package org.gluu.oxd.server.service;

import com.google.inject.Inject;
import io.dropwizard.util.Strings;
import java.io.IOException;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import javax.net.ssl.SSLHandshakeException;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.gluu.oxauth.client.OpenIdConfigurationClient;
import org.gluu.oxauth.client.OpenIdConfigurationResponse;
import org.gluu.oxauth.model.uma.UmaMetadata;
import org.gluu.oxd.common.ErrorResponseCode;
import org.gluu.oxd.server.HttpException;
import org.gluu.oxd.server.op.OpClientFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/gluu/oxd/server/service/DiscoveryService.class */
public class DiscoveryService {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) DiscoveryService.class);
    public static final String WELL_KNOWN_CONNECT_PATH = "/.well-known/openid-configuration";
    public static final String WELL_KNOWN_UMA_PATH = "/.well-known/uma2-configuration";
    private final ConcurrentMap<String, OpenIdConfigurationResponse> map = new ConcurrentHashMap();
    private final ConcurrentMap<String, UmaMetadata> umaMap = new ConcurrentHashMap();
    private final HttpService httpService;
    private final RpSyncService rpSyncService;
    private final ValidationService validationService;
    private final OpClientFactory opClientFactory;

    @Inject
    public DiscoveryService(HttpService httpService, RpSyncService rpSyncService, ValidationService validationService, OpClientFactory opClientFactory) {
        this.httpService = httpService;
        this.rpSyncService = rpSyncService;
        this.validationService = validationService;
        this.opClientFactory = opClientFactory;
    }

    public OpenIdConfigurationResponse getConnectDiscoveryResponseByOxdId(String str) {
        this.validationService.notBlankOxdId(str);
        return getConnectDiscoveryResponse(this.rpSyncService.getRp(str));
    }

    public OpenIdConfigurationResponse getConnectDiscoveryResponse(Rp rp) {
        return getConnectDiscoveryResponse(rp.getOpConfigurationEndpoint(), rp.getOpHost(), rp.getOpDiscoveryPath());
    }

    public OpenIdConfigurationResponse getConnectDiscoveryResponse(String str, String str2, String str3) {
        return Strings.isNullOrEmpty(str) ? getConnectDiscoveryResponse(getConnectDiscoveryUrl(str2, str3)) : getConnectDiscoveryResponse(str);
    }

    public OpenIdConfigurationResponse getConnectDiscoveryResponse(String str) {
        OpenIdConfigurationResponse openIdConfigurationResponse;
        this.validationService.validateOpConfigurationEndpoint(str);
        try {
            openIdConfigurationResponse = this.map.get(str);
        } catch (SSLHandshakeException e) {
            LOG.error(e.getMessage(), (Throwable) e);
            throw new HttpException(ErrorResponseCode.SSL_HANDSHAKE_ERROR);
        } catch (IOException e2) {
            LOG.error(e2.getMessage(), (Throwable) e2);
            throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Internal server error. Message: " + e2.getMessage()).build());
        } catch (Exception e3) {
            LOG.error(e3.getMessage(), (Throwable) e3);
        }
        if (openIdConfigurationResponse != null) {
            this.validationService.isOpHostAllowed(openIdConfigurationResponse.getIssuer());
            return openIdConfigurationResponse;
        }
        OpenIdConfigurationClient createOpenIdConfigurationClient = this.opClientFactory.createOpenIdConfigurationClient(str);
        createOpenIdConfigurationClient.setExecutor(this.httpService.getClientExecutor());
        OpenIdConfigurationResponse execOpenIdConfiguration = createOpenIdConfigurationClient.execOpenIdConfiguration();
        LOG.trace("Discovery response: {} ", execOpenIdConfiguration.getEntity());
        if (StringUtils.isNotBlank(execOpenIdConfiguration.getEntity())) {
            this.map.put(str, execOpenIdConfiguration);
            this.validationService.isOpHostAllowed(execOpenIdConfiguration.getIssuer());
            return execOpenIdConfiguration;
        }
        LOG.error("No response from discovery!");
        LOG.error("Unable to fetch discovery information for op_configuration_endpoint: {}", str);
        throw new HttpException(ErrorResponseCode.NO_CONNECT_DISCOVERY_RESPONSE);
    }

    public UmaMetadata getUmaDiscoveryByOxdId(String str) {
        this.validationService.notBlankOxdId(str);
        Rp rp = this.rpSyncService.getRp(str);
        return getUmaDiscovery(rp.getOpConfigurationEndpoint(), rp.getOpHost(), rp.getOpDiscoveryPath());
    }

    public UmaMetadata getUmaDiscovery(String str, String str2, String str3) {
        return Strings.isNullOrEmpty(str) ? getUmaDiscovery(getConnectDiscoveryUrl(str2, str3)) : getUmaDiscovery(str);
    }

    public UmaMetadata getUmaDiscovery(String str) {
        this.validationService.validateOpConfigurationEndpoint(str);
        try {
            UmaMetadata umaMetadata = this.umaMap.get(str);
            if (umaMetadata != null) {
                this.validationService.isOpHostAllowed(umaMetadata.getIssuer());
                return umaMetadata;
            }
            UmaMetadata metadata = this.opClientFactory.createUmaClientFactory().createMetadataService(getUmaDiscoveryUrl(str), this.httpService.getClientEngine()).getMetadata();
            LOG.trace("Uma discovery response: {} ", metadata);
            this.umaMap.put(str, metadata);
            this.validationService.isOpHostAllowed(metadata.getIssuer());
            return metadata;
        } catch (Exception e) {
            LOG.error(e.getMessage(), (Throwable) e);
            LOG.error("Unable to fetch UMA discovery information for op_configuration_endpoint: {}", str);
            throw new HttpException(ErrorResponseCode.NO_UMA_DISCOVERY_RESPONSE);
        }
    }

    public String getConnectDiscoveryUrl(Rp rp) {
        return getConnectDiscoveryUrl(rp.getOpHost(), rp.getOpDiscoveryPath());
    }

    public String getConnectDiscoveryUrl(String str, String str2) {
        String baseOpUrl = baseOpUrl(str);
        if (StringUtils.isNotBlank(str2)) {
            baseOpUrl = baseOpUrl + str2;
        }
        return baseOpUrl + WELL_KNOWN_CONNECT_PATH;
    }

    public String getUmaDiscoveryUrl(String str, String str2) {
        String baseOpUrl = baseOpUrl(str);
        if (StringUtils.isNotBlank(str2)) {
            baseOpUrl = baseOpUrl + str2;
        }
        return baseOpUrl + "/.well-known/uma2-configuration";
    }

    public String getUmaDiscoveryUrl(String str) {
        return baseOpUrl(str).replace(WELL_KNOWN_CONNECT_PATH, "/.well-known/uma2-configuration");
    }

    private String baseOpUrl(String str) {
        if (!str.startsWith("http")) {
            str = "https://" + str;
        }
        if (str.endsWith("/")) {
            str = StringUtils.removeEnd(str, "/");
        }
        return str;
    }
}
