package org.gluu.oxd;

import java.io.IOException;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.codehaus.jackson.node.POJONode;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xdi.oxd.client.CommandClient;
import org.xdi.oxd.client.CommandClientPool;
import org.xdi.oxd.common.Command;
import org.xdi.oxd.common.CommandResponse;
import org.xdi.oxd.common.CommandType;
import org.xdi.oxd.common.CoreUtils;
import org.xdi.oxd.common.ErrorResponse;
import org.xdi.oxd.common.HttpErrorResponseException;
import org.xdi.oxd.common.ResponseStatus;
import org.xdi.oxd.common.params.GetAccessTokenByRefreshTokenParams;
import org.xdi.oxd.common.params.GetAuthorizationUrlParams;
import org.xdi.oxd.common.params.GetClientTokenParams;
import org.xdi.oxd.common.params.GetLogoutUrlParams;
import org.xdi.oxd.common.params.GetTokensByCodeParams;
import org.xdi.oxd.common.params.GetUserInfoParams;
import org.xdi.oxd.common.params.IParams;
import org.xdi.oxd.common.params.IntrospectAccessTokenParams;
import org.xdi.oxd.common.params.IntrospectRptParams;
import org.xdi.oxd.common.params.RegisterSiteParams;
import org.xdi.oxd.common.params.RemoveSiteParams;
import org.xdi.oxd.common.params.RpGetClaimsGatheringUrlParams;
import org.xdi.oxd.common.params.RpGetRptParams;
import org.xdi.oxd.common.params.RsCheckAccessParams;
import org.xdi.oxd.common.params.RsProtectParams;
import org.xdi.oxd.common.params.SetupClientParams;
import org.xdi.oxd.common.params.UpdateSiteParams;
import org.xdi.oxd.rs.protect.Jackson;

@Path("/")
/* loaded from: input_file:org/gluu/oxd/RestResource.class */
public class RestResource {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) RestResource.class);
    private final CommandClientPool pool;

    public RestResource(OxdHttpsConfiguration oxdHttpsConfiguration) {
        this.pool = new CommandClientPool(oxdHttpsConfiguration.getOxdConnectionExpirationInSeconds(), oxdHttpsConfiguration.getOxdHost(), Integer.parseInt(oxdHttpsConfiguration.getOxdPort()));
    }

    @GET
    @Produces({"application/json"})
    @Path("/health-check")
    public String healthCheck() {
        return "running";
    }

    @Path("/setup-client")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String setupClient(String str) {
        return response(send(CommandType.SETUP_CLIENT, (IParams) read(str, SetupClientParams.class)));
    }

    @Path("/get-client-token")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getClientToken(String str) {
        return response(send(CommandType.GET_CLIENT_TOKEN, (IParams) read(str, GetClientTokenParams.class)));
    }

    @Path("/introspect-access-token")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String introspectAccessToken(@HeaderParam("Authorization") String str, String str2) {
        IntrospectAccessTokenParams introspectAccessTokenParams = (IntrospectAccessTokenParams) read(str2, IntrospectAccessTokenParams.class);
        introspectAccessTokenParams.setProtectionAccessToken(validateAccessToken(str));
        return response(send(CommandType.INTROSPECT_ACCESS_TOKEN, introspectAccessTokenParams));
    }

    @Path("/introspect-rpt")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String introspectRpt(@HeaderParam("Authorization") String str, String str2) {
        IntrospectRptParams introspectRptParams = (IntrospectRptParams) read(str2, IntrospectRptParams.class);
        introspectRptParams.setProtectionAccessToken(validateAccessToken(str));
        return response(send(CommandType.INTROSPECT_RPT, introspectRptParams));
    }

    @Path("/register-site")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String registerSite(@HeaderParam("Authorization") String str, String str2) {
        RegisterSiteParams registerSiteParams = (RegisterSiteParams) read(str2, RegisterSiteParams.class);
        registerSiteParams.setProtectionAccessToken(validateAccessToken(str));
        return response(send(CommandType.REGISTER_SITE, registerSiteParams));
    }

