package org.zowe.apiml.zaasclient.service.internal;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.util.Arrays;
import java.util.Optional;
import java.util.stream.Stream;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import lombok.Generated;
import lombok.NonNull;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;
import org.apache.http.HeaderElement;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.zowe.apiml.zaasclient.exception.ZaasClientErrorCodes;
import org.zowe.apiml.zaasclient.exception.ZaasClientException;
import org.zowe.apiml.zaasclient.exception.ZaasConfigurationException;
import org.zowe.apiml.zaasclient.service.ZaasToken;

/* loaded from: input_file:BOOT-INF/lib/zaas-client-1.24.7.jar:org/zowe/apiml/zaasclient/service/internal/ZaasJwtService.class */
class ZaasJwtService implements TokenService {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) ZaasJwtService.class);
    private static final String TOKEN_PREFIX = "apimlAuthenticationToken";
    private static final String BEARER_AUTHENTICATION_PREFIX = "Bearer";
    private final String loginEndpoint;
    private final String queryEndpoint;
    private final String logoutEndpoint;
    private final CloseableClientProvider httpClientProvider;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:BOOT-INF/lib/zaas-client-1.24.7.jar:org/zowe/apiml/zaasclient/service/internal/ZaasJwtService$ClientWithResponse.class */
    public static class ClientWithResponse {
        CloseableHttpClient client;
        CloseableHttpResponse response;

        @Generated
        public CloseableHttpClient getClient() {
            return this.client;
        }

        @Generated
        public CloseableHttpResponse getResponse() {
            return this.response;
        }

        @Generated
        public void setClient(CloseableHttpClient closeableHttpClient) {
            this.client = closeableHttpClient;
        }

        @Generated
        public void setResponse(CloseableHttpResponse closeableHttpResponse) {
            this.response = closeableHttpResponse;
        }

        @Generated
        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof ClientWithResponse)) {
                return false;
            }
            ClientWithResponse clientWithResponse = (ClientWithResponse) obj;
            if (!clientWithResponse.canEqual(this)) {
                return false;
            }
            CloseableHttpClient client = getClient();
            CloseableHttpClient client2 = clientWithResponse.getClient();
            if (client == null) {
                if (client2 != null) {
                    return false;
                }
            } else if (!client.equals(client2)) {
                return false;
            }
            CloseableHttpResponse response = getResponse();
            CloseableHttpResponse response2 = clientWithResponse.getResponse();
            return response == null ? response2 == null : response.equals(response2);
        }

        @Generated
        protected boolean canEqual(Object obj) {
            return obj instanceof ClientWithResponse;
        }

        @Generated
        public int hashCode() {
            CloseableHttpClient client = getClient();
            int hashCode = (1 * 59) + (client == null ? 43 : client.hashCode());
            CloseableHttpResponse response = getResponse();
            return (hashCode * 59) + (response == null ? 43 : response.hashCode());
        }

        @Generated
        public String toString() {
            return "ZaasJwtService.ClientWithResponse(client=" + getClient() + ", response=" + getResponse() + DefaultExpressionEngine.DEFAULT_INDEX_END;
        }

        @Generated
        public ClientWithResponse(CloseableHttpClient closeableHttpClient, CloseableHttpResponse closeableHttpResponse) {
            this.client = closeableHttpClient;
            this.response = closeableHttpResponse;
        }

        @Generated
        public ClientWithResponse() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:BOOT-INF/lib/zaas-client-1.24.7.jar:org/zowe/apiml/zaasclient/service/internal/ZaasJwtService$Credentials.class */
    public static class Credentials {
        String username;
        String password;

        @Generated
        public String getUsername() {
            return this.username;
        }

        @Generated
        public String getPassword() {
            return this.password;
        }

        @Generated
        public void setUsername(String str) {
            this.username = str;
        }

        @Generated
        public void setPassword(String str) {
            this.password = str;
        }

