package org.xdi.oxauth.model.common;

import com.unboundid.ldap.sdk.DN;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.RDN;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.jboss.seam.Component;
import org.jboss.seam.log.Log;
import org.jboss.seam.log.Logging;
import org.xdi.oxauth.model.authorize.JwtAuthorizationRequest;
import org.xdi.oxauth.model.ldap.TokenLdap;
import org.xdi.oxauth.model.ldap.TokenType;
import org.xdi.oxauth.model.registration.Client;
import org.xdi.oxauth.model.util.Util;
import org.xdi.oxauth.service.ClientService;
import org.xdi.oxauth.service.GrantService;
import org.xdi.oxauth.service.UserService;

/* loaded from: input_file:org/xdi/oxauth/model/common/AuthorizationGrantListLdap.class */
public class AuthorizationGrantListLdap implements IAuthorizationGrantList {
    private static final Log LOGGER = Logging.getLog(AuthorizationGrantListLdap.class);
    private final GrantService m_grantServive = GrantService.instance();
    private final UserService m_userService = (UserService) Component.getInstance(UserService.class);
    private final ClientService m_clientService = (ClientService) Component.getInstance(ClientService.class);

    private AuthorizationGrantListLdap() {
    }

    public static AuthorizationGrantListLdap instance() {
        return new AuthorizationGrantListLdap();
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrantList
    public List<AuthorizationGrant> getAuthorizationGrants() {
        return Collections.emptyList();
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrantList
    public void removeAuthorizationGrants(List<AuthorizationGrant> list) {
        if (list == null || list.isEmpty()) {
            return;
        }
        Iterator<AuthorizationGrant> it = list.iterator();
        while (it.hasNext()) {
            this.m_grantServive.remove(it.next());
        }
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrantList
    public void addAuthorizationGrant(AuthorizationGrant authorizationGrant) {
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrantList
    public AuthorizationGrant createAuthorizationGrant(User user, Client client, Date date) {
        return new AuthorizationGrant(user, null, client, date);
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrantList
    public AuthorizationCodeGrant createAuthorizationCodeGrant(User user, Client client, Date date) {
        AuthorizationCodeGrant authorizationCodeGrant = new AuthorizationCodeGrant(user, client, date);
        ((AuthorizationGrantLdap) authorizationCodeGrant.getGrant()).persist(authorizationCodeGrant.getAuthorizationCode());
        return authorizationCodeGrant;
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrantList
    public ImplicitGrant createImplicitGrant(User user, Client client, Date date) {
        return new ImplicitGrant(user, client, date);
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrantList
    public ClientCredentialsGrant createClientCredentialsGrant(User user, Client client) {
        return new ClientCredentialsGrant(user, client);
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrantList
    public ResourceOwnerPasswordCredentialsGrant createResourceOwnerPasswordCredentialsGrant(User user, Client client) {
        return new ResourceOwnerPasswordCredentialsGrant(user, client);
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrantList
    public AuthorizationCodeGrant getAuthorizationCodeGrant(String str, String str2) {
        return (AuthorizationCodeGrant) load(str, str2);
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrantList
    public AuthorizationGrant getAuthorizationGrantByRefreshToken(String str, String str2) {
        return load(str, str2);
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrantList
    public List<AuthorizationGrant> getAuthorizationGrant(String str) {
        ArrayList arrayList = new ArrayList();
        try {
            List<TokenLdap> grantsOfClient = this.m_grantServive.getGrantsOfClient(str);
            if (grantsOfClient != null && !grantsOfClient.isEmpty()) {
                Iterator<TokenLdap> it = grantsOfClient.iterator();
                while (it.hasNext()) {
                    AuthorizationGrant asGrant = asGrant(it.next());
                    if (asGrant != null) {
                        arrayList.add(asGrant);
                    }
                }
            }
        } catch (Exception e) {
            LOGGER.trace(e.getMessage(), e, new Object[0]);
        }
        return arrayList;
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrantList
    public AuthorizationGrant getAuthorizationGrantByAccessToken(String str) {
        TokenLdap grantsByCode = this.m_grantServive.getGrantsByCode(str);
        if (grantsByCode == null) {
            return null;
        }
        if (grantsByCode.getTokenTypeEnum() == TokenType.ACCESS_TOKEN || grantsByCode.getTokenTypeEnum() == TokenType.LONG_LIVED_ACCESS_TOKEN) {
            return asGrant(grantsByCode);
        }
        return null;
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrantList
    public AuthorizationGrant getAuthorizationGrantByIdToken(String str) {
        return asGrant(this.m_grantServive.getGrantsByCode(str));
    }

    public AuthorizationGrant load(String str, String str2) {
        return asGrant(this.m_grantServive.getGrantsByCodeAndClient(str2, str));
    }

