package gluu.scim2.client;

import java.net.URL;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.List;
import javax.ws.rs.core.Response;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.codehaus.jackson.JsonNode;
import org.codehaus.jackson.map.ObjectMapper;
import org.xdi.oxauth.client.RegisterClient;
import org.xdi.oxauth.client.RegisterRequest;
import org.xdi.oxauth.client.RegisterResponse;
import org.xdi.oxauth.client.TokenClient;
import org.xdi.oxauth.client.TokenRequest;
import org.xdi.oxauth.client.TokenResponse;
import org.xdi.oxauth.model.common.AuthenticationMethod;
import org.xdi.oxauth.model.common.GrantType;
import org.xdi.oxauth.model.common.ResponseType;
import org.xdi.oxauth.model.common.SubjectType;
import org.xdi.oxauth.model.register.ApplicationType;
import org.xdi.oxauth.model.util.Util;

/* loaded from: input_file:gluu/scim2/client/TestModeScimClient.class */
public class TestModeScimClient<T> extends AbstractScimClient<T> {
    private static final long serialVersionUID = 3141592672017122134L;
    private Logger logger;
    private String access_token;
    private String refresh_token;
    private String tokenEndpoint;
    private String registrationEndpoint;
    private static String clientId;
    private static String password;
    private static final String REDIRECT_URI = "http://localhost/";
    private static long clientExpiration = 0;
    private static ObjectMapper mapper = new ObjectMapper();
    private static final List<ResponseType> RESPONSE_TYPES = Arrays.asList(ResponseType.TOKEN);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: gluu.scim2.client.TestModeScimClient$1, reason: invalid class name */
    /* loaded from: input_file:gluu/scim2/client/TestModeScimClient$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$xdi$oxauth$model$common$GrantType = new int[GrantType.values().length];

        static {
            try {
                $SwitchMap$org$xdi$oxauth$model$common$GrantType[GrantType.CLIENT_CREDENTIALS.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$xdi$oxauth$model$common$GrantType[GrantType.REFRESH_TOKEN.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    public TestModeScimClient(Class<T> cls, String str, String str2) throws Exception {
        super(str, cls);
        this.logger = LogManager.getLogger(getClass());
        JsonNode readTree = mapper.readTree(new URL(str2));
        this.registrationEndpoint = readTree.get("registration_endpoint").asText();
        this.tokenEndpoint = readTree.get("token_endpoint").asText();
        if (!Util.allNotBlank(new String[]{this.registrationEndpoint, this.tokenEndpoint})) {
            throw new Exception("Couldn't extract endpoints from OIDC metadata URL: " + str2);
        }
        triggerRegistrationIfNeeded();
        updateTokens(GrantType.CLIENT_CREDENTIALS);
    }

    private boolean triggerRegistrationIfNeeded() throws Exception {
        boolean z = false;
        if (clientExpiration < new Date().getTime()) {
            RegisterRequest registerRequest = new RegisterRequest(ApplicationType.NATIVE, "SCIM-Client", new ArrayList());
            registerRequest.setResponseTypes(RESPONSE_TYPES);
            registerRequest.setRedirectUris(Arrays.asList(REDIRECT_URI));
            registerRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
            registerRequest.setSubjectType(SubjectType.PAIRWISE);
            registerRequest.setGrantTypes(Arrays.asList(GrantType.CLIENT_CREDENTIALS));
            RegisterClient registerClient = new RegisterClient(this.registrationEndpoint);
            registerClient.setRequest(registerRequest);
            RegisterResponse exec = registerClient.exec();
            clientId = exec.getClientId();
            password = exec.getClientSecret();
            clientExpiration = exec.getClientSecretExpiresAt().getTime();
            z = true;
        }
        return z;
    }

    private void updateTokens(GrantType grantType) {
        this.access_token = null;
        this.access_token = getTokens(grantType).getAccessToken();
        this.logger.debug("Got token: " + this.access_token);
    }

    private TokenResponse getTokens(GrantType grantType) {
        TokenRequest tokenRequest = new TokenRequest(grantType);
        tokenRequest.setAuthUsername(clientId);
        switch (AnonymousClass1.$SwitchMap$org$xdi$oxauth$model$common$GrantType[grantType.ordinal()]) {
            case 1:
                tokenRequest.setAuthPassword(password);
                break;
            case 2:
                tokenRequest.setRefreshToken(this.refresh_token);
                break;
        }
        tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
        TokenClient tokenClient = new TokenClient(this.tokenEndpoint);
        tokenClient.setRequest(tokenRequest);
        return tokenClient.exec();
    }

    @Override // gluu.scim2.client.AbstractScimClient
    String getAuthenticationHeader() {
        return "Bearer " + this.access_token;
    }

    @Override // gluu.scim2.client.AbstractScimClient
    boolean authorize(Response response) {
        try {
            triggerRegistrationIfNeeded();
            updateTokens(GrantType.CLIENT_CREDENTIALS);
            return this.access_token != null;
        } catch (Exception e) {
            this.logger.error(e.getMessage(), e);
            return false;
        }
    }
}