        @Generated
        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof Credentials)) {
                return false;
            }
            Credentials credentials = (Credentials) obj;
            if (!credentials.canEqual(this)) {
                return false;
            }
            String username = getUsername();
            String username2 = credentials.getUsername();
            if (username == null) {
                if (username2 != null) {
                    return false;
                }
            } else if (!username.equals(username2)) {
                return false;
            }
            String password = getPassword();
            String password2 = credentials.getPassword();
            return password == null ? password2 == null : password.equals(password2);
        }

        @Generated
        protected boolean canEqual(Object obj) {
            return obj instanceof Credentials;
        }

        @Generated
        public int hashCode() {
            String username = getUsername();
            int hashCode = (1 * 59) + (username == null ? 43 : username.hashCode());
            String password = getPassword();
            return (hashCode * 59) + (password == null ? 43 : password.hashCode());
        }

        @Generated
        public String toString() {
            return "ZaasJwtService.Credentials(username=" + getUsername() + ", password=" + getPassword() + DefaultExpressionEngine.DEFAULT_INDEX_END;
        }

        @Generated
        public Credentials(String str, String str2) {
            this.username = str;
            this.password = str2;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:BOOT-INF/lib/zaas-client-1.24.7.jar:org/zowe/apiml/zaasclient/service/internal/ZaasJwtService$Operation.class */
    public interface Operation {
        ClientWithResponse request() throws ZaasConfigurationException, IOException, ZaasClientException;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:BOOT-INF/lib/zaas-client-1.24.7.jar:org/zowe/apiml/zaasclient/service/internal/ZaasJwtService$Token.class */
    public interface Token {
        Object extract(CloseableHttpResponse closeableHttpResponse) throws IOException, ZaasClientException;
    }

    public ZaasJwtService(CloseableClientProvider closeableClientProvider, String str) {
        this.httpClientProvider = closeableClientProvider;
        this.loginEndpoint = str + DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL;
        this.queryEndpoint = str + "/query";
        this.logoutEndpoint = str + "/logout";
    }

    @Override // org.zowe.apiml.zaasclient.service.internal.TokenService
    public String login(String str, String str2) throws ZaasClientException {
        return (String) doRequest(() -> {
            return loginWithCredentials(str, str2);
        }, this::extractToken);
    }

    private ClientWithResponse loginWithCredentials(String str, String str2) throws ZaasConfigurationException, IOException {
        CloseableHttpClient httpClient = this.httpClientProvider.getHttpClient();
        HttpPost httpPost = new HttpPost(this.loginEndpoint);
        httpPost.setEntity(new StringEntity(new ObjectMapper().writeValueAsString(new Credentials(str, str2))));
        httpPost.setHeader("Content-Type", "application/json");
        return new ClientWithResponse(httpClient, httpClient.execute((HttpUriRequest) httpPost));
    }

    @Override // org.zowe.apiml.zaasclient.service.internal.TokenService
    public String login(String str) throws ZaasClientException {
        return (String) doRequest(() -> {
            return loginWithHeader(str);
        }, this::extractToken);
    }

    private ClientWithResponse loginWithHeader(String str) throws ZaasConfigurationException, IOException {
        CloseableHttpClient httpClient = this.httpClientProvider.getHttpClient();
        HttpPost httpPost = new HttpPost(this.loginEndpoint);
        httpPost.setHeader("Authorization", str);
        return new ClientWithResponse(httpClient, httpClient.execute((HttpUriRequest) httpPost));
    }

    @Override // org.zowe.apiml.zaasclient.service.internal.TokenService
    public ZaasToken query(String str) throws ZaasClientException {
        if (str == null || str.isEmpty()) {
            throw new ZaasClientException(ZaasClientErrorCodes.TOKEN_NOT_PROVIDED, "No token provided");
        }
        return (ZaasToken) doRequest(() -> {
            return queryWithJwtToken(str);
        }, this::extractZaasToken);
    }

