package org.xdi.oxd.server.op;

import com.google.inject.Injector;
import java.util.ArrayList;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xdi.oxauth.client.AuthorizationRequest;
import org.xdi.oxauth.client.AuthorizationResponse;
import org.xdi.oxauth.client.AuthorizeClient;
import org.xdi.oxauth.client.ClientUtils;
import org.xdi.oxauth.client.OpenIdConfigurationResponse;
import org.xdi.oxauth.client.TokenClient;
import org.xdi.oxauth.client.TokenRequest;
import org.xdi.oxauth.client.TokenResponse;
import org.xdi.oxauth.model.common.AuthenticationMethod;
import org.xdi.oxauth.model.common.GrantType;
import org.xdi.oxauth.model.common.Prompt;
import org.xdi.oxauth.model.common.ResponseType;
import org.xdi.oxauth.model.uma.UmaConfiguration;
import org.xdi.oxauth.model.uma.UmaScopeType;
import org.xdi.oxauth.model.util.Util;
import org.xdi.oxd.common.Command;
import org.xdi.oxd.common.CommandResponse;
import org.xdi.oxd.common.params.ObtainPatParams;
import org.xdi.oxd.common.response.ObtainPatOpResponse;
import org.xdi.oxd.server.Configuration;

/* loaded from: input_file:org/xdi/oxd/server/op/ObtainPatOperation.class */
public class ObtainPatOperation extends BaseOperation {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) ObtainPatOperation.class);

    /* JADX INFO: Access modifiers changed from: protected */
    public ObtainPatOperation(Command command, Injector injector) {
        super(command, injector);
    }

    public UmaScopeType getScope() {
        return UmaScopeType.PROTECTION;
    }

    @Override // org.xdi.oxd.server.op.IOperation
    public CommandResponse execute() {
        ObtainPatOpResponse obtainPatWithUserCredentials;
        try {
            ObtainPatParams obtainPatParams = (ObtainPatParams) asParams(ObtainPatParams.class);
            if (obtainPatParams != null) {
                OpenIdConfigurationResponse connectDiscoveryResponse = getDiscoveryService().getConnectDiscoveryResponse(obtainPatParams.getDiscoveryUrl());
                UmaConfiguration umaDiscovery = getDiscoveryService().getUmaDiscovery(obtainPatParams.getUmaDiscoveryUrl());
                if (connectDiscoveryResponse == null || umaDiscovery == null) {
                    LOG.error("No discovery response!");
                } else {
                    if (useClientAuthentication()) {
                        LOG.trace("Try to obtain PAT with client authentication...");
                        obtainPatWithUserCredentials = obtainPatWithClientCredentials(connectDiscoveryResponse, obtainPatParams);
                    } else {
                        LOG.trace("Try to obtain PAT with user credentials...");
                        obtainPatWithUserCredentials = obtainPatWithUserCredentials(connectDiscoveryResponse, obtainPatParams);
                    }
                    if (obtainPatWithUserCredentials != null) {
                        return okResponse(obtainPatWithUserCredentials);
                    }
                }
            }
        } catch (Exception e) {
            LOG.error(e.getMessage(), (Throwable) e);
        }
        return CommandResponse.INTERNAL_ERROR_RESPONSE;
    }

    public boolean useClientAuthentication() {
        Configuration configuration = getConfiguration();
        return (configuration == null || configuration.getUseClientAuthenticationForPat() == null || !configuration.getUseClientAuthenticationForPat().booleanValue()) ? false : true;
    }

    private ObtainPatOpResponse obtainPatWithClientCredentials(OpenIdConfigurationResponse openIdConfigurationResponse, ObtainPatParams obtainPatParams) {
        TokenClient tokenClient = new TokenClient(openIdConfigurationResponse.getTokenEndpoint());
        tokenClient.setExecutor(getHttpService().getClientExecutor());
        TokenResponse execClientCredentialsGrant = tokenClient.execClientCredentialsGrant(getScope().getValue() + " openid", obtainPatParams.getClientId(), obtainPatParams.getClientSecret());
        if (execClientCredentialsGrant == null) {
            LOG.error("No response from TokenClient");
            return null;
        }
        String accessToken = execClientCredentialsGrant.getAccessToken();
        if (!Util.allNotBlank(accessToken)) {
            LOG.error("PAT token is blank in response");
            return null;
        }
        ObtainPatOpResponse obtainPatOpResponse = new ObtainPatOpResponse();
        obtainPatOpResponse.setPatToken(accessToken);
        obtainPatOpResponse.setPatRefreshToken(execClientCredentialsGrant.getRefreshToken());
        obtainPatOpResponse.setScope(getScope().getValue());
        obtainPatOpResponse.setExpiresIn(execClientCredentialsGrant.getExpiresIn().intValue());
        return obtainPatOpResponse;
    }

    private ObtainPatOpResponse obtainPatWithUserCredentials(OpenIdConfigurationResponse openIdConfigurationResponse, ObtainPatParams obtainPatParams) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(ResponseType.CODE);
        arrayList.add(ResponseType.ID_TOKEN);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(getScope().getValue());
        AuthorizationRequest authorizationRequest = new AuthorizationRequest(arrayList, obtainPatParams.getClientId(), arrayList2, obtainPatParams.getRedirectUrl(), null);
        authorizationRequest.setState("af0ifjsldkj");
        authorizationRequest.setAuthUsername(obtainPatParams.getUserId());
        authorizationRequest.setAuthPassword(obtainPatParams.getUserSecret());
        authorizationRequest.getPrompts().add(Prompt.NONE);
        AuthorizeClient authorizeClient = new AuthorizeClient(openIdConfigurationResponse.getAuthorizationEndpoint());
        authorizeClient.setExecutor(getHttpService().getClientExecutor());
        authorizeClient.setRequest(authorizationRequest);
        AuthorizationResponse exec = authorizeClient.exec();
        ClientUtils.showClient(authorizeClient);
        String scope = exec.getScope();
        String code = exec.getCode();
        if (!Util.allNotBlank(code)) {
            LOG.debug("Authorization code is blank.");
            return null;
        }
        TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
        tokenRequest.setCode(code);
        tokenRequest.setRedirectUri(obtainPatParams.getRedirectUrl());
        tokenRequest.setAuthUsername(obtainPatParams.getClientId());
        tokenRequest.setAuthPassword(obtainPatParams.getClientSecret());
        tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
        tokenRequest.setScope(scope);
        TokenClient tokenClient = new TokenClient(openIdConfigurationResponse.getTokenEndpoint());
        tokenClient.setRequest(tokenRequest);
        tokenClient.setExecutor(getHttpService().getClientExecutor());
        TokenResponse exec2 = tokenClient.exec();
        ClientUtils.showClient(authorizeClient);
        if (exec2.getStatus() != 200) {
            return null;
        }
        String accessToken = exec2.getAccessToken();
        String refreshToken = exec2.getRefreshToken();
        if (!Util.allNotBlank(accessToken, refreshToken)) {
            return null;
        }
        ObtainPatOpResponse obtainPatOpResponse = new ObtainPatOpResponse();
        obtainPatOpResponse.setPatToken(accessToken);
        obtainPatOpResponse.setPatRefreshToken(refreshToken);
        obtainPatOpResponse.setAuthorizationCode(code);
        obtainPatOpResponse.setScope(getScope().getValue());
        obtainPatOpResponse.setExpiresIn(exec2.getExpiresIn().intValue());
        return obtainPatOpResponse;
    }
}