    @Path("/update-site")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String updateSite(@HeaderParam("Authorization") String str, String str2) {
        UpdateSiteParams updateSiteParams = (UpdateSiteParams) read(str2, UpdateSiteParams.class);
        updateSiteParams.setProtectionAccessToken(validateAccessToken(str));
        return response(send(CommandType.UPDATE_SITE, updateSiteParams));
    }

    @Path("/remove-site")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String removeSite(@HeaderParam("Authorization") String str, String str2) {
        RemoveSiteParams removeSiteParams = (RemoveSiteParams) read(str2, RemoveSiteParams.class);
        removeSiteParams.setProtectionAccessToken(validateAccessToken(str));
        return response(send(CommandType.REMOVE_SITE, removeSiteParams));
    }

    @Path("/get-authorization-url")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getAuthorizationUrl(@HeaderParam("Authorization") String str, String str2) {
        GetAuthorizationUrlParams getAuthorizationUrlParams = (GetAuthorizationUrlParams) read(str2, GetAuthorizationUrlParams.class);
        getAuthorizationUrlParams.setProtectionAccessToken(validateAccessToken(str));
        return response(send(CommandType.GET_AUTHORIZATION_URL, getAuthorizationUrlParams));
    }

    @Path("/get-tokens-by-code")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getTokenByCode(@HeaderParam("Authorization") String str, String str2) {
        GetTokensByCodeParams getTokensByCodeParams = (GetTokensByCodeParams) read(str2, GetTokensByCodeParams.class);
        getTokensByCodeParams.setProtectionAccessToken(validateAccessToken(str));
        return response(send(CommandType.GET_TOKENS_BY_CODE, getTokensByCodeParams));
    }

    @Path("/get-user-info")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getUserInfo(@HeaderParam("Authorization") String str, String str2) {
        GetUserInfoParams getUserInfoParams = (GetUserInfoParams) read(str2, GetUserInfoParams.class);
        getUserInfoParams.setProtectionAccessToken(validateAccessToken(str));
        return response(send(CommandType.GET_USER_INFO, getUserInfoParams));
    }

    @Path("/get-logout-uri")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getLogoutUri(@HeaderParam("Authorization") String str, String str2) {
        GetLogoutUrlParams getLogoutUrlParams = (GetLogoutUrlParams) read(str2, GetLogoutUrlParams.class);
        getLogoutUrlParams.setProtectionAccessToken(validateAccessToken(str));
        return response(send(CommandType.GET_LOGOUT_URI, getLogoutUrlParams));
    }

    @Path("/get-access-token-by-refresh-token")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getAccessTokenByRefreshToken(@HeaderParam("Authorization") String str, String str2) {
        GetAccessTokenByRefreshTokenParams getAccessTokenByRefreshTokenParams = (GetAccessTokenByRefreshTokenParams) read(str2, GetAccessTokenByRefreshTokenParams.class);
        getAccessTokenByRefreshTokenParams.setProtectionAccessToken(validateAccessToken(str));
        return response(send(CommandType.GET_ACCESS_TOKEN_BY_REFRESH_TOKEN, getAccessTokenByRefreshTokenParams));
    }

    @Path("/uma-rs-protect")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String umaRsProtect(@HeaderParam("Authorization") String str, String str2) {
        RsProtectParams rsProtectParams = (RsProtectParams) read(str2, RsProtectParams.class);
        rsProtectParams.setProtectionAccessToken(validateAccessToken(str));
        return response(send(CommandType.RS_PROTECT, rsProtectParams));
    }

    @Path("/uma-rs-check-access")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String umaRsCheckAccess(@HeaderParam("Authorization") String str, String str2) {
        RsCheckAccessParams rsCheckAccessParams = (RsCheckAccessParams) read(str2, RsCheckAccessParams.class);
        rsCheckAccessParams.setProtectionAccessToken(validateAccessToken(str));
        return response(send(CommandType.RS_CHECK_ACCESS, rsCheckAccessParams));
    }