    @Override // org.zowe.apiml.zaasclient.service.internal.TokenService
    public ZaasToken query(@NonNull HttpServletRequest httpServletRequest) throws ZaasClientException {
        if (httpServletRequest == null) {
            throw new NullPointerException("request is marked non-null but is null");
        }
        return query(getJwtTokenFromRequest(httpServletRequest).orElse(null));
    }

    @Override // org.zowe.apiml.zaasclient.service.internal.TokenService
    public void logout(String str) throws ZaasClientException {
        doRequest(() -> {
            return logoutJwtToken(str);
        });
    }

    private Optional<String> getJwtTokenFromRequest(@NonNull HttpServletRequest httpServletRequest) {
        if (httpServletRequest == null) {
            throw new NullPointerException("request is marked non-null but is null");
        }
        Optional<String> jwtTokenFromCookie = getJwtTokenFromCookie(httpServletRequest);
        return jwtTokenFromCookie.isPresent() ? jwtTokenFromCookie : extractJwtTokenFromAuthorizationHeader(httpServletRequest.getHeader("Authorization"));
    }

    private Optional<String> getJwtTokenFromCookie(HttpServletRequest httpServletRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        return cookies == null ? Optional.empty() : Arrays.stream(cookies).filter(cookie -> {
            return cookie.getName().equals("apimlAuthenticationToken");
        }).filter(cookie2 -> {
            return !cookie2.getValue().isEmpty();
        }).findFirst().map((v0) -> {
            return v0.getValue();
        });
    }

    private Optional<String> extractJwtTokenFromAuthorizationHeader(String str) {
        if (str == null || !str.startsWith("Bearer")) {
            return Optional.empty();
        }
        String trim = str.replaceFirst("Bearer", "").trim();
        return trim.isEmpty() ? Optional.empty() : Optional.of(trim);
    }

    private ClientWithResponse queryWithJwtToken(String str) throws ZaasConfigurationException, IOException {
        CloseableHttpClient httpClient = this.httpClientProvider.getHttpClient();
        HttpGet httpGet = new HttpGet(this.queryEndpoint);
        httpGet.addHeader("Cookie", "apimlAuthenticationToken=" + str);
        return new ClientWithResponse(httpClient, httpClient.execute((HttpUriRequest) httpGet));
    }

    private ClientWithResponse logoutJwtToken(String str) throws ZaasConfigurationException, IOException, ZaasClientException {
        CloseableHttpClient httpClient = this.httpClientProvider.getHttpClient();
        clearZaasClientCookies();
        HttpPost httpPost = new HttpPost(this.logoutEndpoint);
        if (str.startsWith("Bearer")) {
            httpPost.addHeader("Authorization", str);
        } else {
            httpPost.addHeader("Cookie", "apimlAuthenticationToken=" + str);
        }
        return getClientWithResponse(httpClient, httpPost);
    }

    private void clearZaasClientCookies() {
        if (this.httpClientProvider instanceof ZaasHttpsClientProvider) {
            ((ZaasHttpsClientProvider) this.httpClientProvider).clearCookieStore();
        }
    }

    private ClientWithResponse getClientWithResponse(CloseableHttpClient closeableHttpClient, HttpPost httpPost) throws IOException, ZaasClientException {
        ClientWithResponse clientWithResponse = new ClientWithResponse(closeableHttpClient, closeableHttpClient.execute((HttpUriRequest) httpPost));
        int statusCode = clientWithResponse.getResponse().getStatusLine().getStatusCode();
        if (statusCode == 204) {
            return clientWithResponse;
        }
        String entityUtils = EntityUtils.toString(clientWithResponse.getResponse().getEntity());
        if (statusCode == 401) {
            throw new ZaasClientException(ZaasClientErrorCodes.EXPIRED_JWT_EXCEPTION, entityUtils);
        }
        throw new ZaasClientException(ZaasClientErrorCodes.INVALID_JWT_TOKEN, entityUtils);
    }

