package eu.dnetlib.openaire.usermanagement.api;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.google.gson.Gson;
import com.google.gson.JsonArray;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import eu.dnetlib.openaire.user.dao.SQLMigrationUserDAO;
import eu.dnetlib.openaire.user.ldap.MUserActionsLDAP;
import eu.dnetlib.openaire.user.login.utils.AuthoritiesMapper;
import eu.dnetlib.openaire.user.pojos.migration.LDAPUser;
import eu.dnetlib.openaire.user.store.DataSourceConnector;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.commons.io.IOUtils;
import org.apache.http.HttpEntity;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.apache.log4j.Logger;
import org.mitre.oauth2.model.RegisteredClientFields;
import org.mitre.oauth2.service.SystemScopeService;
import org.mitre.openid.connect.model.DefaultUserInfo;
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
import org.mitre.openid.connect.model.UserInfo;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.stereotype.Component;
import org.springframework.util.MultiValueMap;
import org.springframework.web.client.DefaultResponseErrorHandler;
import org.springframework.web.client.RestTemplate;

@Path("/users")
@Component("test3service")
/* loaded from: input_file:WEB-INF/classes/eu/dnetlib/openaire/usermanagement/api/Test3Service.class */
public class Test3Service {
    private static final Logger logger = Logger.getLogger(Test3Service.class);
    public static final String errorMessage = "{ \"status\" : \"error\", \"code\" : \"%s\", \"message\" : \"%s\", \"description\" : \"%s\" }";

    @Autowired
    private SQLMigrationUserDAO sqlMigrationUserDAO;

    @Autowired
    private MUserActionsLDAP mUserActionsLDAP;

    @Autowired
    private DataSourceConnector dataSourceConnector;

    @Value("${oidc.issuer}")
    private String issuer;

    @Value("${oidc.secret}")
    private String secret;

    @Value("${oidc.id}")
    private String id;

    @GET
    @Path("/getRefreshToken")
    @PreAuthorize("hasAuthority('ROLE_USER')")
    public Response getRefreshToken() {
        return Response.status(200).entity(((OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication()).getRefreshTokenValue()).build();
    }

    @GET
    @Path("/getJWTToken")
    @PreAuthorize("hasAuthority('ROLE_USER')")
    public Response getAccessToken() {
        return Response.status(200).entity(((OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication()).getAccessTokenValue()).build();
    }

    @GET
    @Produces({"application/json"})
    @Path("/getAccessToken")
    public Response getAccessTokenFromRefreshToken(@Context HttpServletRequest httpServletRequest, @QueryParam("refreshToken") String str) {
        if (str == null || str.isEmpty()) {
            return Response.status(Response.Status.BAD_REQUEST).entity(String.format(errorMessage, 400, "Bad Request", "Missing refreshToken parameter")).type("application/json").build();
        }
        CloseableHttpClient createDefault = HttpClients.createDefault();
        HttpPost httpPost = new HttpPost(this.issuer + "/token");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair("client_id", this.id));
        arrayList.add(new BasicNameValuePair(RegisteredClientFields.CLIENT_SECRET, this.secret));
        arrayList.add(new BasicNameValuePair("grant_type", OAuth2AccessToken.REFRESH_TOKEN));
        arrayList.add(new BasicNameValuePair(OAuth2AccessToken.REFRESH_TOKEN, str));
        arrayList.add(new BasicNameValuePair("scope", SystemScopeService.OPENID_SCOPE));
        try {
            httpPost.setEntity(new UrlEncodedFormEntity(arrayList, "UTF-8"));
            CloseableHttpResponse execute = createDefault.execute((HttpUriRequest) httpPost);
            return execute.getStatusLine().getStatusCode() == 401 ? Response.status(Response.Status.UNAUTHORIZED).entity(String.format(errorMessage, 401, "Unauthorised", "Invalid refreshToken token " + str)).type("application/json").build() : Response.status(execute.getStatusLine().getStatusCode()).entity(IOUtils.toString(execute.getEntity().getContent(), StandardCharsets.UTF_8.name())).type("application/json").build();
        } catch (UnsupportedEncodingException e) {
            logger.error(e);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(String.format(errorMessage, 500, "Fail to get access token.", e.getMessage())).type("application/json").build();
        } catch (IOException e2) {
            logger.error(e2);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(String.format(errorMessage, 500, "Fail to get access token.", e2.getMessage())).type("application/json").build();
        }
    }

