package org.zowe.apiml.security.client.service;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import java.util.Optional;
import lombok.Generated;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.stereotype.Service;
import org.springframework.util.MultiValueMap;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.HttpServerErrorException;
import org.springframework.web.client.ResourceAccessException;
import org.springframework.web.client.RestClientException;
import org.springframework.web.client.RestTemplate;
import org.zowe.apiml.product.gateway.GatewayClient;
import org.zowe.apiml.product.gateway.GatewayConfigProperties;
import org.zowe.apiml.security.client.handler.RestResponseHandler;
import org.zowe.apiml.security.common.config.AuthConfigurationProperties;
import org.zowe.apiml.security.common.error.ErrorType;
import org.zowe.apiml.security.common.token.QueryResponse;

@Service
/* loaded from: input_file:BOOT-INF/lib/security-service-client-spring-1.27.25.jar:org/zowe/apiml/security/client/service/GatewaySecurityService.class */
public class GatewaySecurityService {
    private static final String MESSAGE_KEY_STRING = "messageKey\":\"";
    private final GatewayClient gatewayClient;
    private final AuthConfigurationProperties authConfigurationProperties;
    private final RestTemplate restTemplate;
    private final RestResponseHandler responseHandler;

    public Optional<String> login(String str, String str2) {
        GatewayConfigProperties gatewayConfigProperties = this.gatewayClient.getGatewayConfigProperties();
        String format = String.format("%s://%s%s", gatewayConfigProperties.getScheme(), gatewayConfigProperties.getHostname(), this.authConfigurationProperties.getGatewayLoginEndpoint());
        ObjectNode createObjectNode = new ObjectMapper().createObjectNode();
        createObjectNode.put("username", str);
        createObjectNode.put(UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_PASSWORD_KEY, str2);
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        try {
            return extractToken(this.restTemplate.exchange(format, HttpMethod.POST, new HttpEntity<>(createObjectNode, httpHeaders), String.class, new Object[0]).getHeaders().getFirst("Set-Cookie"));
        } catch (HttpClientErrorException | HttpServerErrorException | ResourceAccessException e) {
            this.responseHandler.handleBadResponse(e, getErrorType(e), "Cannot access Gateway service. Uri '{}' returned: {}", format, e.getMessage());
            return Optional.empty();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public QueryResponse query(String str) {
        GatewayConfigProperties gatewayConfigProperties = this.gatewayClient.getGatewayConfigProperties();
        String format = String.format("%s://%s%s", gatewayConfigProperties.getScheme(), gatewayConfigProperties.getHostname(), this.authConfigurationProperties.getGatewayQueryEndpoint());
        String format2 = String.format("%s=%s", this.authConfigurationProperties.getCookieProperties().getCookieName(), str);
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add("Cookie", format2);
        try {
            return (QueryResponse) this.restTemplate.exchange(format, HttpMethod.GET, new HttpEntity<>((MultiValueMap<String, String>) httpHeaders), QueryResponse.class, new Object[0]).getBody();
        } catch (HttpClientErrorException | HttpServerErrorException | ResourceAccessException e) {
            this.responseHandler.handleBadResponse(e, ErrorType.TOKEN_NOT_VALID, "Can not access Gateway service. Uri '{}' returned: {}", format, e.getMessage());
            return null;
        }
    }

    private ErrorType getErrorType(RestClientException restClientException) {
        int indexOf;
        String message = restClientException.getMessage();
        if (message != null && (indexOf = message.indexOf(MESSAGE_KEY_STRING)) >= 0) {
            String substring = message.substring(indexOf + MESSAGE_KEY_STRING.length());
            try {
                return ErrorType.fromMessageKey(substring.substring(0, substring.indexOf("\"")));
            } catch (IllegalArgumentException e) {
                return ErrorType.AUTH_GENERAL;
            }
        }
        return ErrorType.AUTH_GENERAL;
    }

    private Optional<String> extractToken(String str) {
        String cookieName = this.authConfigurationProperties.getCookieProperties().getCookieName();
        if (str == null || str.isEmpty() || !str.contains(cookieName)) {
            return Optional.empty();
        }
        int indexOf = str.indexOf(59);
        return Optional.of((indexOf > 0 ? str.substring(0, indexOf) : str).replace(cookieName + "=", ""));
    }

    @Generated
    public GatewaySecurityService(GatewayClient gatewayClient, AuthConfigurationProperties authConfigurationProperties, RestTemplate restTemplate, RestResponseHandler restResponseHandler) {
        this.gatewayClient = gatewayClient;
        this.authConfigurationProperties = authConfigurationProperties;
        this.restTemplate = restTemplate;
        this.responseHandler = restResponseHandler;
    }
}
