package org.gluu.oxtrust.api.server.api.impl.radius;

import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.media.Content;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.gluu.model.custom.script.CustomScriptType;
import org.gluu.model.custom.script.model.CustomScript;
import org.gluu.oxtrust.api.server.api.impl.BaseWebResource;
import org.gluu.oxtrust.ldap.service.ClientService;
import org.gluu.oxtrust.ldap.service.ScopeService;
import org.gluu.oxtrust.ldap.service.radius.GluuRadiusConfigService;
import org.gluu.oxtrust.model.OxAuthClient;
import org.gluu.oxtrust.service.custom.CustomScriptService;
import org.gluu.oxtrust.service.filter.ProtectedApi;
import org.gluu.oxtrust.util.ProductInstallationChecker;
import org.gluu.radius.model.ServerConfiguration;
import org.slf4j.Logger;

@Path("/api/v1/radius/settings")
@Consumes({"application/json"})
@Produces({"application/json"})
@ApplicationScoped
/* loaded from: input_file:org/gluu/oxtrust/api/server/api/impl/radius/GluuRadiusConfigWebResource.class */
public class GluuRadiusConfigWebResource extends BaseWebResource {

    @Inject
    private Logger logger;

    @Inject
    private GluuRadiusConfigService gluuRadiusConfigService;

    @Inject
    private ScopeService scopeService;

    @Inject
    private CustomScriptService customScriptService;

    @Inject
    private ClientService clientService;

    @GET
    @Operation(summary = "Get Radius Server Configuration", description = "Get Radius Server Configuration")
    @ProtectedApi(scopes = {"oxtrust-api-read"})
    @ApiResponses({@ApiResponse(responseCode = "200", content = {@Content(schema = @Schema(implementation = ServerConfiguration.class))}, description = "Success"), @ApiResponse(responseCode = "403", description = "Gluu Radius is not installed"), @ApiResponse(responseCode = "404", description = "Gluu Radius configuration not found"), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public Response getServerConfig() {
        log(this.logger, "Get radius server configuration");
        try {
            if (!ProductInstallationChecker.isGluuRadiusInstalled()) {
                return Response.status(Response.Status.FORBIDDEN).build();
            }
            ServerConfiguration serverConfiguration = this.gluuRadiusConfigService.getServerConfiguration();
            return serverConfiguration == null ? Response.status(Response.Status.NOT_FOUND).build() : Response.ok(serverConfiguration).build();
        } catch (Exception e) {
            log(this.logger, e);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        }
    }

    @Operation(summary = "Get Radius Server Configuration", description = "Update Radius Server Configuration")
    @ProtectedApi(scopes = {"oxtrust-api-write"})
    @PUT
    @ApiResponses({@ApiResponse(responseCode = "200", content = {@Content(schema = @Schema(implementation = ServerConfiguration.class))}, description = "Success"), @ApiResponse(responseCode = "403", description = "Gluu Radius is not installed"), @ApiResponse(responseCode = "404", description = "Gluu Radius configuration not found"), @ApiResponse(responseCode = "500", description = "Internal server error")})
    public Response updateServerConfiguration(ServerConfiguration serverConfiguration) {
        log(this.logger, "Update radius server configuration");
        try {
            if (!ProductInstallationChecker.isGluuRadiusInstalled()) {
                return Response.status(Response.Status.FORBIDDEN).build();
            }
            Objects.requireNonNull(serverConfiguration);
            ServerConfiguration serverConfiguration2 = this.gluuRadiusConfigService.getServerConfiguration();
            if (serverConfiguration2 == null) {
                return Response.status(Response.Status.NOT_FOUND).build();
            }
            if (serverConfiguration.getListenInterface() == null) {
                serverConfiguration.setListenInterface(serverConfiguration2.getListenInterface());
            }
            if (serverConfiguration.getAuthPort() == null) {
                serverConfiguration.setAuthPort(serverConfiguration2.getAuthPort());
            }
            if (serverConfiguration.getAcctPort() == null) {
                serverConfiguration.setAcctPort(serverConfiguration2.getAcctPort());
            }
            if (serverConfiguration.getOpenidBaseUrl() == null) {
                serverConfiguration.setOpenidBaseUrl(serverConfiguration2.getOpenidBaseUrl());
            }
            if (serverConfiguration.getOpenidUsername() == null) {
                serverConfiguration.setOpenidUsername(serverConfiguration2.getOpenidUsername());
                serverConfiguration.setOpenidPassword(serverConfiguration2.getOpenidPassword());
            } else {
                OxAuthClient clientByInum = this.clientService.getClientByInum(serverConfiguration.getOpenidUsername());
                if (clientByInum == null) {
                    serverConfiguration.setOpenidUsername(serverConfiguration2.getOpenidUsername());
                    serverConfiguration.setOpenidPassword(serverConfiguration2.getOpenidPassword());
                } else {
                    serverConfiguration.setOpenidPassword(clientByInum.getEncodedClientSecret());
                }
            }
            String acrValue = serverConfiguration.getAcrValue();
            if (acrValue == null || (acrValue != null && !isValidAcrValue(acrValue))) {
                serverConfiguration.setAcrValue(serverConfiguration2.getAcrValue());
            }
            List scopes = serverConfiguration.getScopes();
            if (scopes == null || (scopes != null && scopes.isEmpty())) {
                serverConfiguration.setScopes(serverConfiguration2.getScopes());
            } else {
                List list = scopes;
                Iterator it = scopes.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    if (!isValidScope((String) it.next())) {
                        list = serverConfiguration2.getScopes();
                        break;
                    }
                }
                serverConfiguration.setScopes(list);
            }
            if (serverConfiguration.getAuthenticationTimeout() == null || serverConfiguration.getAuthenticationTimeout().intValue() <= 0) {
                serverConfiguration.setAuthenticationTimeout(serverConfiguration2.getAuthenticationTimeout());
            }
            this.gluuRadiusConfigService.updateServerConfiguration(serverConfiguration);
            return Response.ok(this.gluuRadiusConfigService.getServerConfiguration()).build();
        } catch (Exception e) {
            log(this.logger, e);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        }
    }

    private final boolean isValidAcrValue(String str) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(CustomScriptType.RESOURCE_OWNER_PASSWORD_CREDENTIALS);
        for (CustomScript customScript : this.customScriptService.findCustomScripts(arrayList, new String[0])) {
            if (customScript.isEnabled() && StringUtils.equals(customScript.getName(), str)) {
                return true;
            }
        }
        return false;
    }

    private final boolean isValidScope(String str) throws Exception {
        return this.scopeService.getScopeByDn(str) != null;
    }
}