    @GET
    @Produces({"application/json"})
    @Path("/getToken")
    public Response getToken(@QueryParam("accessToken") String str) {
        logger.debug("Refresh token " + str);
        CloseableHttpClient createDefault = HttpClients.createDefault();
        HttpPost httpPost = new HttpPost(this.issuer + "/token");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair("client_id", this.id));
        arrayList.add(new BasicNameValuePair(RegisteredClientFields.CLIENT_SECRET, this.secret));
        arrayList.add(new BasicNameValuePair("grant_type", OAuth2AccessToken.REFRESH_TOKEN));
        arrayList.add(new BasicNameValuePair(OAuth2AccessToken.REFRESH_TOKEN, str));
        arrayList.add(new BasicNameValuePair("scope", SystemScopeService.OPENID_SCOPE));
        try {
            httpPost.setEntity(new UrlEncodedFormEntity(arrayList, "UTF-8"));
            HttpEntity entity = createDefault.execute((HttpUriRequest) httpPost).getEntity();
            if (entity != null) {
                InputStream content = entity.getContent();
                Throwable th = null;
                try {
                    try {
                        logger.debug(IOUtils.toString(content, StandardCharsets.UTF_8.name()));
                        if (content != null) {
                            if (0 != 0) {
                                try {
                                    content.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                content.close();
                            }
                        }
                    } finally {
                    }
                } finally {
                }
            }
            return Response.status(200).type("application/json").build();
        } catch (UnsupportedEncodingException e) {
            logger.error(e);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(String.format(errorMessage, 500, "Fail to get access token.", e.getMessage())).type("application/json").build();
        } catch (IOException e2) {
            logger.error(e2);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(String.format(errorMessage, 500, "Fail to get access token.", e2.getMessage())).type("application/json").build();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @GET
    @Produces({"application/json"})
    @Path("/getUserInfo")
    public Response getUserInfo(@QueryParam("accessToken") String str) throws JsonProcessingException {
        logger.info(str);
        RestTemplate restTemplate = new RestTemplate();
        restTemplate.setErrorHandler(new DefaultResponseErrorHandler() { // from class: eu.dnetlib.openaire.usermanagement.api.Test3Service.1
            @Override // org.springframework.web.client.DefaultResponseErrorHandler
            protected boolean hasError(HttpStatus httpStatus) {
                return false;
            }
        });
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add("Authorization", "Bearer " + str);
        ResponseEntity exchange = restTemplate.exchange(this.issuer + "userinfo", HttpMethod.GET, new org.springframework.http.HttpEntity<>((MultiValueMap<String, String>) httpHeaders), String.class, new Object[0]);
        if (exchange.getStatusCode() != HttpStatus.OK) {
            return Response.status(exchange.getStatusCode().value()).entity(exchange.getBody()).type("application/json").build();
        }
        JsonObject asJsonObject = new JsonParser().parse((String) exchange.getBody()).getAsJsonObject();
        JsonArray jsonArray = new JsonArray();
        AuthoritiesMapper.map(asJsonObject.get("edu_person_entitlements").getAsJsonArray()).forEach(grantedAuthority -> {
            jsonArray.add(grantedAuthority.getAuthority());
        });
        asJsonObject.add("roles", jsonArray);
        return Response.status(exchange.getStatusCode().value()).entity(asJsonObject.toString()).type("application/json").build();
    }

    @GET
    @Produces({"application/json"})
    @Path("/getUser")
    public Response getUser() {
        JsonObject jsonObject = new JsonObject();
        try {
            try {
                OIDCAuthenticationToken oIDCAuthenticationToken = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
                UserInfo userInfo = oIDCAuthenticationToken.getUserInfo();
                if (userInfo == null) {
                    return Response.status(404).entity(compose404Message("Get User info: user info is null ")).type("application/json").build();
                }
                logger.info("Get User:\n name: " + oIDCAuthenticationToken.getUserInfo().getGivenName() + " " + oIDCAuthenticationToken.getUserInfo().getFamilyName());
                jsonObject.addProperty("sub", userInfo.getSub());
                jsonObject.addProperty("name", userInfo.getName());
                jsonObject.addProperty("given_name", userInfo.getGivenName());
                jsonObject.addProperty("family_name", userInfo.getFamilyName());
                jsonObject.addProperty(DefaultUserInfo.PARAM_EMAIL, userInfo.getEmail());
                JsonArray jsonArray = new JsonArray();
                oIDCAuthenticationToken.getAuthorities().forEach(grantedAuthority -> {
                    jsonArray.add(grantedAuthority.getAuthority());
                });
                jsonObject.add("roles", jsonArray);
                return Response.status(200).entity(jsonObject.toString()).type("application/json").build();
            } catch (Exception e) {
                logger.info("Try to get User info - no context found ");
                return Response.status(404).entity(compose404Message("Get User info: no context found ")).type("application/json").build();
            }
        } catch (Exception e2) {
            logger.error("Get User info: An error occurred ", e2);
            return Response.status(500).entity(compose500Message("Get User info: An error occurred ", e2)).type("application/json").build();
        }
    }

    private String compose401Message(String str) {
        return "{ \"status\" : \"error\", \"code\" : \"401\", \"message\" : \"  " + str + " \" }";
    }

    private String compose404Message(String str) {
        return "{ \"status\" : \"error\", \"code\" : \"404\", \"message\" : \"  " + str + " \" }";
    }

    private String compose500Message(String str, Exception exc) {
        return "{ \"status\" : \"fail\", \"code\" : \"500\", \"message\" : \"  " + str + "\", \"description\" : \"" + exc.getMessage() + "\" }";
    }

    private String composeDataResponse(LDAPUser lDAPUser) {
        return " { \"status\" : \"success\", \"code\": \"200\", \"data\" : " + new Gson().toJson(lDAPUser) + " }";
    }

    private String composeDataResponse(String str) {
        return " { \"status\" : \"success\", \"code\": \"200\", \"data\" : " + new Gson().toJson(str) + " }";
    }
}
