package org.xdi.oxd.server;

import java.io.IOException;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xdi.oxd.common.Command;
import org.xdi.oxd.common.CommandType;
import org.xdi.oxd.common.CoreUtils;
import org.xdi.oxd.common.params.AuthorizationCodeFlowParams;
import org.xdi.oxd.common.params.CheckAccessTokenParams;
import org.xdi.oxd.common.params.CheckIdTokenParams;
import org.xdi.oxd.common.params.GetAccessTokenByRefreshTokenParams;
import org.xdi.oxd.common.params.GetAuthorizationCodeParams;
import org.xdi.oxd.common.params.GetAuthorizationUrlParams;
import org.xdi.oxd.common.params.GetClientTokenParams;
import org.xdi.oxd.common.params.GetJwksParams;
import org.xdi.oxd.common.params.GetLogoutUrlParams;
import org.xdi.oxd.common.params.GetRpParams;
import org.xdi.oxd.common.params.GetTokensByCodeParams;
import org.xdi.oxd.common.params.GetUserInfoParams;
import org.xdi.oxd.common.params.HasProtectionAccessTokenParams;
import org.xdi.oxd.common.params.IParams;
import org.xdi.oxd.common.params.IntrospectAccessTokenParams;
import org.xdi.oxd.common.params.IntrospectRptParams;
import org.xdi.oxd.common.params.RegisterSiteParams;
import org.xdi.oxd.common.params.RemoveSiteParams;
import org.xdi.oxd.common.params.RpGetClaimsGatheringUrlParams;
import org.xdi.oxd.common.params.RpGetRptParams;
import org.xdi.oxd.common.params.RsCheckAccessParams;
import org.xdi.oxd.common.params.RsProtectParams;
import org.xdi.oxd.common.params.UpdateSiteParams;
import org.xdi.oxd.common.response.POJOResponse;
import org.xdi.oxd.server.service.ConfigurationService;

@Path("/")
/* loaded from: input_file:org/xdi/oxd/server/RestResource.class */
public class RestResource {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) RestResource.class);

    @GET
    @Produces({"application/json"})
    @Path("/health-check")
    public String healthCheck() {
        return "{\"status\" : \"running\"}";
    }

    @Path("/get-client-token")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getClientToken(String str) {
        return process(CommandType.GET_CLIENT_TOKEN, str, GetClientTokenParams.class, null);
    }

    @Path("/introspect-access-token")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String introspectAccessToken(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.INTROSPECT_ACCESS_TOKEN, str2, IntrospectAccessTokenParams.class, str);
    }

    @Path("/introspect-rpt")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String introspectRpt(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.INTROSPECT_RPT, str2, IntrospectRptParams.class, str);
    }

    @Path("/register-site")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String registerSite(String str) {
        return process(CommandType.REGISTER_SITE, str, RegisterSiteParams.class, null);
    }

    @Path("/update-site")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String updateSite(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.UPDATE_SITE, str2, UpdateSiteParams.class, str);
    }

    @Path("/remove-site")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String removeSite(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.REMOVE_SITE, str2, RemoveSiteParams.class, str);
    }

    @Path("/get-authorization-url")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getAuthorizationUrl(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.GET_AUTHORIZATION_URL, str2, GetAuthorizationUrlParams.class, str);
    }

    @Path("/get-authorization-code")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getAuthorizationCode(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.GET_AUTHORIZATION_CODE, str2, GetAuthorizationCodeParams.class, str);
    }

    @Path("/get-tokens-by-code")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getTokenByCode(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.GET_TOKENS_BY_CODE, str2, GetTokensByCodeParams.class, str);
    }

    @Path("/get-user-info")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getUserInfo(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.GET_USER_INFO, str2, GetUserInfoParams.class, str);
    }

    @Path("/get-logout-uri")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getLogoutUri(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.GET_LOGOUT_URI, str2, GetLogoutUrlParams.class, str);
    }

