package org.xdi.oxd.server.op;

import com.google.inject.Injector;
import java.util.ArrayList;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xdi.oxauth.client.AuthorizationRequest;
import org.xdi.oxauth.client.AuthorizationResponse;
import org.xdi.oxauth.client.AuthorizeClient;
import org.xdi.oxauth.client.ClientUtils;
import org.xdi.oxauth.client.OpenIdConfigurationResponse;
import org.xdi.oxauth.client.TokenClient;
import org.xdi.oxauth.client.TokenRequest;
import org.xdi.oxauth.client.TokenResponse;
import org.xdi.oxauth.model.common.AuthenticationMethod;
import org.xdi.oxauth.model.common.GrantType;
import org.xdi.oxauth.model.common.Prompt;
import org.xdi.oxauth.model.common.ResponseType;
import org.xdi.oxauth.model.uma.UmaConfiguration;
import org.xdi.oxauth.model.uma.UmaScopeType;
import org.xdi.oxauth.model.util.Util;
import org.xdi.oxd.common.Command;
import org.xdi.oxd.common.CommandResponse;
import org.xdi.oxd.common.params.ObtainAatParams;
import org.xdi.oxd.common.response.ObtainAatOpResponse;
import org.xdi.oxd.server.Configuration;

/* loaded from: input_file:org/xdi/oxd/server/op/ObtainAatOperation.class */
public class ObtainAatOperation extends BaseOperation {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) ObtainAatOperation.class);

    /* JADX INFO: Access modifiers changed from: protected */
    public ObtainAatOperation(Command command, Injector injector) {
        super(command, injector);
    }

    public UmaScopeType getScope() {
        return UmaScopeType.AUTHORIZATION;
    }

    @Override // org.xdi.oxd.server.op.IOperation
    public CommandResponse execute() {
        try {
            ObtainAatParams obtainAatParams = (ObtainAatParams) asParams(ObtainAatParams.class);
            if (obtainAatParams != null) {
                OpenIdConfigurationResponse connectDiscoveryResponse = getDiscoveryService().getConnectDiscoveryResponse(obtainAatParams.getDiscoveryUrl());
                UmaConfiguration umaDiscovery = getDiscoveryService().getUmaDiscovery(obtainAatParams.getUmaDiscoveryUrl());
                if (connectDiscoveryResponse != null && umaDiscovery != null) {
                    ObtainAatOpResponse obtainAatWithClientCredentials = useClientAuthentication() ? obtainAatWithClientCredentials(connectDiscoveryResponse, obtainAatParams) : obtainAatWithUserCredentials(connectDiscoveryResponse, obtainAatParams);
                    if (obtainAatWithClientCredentials != null) {
                        return okResponse(obtainAatWithClientCredentials);
                    }
                }
            }
        } catch (Exception e) {
            LOG.error(e.getMessage(), (Throwable) e);
        }
        return CommandResponse.INTERNAL_ERROR_RESPONSE;
    }

    public boolean useClientAuthentication() {
        Configuration configuration = getConfiguration();
        return (configuration == null || configuration.getUseClientAuthenticationForPat() == null || !configuration.getUseClientAuthenticationForPat().booleanValue()) ? false : true;
    }

    private ObtainAatOpResponse obtainAatWithClientCredentials(OpenIdConfigurationResponse openIdConfigurationResponse, ObtainAatParams obtainAatParams) {
        TokenClient tokenClient = new TokenClient(openIdConfigurationResponse.getTokenEndpoint());
        tokenClient.setExecutor(getHttpService().getClientExecutor());
        TokenResponse execClientCredentialsGrant = tokenClient.execClientCredentialsGrant(getScope().getValue() + " openid", obtainAatParams.getClientId(), obtainAatParams.getClientSecret());
        if (execClientCredentialsGrant == null) {
            return null;
        }
        ClientUtils.showClient(tokenClient);
        String accessToken = execClientCredentialsGrant.getAccessToken();
        if (!Util.allNotBlank(accessToken)) {
            return null;
        }
        ObtainAatOpResponse obtainAatOpResponse = new ObtainAatOpResponse();
        obtainAatOpResponse.setAatToken(accessToken);
        obtainAatOpResponse.setAatRefreshToken(execClientCredentialsGrant.getRefreshToken());
        obtainAatOpResponse.setScope(getScope().getValue());
        obtainAatOpResponse.setExpiresIn(execClientCredentialsGrant.getExpiresIn().intValue());
        return obtainAatOpResponse;
    }

    private ObtainAatOpResponse obtainAatWithUserCredentials(OpenIdConfigurationResponse openIdConfigurationResponse, ObtainAatParams obtainAatParams) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(ResponseType.CODE);
        arrayList.add(ResponseType.ID_TOKEN);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(getScope().getValue());
        AuthorizationRequest authorizationRequest = new AuthorizationRequest(arrayList, obtainAatParams.getClientId(), arrayList2, obtainAatParams.getRedirectUrl(), null);
        authorizationRequest.setState("af0ifjsldkj");
        authorizationRequest.setAuthUsername(obtainAatParams.getUserId());
        authorizationRequest.setAuthPassword(obtainAatParams.getUserSecret());
        authorizationRequest.getPrompts().add(Prompt.NONE);
        AuthorizeClient authorizeClient = new AuthorizeClient(openIdConfigurationResponse.getAuthorizationEndpoint());
        authorizeClient.setRequest(authorizationRequest);
        authorizeClient.setExecutor(getHttpService().getClientExecutor());
        AuthorizationResponse exec = authorizeClient.exec();
        ClientUtils.showClient(authorizeClient);
        String scope = exec.getScope();
        String code = exec.getCode();
        if (!Util.allNotBlank(code)) {
            LOG.debug("Authorization code is blank.");
            return null;
        }
        TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
        tokenRequest.setCode(code);
        tokenRequest.setRedirectUri(obtainAatParams.getRedirectUrl());
        tokenRequest.setAuthUsername(obtainAatParams.getClientId());
        tokenRequest.setAuthPassword(obtainAatParams.getClientSecret());
        tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
        tokenRequest.setScope(scope);
        TokenClient tokenClient = new TokenClient(openIdConfigurationResponse.getTokenEndpoint());
        tokenClient.setExecutor(getHttpService().getClientExecutor());
        tokenClient.setRequest(tokenRequest);
        TokenResponse exec2 = tokenClient.exec();
        ClientUtils.showClient(authorizeClient);
        if (exec2.getStatus() != 200) {
            return null;
        }
        String accessToken = exec2.getAccessToken();
        String refreshToken = exec2.getRefreshToken();
        if (!Util.allNotBlank(accessToken, refreshToken)) {
            return null;
        }
        ObtainAatOpResponse obtainAatOpResponse = new ObtainAatOpResponse();
        obtainAatOpResponse.setAatToken(accessToken);
        obtainAatOpResponse.setAatRefreshToken(refreshToken);
        obtainAatOpResponse.setAuthorizationCode(code);
        obtainAatOpResponse.setScope(getScope().getValue());
        obtainAatOpResponse.setExpiresIn(exec2.getExpiresIn().intValue());
        return obtainAatOpResponse;
    }
}
