package org.zowe.apiml.gateway.security.service.schema.source;

import com.netflix.zuul.context.RequestContext;
import java.util.Optional;
import java.util.function.Function;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import org.zowe.apiml.gateway.ribbon.loadbalancer.LoadBalancerConstants;
import org.zowe.apiml.gateway.security.service.AuthenticationService;
import org.zowe.apiml.gateway.security.service.TokenCreationService;
import org.zowe.apiml.gateway.security.service.schema.source.AuthSource;
import org.zowe.apiml.message.core.MessageType;
import org.zowe.apiml.message.log.ApimlLogger;
import org.zowe.apiml.product.logging.annotations.InjectApimlLogger;
import org.zowe.apiml.security.common.token.AccessTokenProvider;
import org.zowe.apiml.security.common.token.QueryResponse;

@Service
/* loaded from: input_file:org/zowe/apiml/gateway/security/service/schema/source/PATAuthSourceService.class */
public class PATAuthSourceService extends TokenAuthSourceService {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(PATAuthSourceService.class);

    @InjectApimlLogger
    protected final ApimlLogger logger = ApimlLogger.empty();
    private final AuthenticationService authenticationService;
    private final AccessTokenProvider tokenProvider;
    private final TokenCreationService tokenService;

    @Override // org.zowe.apiml.gateway.security.service.schema.source.TokenAuthSourceService
    protected ApimlLogger getLogger() {
        return this.logger;
    }

    @Override // org.zowe.apiml.gateway.security.service.schema.source.TokenAuthSourceService
    public Function<String, AuthSource> getMapper() {
        return PATAuthSource::new;
    }

    @Override // org.zowe.apiml.gateway.security.service.schema.source.TokenAuthSourceService
    public Optional<String> getToken(RequestContext requestContext) {
        return this.authenticationService.getPATFromRequest(requestContext.getRequest());
    }

    @Override // org.zowe.apiml.gateway.security.service.schema.source.AuthSourceService
    public boolean isValid(AuthSource authSource) {
        try {
            String str = (String) authSource.getRawSource();
            String str2 = (String) RequestContext.getCurrentContext().get(LoadBalancerConstants.SERVICEID_KEY);
            boolean isValidForScopes = this.tokenProvider.isValidForScopes(str, str2);
            ApimlLogger apimlLogger = this.logger;
            MessageType messageType = MessageType.DEBUG;
            Object[] objArr = new Object[2];
            objArr[0] = isValidForScopes ? "valid" : "not valid";
            objArr[1] = str2;
            apimlLogger.log(messageType, "PAT is %s for scope: %s ", objArr);
            boolean isInvalidated = this.tokenProvider.isInvalidated(str);
            ApimlLogger apimlLogger2 = this.logger;
            MessageType messageType2 = MessageType.DEBUG;
            Object[] objArr2 = new Object[1];
            objArr2[0] = isInvalidated ? "invalidated" : "not invalidated";
            apimlLogger2.log(messageType2, "PAT was %s", objArr2);
            return isValidForScopes && !isInvalidated;
        } catch (Exception e) {
            this.logger.log(MessageType.ERROR, "PAT is not valid due to the exception: %s", new Object[]{e.getMessage()});
            return false;
        }
    }

    @Override // org.zowe.apiml.gateway.security.service.schema.source.AuthSourceService
    public AuthSource.Parsed parse(AuthSource authSource) {
        if (!(authSource instanceof PATAuthSource)) {
            return null;
        }
        QueryResponse parseJwtWithSignature = this.authenticationService.parseJwtWithSignature((String) authSource.getRawSource());
        return new ParsedTokenAuthSource(parseJwtWithSignature.getUserId(), parseJwtWithSignature.getCreation(), parseJwtWithSignature.getExpiration(), AuthSource.Origin.valueByIssuer(parseJwtWithSignature.getSource().name()));
    }

    @Override // org.zowe.apiml.gateway.security.service.schema.source.AuthSourceService
    public String getLtpaToken(AuthSource authSource) {
        String jwt = getJWT(authSource);
        if (AuthSource.Origin.ZOWE.equals(getTokenOrigin(jwt))) {
            jwt = this.authenticationService.getLtpaToken(jwt);
        }
        return jwt;
    }

    @Override // org.zowe.apiml.gateway.security.service.schema.source.AuthSourceService
    public String getJWT(AuthSource authSource) {
        return this.tokenService.createJwtTokenWithoutCredentials(((ParsedTokenAuthSource) parse(authSource)).getUserId());
    }

    public AuthSource.Origin getTokenOrigin(String str) {
        return AuthSource.Origin.valueByIssuer(this.authenticationService.parseJwtToken(str).getSource().name());
    }

    @Generated
    public PATAuthSourceService(AuthenticationService authenticationService, AccessTokenProvider accessTokenProvider, TokenCreationService tokenCreationService) {
        this.authenticationService = authenticationService;
        this.tokenProvider = accessTokenProvider;
        this.tokenService = tokenCreationService;
    }
}