    @Path("/get-access-token-by-refresh-token")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getAccessTokenByRefreshToken(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.GET_ACCESS_TOKEN_BY_REFRESH_TOKEN, str2, GetAccessTokenByRefreshTokenParams.class, str);
    }

    @Path("/uma-rs-protect")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String umaRsProtect(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.RS_PROTECT, str2, RsProtectParams.class, str);
    }

    @Path("/uma-rs-check-access")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String umaRsCheckAccess(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.RS_CHECK_ACCESS, str2, RsCheckAccessParams.class, str);
    }

    @Path("/uma-rp-get-rpt")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String umaRpGetRpt(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.RP_GET_RPT, str2, RpGetRptParams.class, str);
    }

    @Path("/uma-rp-get-claims-gathering-url")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String umaRpGetClaimsGatheringUrl(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.RP_GET_CLAIMS_GATHERING_URL, str2, RpGetClaimsGatheringUrlParams.class, str);
    }

    @Path("/authorization-code-flow")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String authorizationCodeFlow(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.AUTHORIZATION_CODE_FLOW, str2, AuthorizationCodeFlowParams.class, str);
    }

    @Path("/check-access-token")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String checkAccessToken(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.CHECK_ACCESS_TOKEN, str2, CheckAccessTokenParams.class, str);
    }

    @Path("/check-id-token")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String checkIdToken(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.CHECK_ID_TOKEN, str2, CheckIdTokenParams.class, str);
    }

    @Path("/get-rp")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getRp(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.GET_RP, str2, GetRpParams.class, str);
    }

    @Path("/get-jwks")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public String getJwks(@HeaderParam("Authorization") String str, String str2) {
        return process(CommandType.GET_JWKS, str2, GetJwksParams.class, str);
    }

    public static <T> T read(String str, Class<T> cls) {
        try {
            return (T) CoreUtils.createJsonMapper().readValue(str, cls);
        } catch (IOException e) {
            LOG.error("Invalid params: " + str, (Throwable) e);
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Invalid parameters. Message: " + e.getMessage()).build());
        }
    }

    private static <T extends IParams> String process(CommandType commandType, String str, Class<T> cls, String str2) {
        String asJsonSilently = CoreUtils.asJsonSilently(getObjectForJsonConversion(commandType, str, cls, str2));
        LOG.trace("Send back response: {}", asJsonSilently);
        return asJsonSilently;
    }

    private static <T extends IParams> Object getObjectForJsonConversion(CommandType commandType, String str, Class<T> cls, String str2) {
        LOG.trace("Command: {}", str);
        IParams iParams = (IParams) read(str, cls);
        if ((iParams instanceof HasProtectionAccessTokenParams) && !(iParams instanceof RegisterSiteParams)) {
            ((HasProtectionAccessTokenParams) iParams).setProtectionAccessToken(validateAccessToken(str2));
        }
        Object process = ((Processor) ServerLauncher.getInjector().getInstance(Processor.class)).process(new Command(commandType, iParams));
        Object obj = process;
        if (process instanceof POJOResponse) {
            obj = ((POJOResponse) process).getNode();
        }
        return obj;
    }

    private static String validateAccessToken(String str) {
        if (StringUtils.isNotEmpty(str) && str.startsWith("Bearer ")) {
            String substring = str.substring("Bearer ".length());
            if (StringUtils.isNotBlank(substring)) {
                return substring;
            }
        }
        OxdServerConfiguration oxdServerConfiguration = ((ConfigurationService) ServerLauncher.getInjector().getInstance(ConfigurationService.class)).get();
        if (oxdServerConfiguration.getProtectCommandsWithAccessToken() == null || oxdServerConfiguration.getProtectCommandsWithAccessToken().booleanValue()) {
            LOG.debug("No access token provided in Authorization header. Forbidden.");
            throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN).build());
        }
        LOG.debug("Skip protection because protect_commands_with_access_token: false in configuration file.");
        return "";
    }
}