    private void finallyClose(CloseableHttpResponse closeableHttpResponse) {
        if (closeableHttpResponse != null) {
            try {
                closeableHttpResponse.close();
            } catch (IOException e) {
                log.warn("It wasn't possible to close the resources. " + e.getMessage());
            }
        }
    }

    private ZaasToken extractZaasToken(CloseableHttpResponse closeableHttpResponse) throws IOException, ZaasClientException {
        int statusCode = closeableHttpResponse.getStatusLine().getStatusCode();
        if (statusCode != 200) {
            if (statusCode == 401) {
                throw new ZaasClientException(ZaasClientErrorCodes.INVALID_JWT_TOKEN, "Queried token is invalid or expired");
            }
            throw new ZaasClientException(ZaasClientErrorCodes.GENERIC_EXCEPTION, EntityUtils.toString(closeableHttpResponse.getEntity()));
        }
        ZaasToken zaasToken = (ZaasToken) new ObjectMapper().readValue(closeableHttpResponse.getEntity().getContent(), ZaasToken.class);
        if (zaasToken == null) {
            throw new ZaasClientException(ZaasClientErrorCodes.TOKEN_NOT_PROVIDED, "Queried token is null");
        }
        if (zaasToken.isExpired()) {
            throw new ZaasClientException(ZaasClientErrorCodes.EXPIRED_JWT_EXCEPTION, "Queried token is expired");
        }
        return zaasToken;
    }

    private String extractToken(CloseableHttpResponse closeableHttpResponse) throws ZaasClientException, IOException {
        int statusCode = closeableHttpResponse.getStatusLine().getStatusCode();
        if (statusCode == 204) {
            Optional findFirst = Stream.of((Object[]) closeableHttpResponse.getHeaders("Set-Cookie")[0].getElements()).filter(headerElement -> {
                return headerElement.getName().equals("apimlAuthenticationToken");
            }).findFirst();
            return findFirst.isPresent() ? ((HeaderElement) findFirst.get()).getValue() : "";
        }
        String entityUtils = EntityUtils.toString(closeableHttpResponse.getEntity());
        if (statusCode == 401) {
            throw new ZaasClientException(ZaasClientErrorCodes.INVALID_AUTHENTICATION, entityUtils);
        }
        if (statusCode == 400) {
            throw new ZaasClientException(ZaasClientErrorCodes.EMPTY_NULL_USERNAME_PASSWORD, entityUtils);
        }
        throw new ZaasClientException(ZaasClientErrorCodes.GENERIC_EXCEPTION, entityUtils);
    }

    private void doRequest(Operation operation) throws ZaasClientException {
        ClientWithResponse clientWithResponse = new ClientWithResponse();
        try {
            try {
                clientWithResponse = operation.request();
                finallyClose(clientWithResponse.getResponse());
            } catch (IOException | ZaasConfigurationException e) {
                throw new ZaasClientException(ZaasClientErrorCodes.SERVICE_UNAVAILABLE, e);
            }
        } catch (Throwable th) {
            finallyClose(clientWithResponse.getResponse());
            throw th;
        }
    }

    private Object doRequest(Operation operation, Token token) throws ZaasClientException {
        ClientWithResponse clientWithResponse = new ClientWithResponse();
        try {
            try {
                try {
                    clientWithResponse = operation.request();
                    Object extract = token.extract(clientWithResponse.getResponse());
                    finallyClose(clientWithResponse.getResponse());
                    return extract;
                } catch (IOException e) {
                    throw new ZaasClientException(ZaasClientErrorCodes.SERVICE_UNAVAILABLE, e);
                }
            } catch (ZaasClientException e2) {
                throw e2;
            } catch (Exception e3) {
                throw new ZaasClientException(ZaasClientErrorCodes.GENERIC_EXCEPTION, e3);
            }
        } catch (Throwable th) {
            finallyClose(clientWithResponse.getResponse());
            throw th;
        }
    }
}
