
        if (list != null && !list.isEmpty()) {
            strArr = new String[list.size()];
            for (int i = 0; i < list.size(); i++) {
                strArr[i] = list.get(i);
            }
        }
        return strArr;
    }

    public List<String> getScopeWithDn(List<String> list) {
        ArrayList arrayList = null;
        if (list != null && !list.isEmpty()) {
            arrayList = new ArrayList();
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                arrayList.add(this.scopeService.getDnForScope(it.next()));
            }
        }
        return arrayList;
    }

    public boolean isValidIssuer(String str) {
        this.log.info("Is issuer:{} present in approvedIssuer list ? {} ", str, Boolean.valueOf(this.configurationFactory.getApiApprovedIssuer().contains(str)));
        return this.configurationFactory.getApiApprovedIssuer().contains(str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v26, types: [java.util.List] */
    public List<String> getAuthSpecificScopeRequired(ResourceInfo resourceInfo) {
        this.log.debug("Fetch Auth server specific scope for resourceInfo:{} ", resourceInfo);
        List<String> requestedScopes = getRequestedScopes(resourceInfo);
        this.log.debug(" resource:{} has these scopes:{} and configured exclusiveAuthScopes are {}", new Object[]{resourceInfo, requestedScopes, this.configurationFactory.getApiAppConfiguration().getExclusiveAuthScopes()});
        ArrayList arrayList = new ArrayList();
        if (requestedScopes != null && !requestedScopes.isEmpty() && this.configurationFactory.getApiAppConfiguration().getExclusiveAuthScopes() != null && !this.configurationFactory.getApiAppConfiguration().getExclusiveAuthScopes().isEmpty()) {
            arrayList = (List) requestedScopes.stream().filter(str -> {
                return this.configurationFactory.getApiAppConfiguration().getExclusiveAuthScopes().contains(str);
            }).collect(Collectors.toList());
        }
        this.log.debug("Applicable exclusiveAuthScopes for resourceInfo:{} are {} ", resourceInfo, arrayList);
        return arrayList;
    }

    public List<String> findMissingElements(List<String> list, List<String> list2) {
        return (List) list.stream().filter(str -> {
            return !list2.contains(str);
        }).collect(Collectors.toList());
    }

    public boolean isEqualCollection(List<String> list, List<String> list2) {
        return CollectionUtils.isEqualCollection(list, list2);
    }

    public boolean containsField(List<Field> list, String str) {
        this.log.debug("allFields:{},  attribute:{}, allFields.contains(attribute):{} ", new Object[]{list, str, Boolean.valueOf(list.stream().anyMatch(field -> {
            return field.getName().equals(str);
        }))});
        return list.stream().anyMatch(field2 -> {
            return field2.getName().equals(str);
        });
    }

    public List<Field> getAllFields(Class<?> cls) {
        List<Field> allFields = getAllFields(new ArrayList(), cls);
        this.log.debug("Fields:{} of type:{}  ", allFields, cls);
        return allFields;
    }

    public List<Field> getAllFields(List<Field> list, Class<?> cls) {
        this.log.debug("fields:{} of type:{} ", list, cls);
        list.addAll(Arrays.asList(cls.getDeclaredFields()));
        if (cls.getSuperclass() != null) {
            getAllFields(list, cls.getSuperclass());
        }
        this.log.debug("Final fields:{} of type:{} ", list, cls);
        return list;
    }
}