    public static String extractClientIdFromTokenDn(String str) {
        try {
            if (StringUtils.isNotBlank(str)) {
                RDN[] rDNs = DN.getRDNs(str);
                if (ArrayUtils.isNotEmpty(rDNs)) {
                    for (RDN rdn : rDNs) {
                        String[] attributeNames = rdn.getAttributeNames();
                        if (ArrayUtils.isNotEmpty(attributeNames) && Arrays.asList(attributeNames).contains("inum")) {
                            String[] attributeValues = rdn.getAttributeValues();
                            if (ArrayUtils.isNotEmpty(attributeValues)) {
                                return attributeValues[0];
                            }
                        }
                    }
                }
            }
            return "";
        } catch (LDAPException e) {
            LOGGER.trace(e.getMessage(), e, new Object[0]);
            return "";
        }
    }

    public AuthorizationGrant asGrant(TokenLdap tokenLdap) {
        AuthorizationGrantType fromString;
        AuthorizationGrant resourceOwnerPasswordCredentialsGrant;
        if (tokenLdap == null || (fromString = AuthorizationGrantType.fromString(tokenLdap.getGrantType())) == null) {
            return null;
        }
        User user = this.m_userService.getUser(tokenLdap.getUserId());
        Client client = this.m_clientService.getClient(extractClientIdFromTokenDn(tokenLdap.getDn()));
        Date parseSilently = org.xdi.oxauth.model.util.StringUtils.parseSilently(tokenLdap.getAuthenticationTime());
        String nonce = tokenLdap.getNonce();
        switch (fromString) {
            case AUTHORIZATION_CODE:
                resourceOwnerPasswordCredentialsGrant = new AuthorizationCodeGrant(user, client, parseSilently);
                break;
            case CLIENT_CREDENTIALS:
                resourceOwnerPasswordCredentialsGrant = new ClientCredentialsGrant(user, client);
                break;
            case IMPLICIT:
                resourceOwnerPasswordCredentialsGrant = new ImplicitGrant(user, client, parseSilently);
                break;
            case RESOURCE_OWNER_PASSWORD_CREDENTIALS:
                resourceOwnerPasswordCredentialsGrant = new ResourceOwnerPasswordCredentialsGrant(user, client);
                break;
            default:
                return null;
        }
        String grantId = tokenLdap.getGrantId();
        String jwtRequest = tokenLdap.getJwtRequest();
        String authLevel = tokenLdap.getAuthLevel();
        String authMode = tokenLdap.getAuthMode();
        resourceOwnerPasswordCredentialsGrant.setNonce(nonce);
        resourceOwnerPasswordCredentialsGrant.setTokenLdap(tokenLdap);
        if (StringUtils.isNotBlank(grantId)) {
            resourceOwnerPasswordCredentialsGrant.setGrantId(grantId);
        }
        resourceOwnerPasswordCredentialsGrant.setScopes(Util.splittedStringAsList(tokenLdap.getScope(), " "));
        if (StringUtils.isNotBlank(jwtRequest)) {
            try {
                resourceOwnerPasswordCredentialsGrant.setJwtAuthorizationRequest(new JwtAuthorizationRequest(jwtRequest, client));
            } catch (Exception e) {
                LOGGER.trace(e.getMessage(), e, new Object[0]);
            }
        }
        resourceOwnerPasswordCredentialsGrant.setAuthLevel(authLevel);
        resourceOwnerPasswordCredentialsGrant.setAuthMode(authMode);
        if (tokenLdap.getTokenTypeEnum() != null) {
            switch (tokenLdap.getTokenTypeEnum()) {
                case AUTHORIZATION_CODE:
                    if (resourceOwnerPasswordCredentialsGrant instanceof AuthorizationCodeGrant) {
                        ((AuthorizationCodeGrant) resourceOwnerPasswordCredentialsGrant).setAuthorizationCode(new AuthorizationCode(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate()));
                        break;
                    }
                    break;
                case REFRESH_TOKEN:
                    resourceOwnerPasswordCredentialsGrant.setRefreshTokens(Arrays.asList(new RefreshToken(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate())));
                    break;
                case ACCESS_TOKEN:
                    resourceOwnerPasswordCredentialsGrant.setAccessTokens(Arrays.asList(new AccessToken(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate())));
                    break;
                case ID_TOKEN:
                    resourceOwnerPasswordCredentialsGrant.setIdToken(new IdToken(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate()));
                    break;
                case LONG_LIVED_ACCESS_TOKEN:
                    resourceOwnerPasswordCredentialsGrant.setLongLivedAccessToken(new AccessToken(tokenLdap.getTokenCode(), tokenLdap.getCreationDate(), tokenLdap.getExpirationDate()));
                    break;
            }
        }
        return resourceOwnerPasswordCredentialsGrant;
    }
}