    @Path("/uma-rp-get-rpt")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String umaRpGetRpt(@HeaderParam("Authorization") String str, String str2) {
        RpGetRptParams rpGetRptParams = (RpGetRptParams) read(str2, RpGetRptParams.class);
        rpGetRptParams.setProtectionAccessToken(validateAccessToken(str));
        return response(send(CommandType.RP_GET_RPT, rpGetRptParams));
    }

    @Path("/uma-rp-get-claims-gathering-url")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String umaRpGetClaimsGatheringUrl(@HeaderParam("Authorization") String str, String str2) {
        RpGetClaimsGatheringUrlParams rpGetClaimsGatheringUrlParams = (RpGetClaimsGatheringUrlParams) read(str2, RpGetClaimsGatheringUrlParams.class);
        rpGetClaimsGatheringUrlParams.setProtectionAccessToken(validateAccessToken(str));
        return response(send(CommandType.RP_GET_CLAIMS_GATHERING_URL, rpGetClaimsGatheringUrlParams));
    }

    public static <T> T read(String str, Class<T> cls) {
        try {
            return (T) Jackson.createJsonMapper().readValue(str, cls);
        } catch (IOException e) {
            LOG.error("Invalid params: " + str, (Throwable) e);
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Invalid parameters. Message: " + e.getMessage()).build());
        }
    }

    public static String response(CommandResponse commandResponse) {
        HttpErrorResponseException parseSilently;
        if (commandResponse == null) {
            LOG.error("Command response is null, please check oxd-server.log file of oxd-server application.");
            throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Command response is null, please check oxd-server.log file of oxd-server application.").build());
        }
        if (commandResponse.getStatus() == ResponseStatus.ERROR && (parseSilently = HttpErrorResponseException.parseSilently((ErrorResponse) commandResponse.dataAsResponse(ErrorResponse.class))) != null) {
            throw new WebApplicationException(parseSilently.getEntity(), parseSilently.getHttpStatus());
        }
        String asJsonSilently = CoreUtils.asJsonSilently(commandResponse);
        LOG.trace("Send back response: {}", asJsonSilently);
        return asJsonSilently;
    }

    public static String validateAccessToken(String str) {
        if (StringUtils.isNotEmpty(str) && str.startsWith("Bearer ")) {
            String substring = str.substring("Bearer ".length());
            if (StringUtils.isNotBlank(substring)) {
                return substring;
            }
        }
        LOG.debug("No access token provided in Authorization header. Forbidden.");
        throw new WebApplicationException(forbiddenErrorResponse(), Response.Status.FORBIDDEN);
    }

    public static String forbiddenErrorResponse() {
        ErrorResponse errorResponse = new ErrorResponse("403");
        errorResponse.setErrorDescription("Forbidden Access");
        return CoreUtils.asJsonSilently(CommandResponse.error().setData(new POJONode(errorResponse)));
    }

    public CommandResponse send(CommandType commandType, IParams iParams) {
        CommandClient checkOut = checkOut();
        try {
            LOG.trace("Command " + commandType + " executed by client: " + checkOut.getNameForLogger());
            CommandResponse send = checkOut.send(new Command(commandType).setParamsObject(iParams));
            if (send != null) {
                this.pool.checkIn(checkOut);
            } else {
                this.pool.expire(checkOut);
            }
            return send;
        } catch (Exception e) {
            LOG.error(e.getMessage(), (Throwable) e);
            this.pool.expire(checkOut);
            return null;
        }
    }

    private CommandClient checkOut() {
        CommandClient checkOut = this.pool.checkOut();
        if (checkOut != null) {
            return checkOut;
        }
        LOG.error("Failed to initialize command client.");
        throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Command client is not able to connect to oxd-server.").build());
    }
}
