package org.zowe.apiml.gateway.security.service.token;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.json.JsonMapper;
import java.util.Base64;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.ResponseEntity;
import org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter;
import org.springframework.stereotype.Service;
import org.springframework.web.client.RestClientException;
import org.springframework.web.client.RestTemplate;
import org.zowe.apiml.gateway.security.service.schema.OIDCAuthException;
import org.zowe.apiml.security.common.token.OIDCProvider;

@Service
/* loaded from: input_file:BOOT-INF/classes/org/zowe/apiml/gateway/security/service/token/OIDCTokenProvider.class */
public class OIDCTokenProvider implements OIDCProvider {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) OIDCTokenProvider.class);

    @Value("${apiml.security.oAuth.clientId:}")
    private String clientId;

    @Value("${apiml.security.oAuth.clientSecret:}")
    private String clientSecret;

    @Value("${apiml.security.oAuth.validationUrl:}")
    private String validationUrl;

    @Value("${apiml.security.oAuth.enabled:false}")
    private boolean isEnabled;
    private final RestTemplate restTemplate;

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.zowe.apiml.security.common.token.OIDCProvider
    public boolean isValid(String str) {
        if (str == null || str.isEmpty() || !this.isEnabled) {
            log.debug("Either you did not enable the OIDC auth or you did not provide a valid token.");
            throw new OIDCAuthException("A failure occurred when validating.");
        }
        try {
            HttpHeaders httpHeaders = new HttpHeaders();
            httpHeaders.add("authorization", ServerHttpBasicAuthenticationConverter.BASIC + new String(Base64.getEncoder().encode((this.clientId + ":" + this.clientSecret).getBytes())));
            httpHeaders.add("content-type", "application/x-www-form-urlencoded");
            JsonMapper jsonMapper = new JsonMapper();
            ResponseEntity exchange = this.restTemplate.exchange(this.validationUrl + str, HttpMethod.POST, new HttpEntity<>(null, httpHeaders), String.class, new Object[0]);
            if (!exchange.getStatusCode().is2xxSuccessful() || exchange.getBody() == 0 || ((String) exchange.getBody()).isEmpty()) {
                return false;
            }
            return jsonMapper.readTree((String) exchange.getBody()).get("active").asBoolean();
        } catch (JsonProcessingException e) {
            log.debug("Not able to parse the token response json.", (Throwable) e);
            return false;
        } catch (RestClientException e2) {
            log.debug("The OIDC token validation request with URL {} failed.", this.validationUrl, e2);
            return false;
        }
    }

    @Generated
    public OIDCTokenProvider(RestTemplate restTemplate) {
        this.restTemplate = restTemplate;
    }
}
