package com.parasoft.xtest.common.oidc;

import com.parasoft.xtest.common.SafeRunnable;
import com.parasoft.xtest.common.api.MessageSeverity;
import com.parasoft.xtest.common.api.console.IConsole;
import com.parasoft.xtest.common.nls.NLS;
import com.parasoft.xtest.common.preferences.IOidcPreferences;
import com.parasoft.xtest.common.services.IParasoftServiceWithDispose;
import com.parasoft.xtest.common.text.UString;
import com.parasoft.xtest.services.api.IParasoftServiceContext;
import com.parasoft.xtest.services.api.diagnostics.IDiagnosableService;
import java.io.File;
import java.io.IOException;
import java.net.URI;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.util.Properties;

/* loaded from: input_file:WEB-INF/lib/com.parasoft.xtest.common-10.5.0.20201016.jar:com/parasoft/xtest/common/oidc/OidcService.class */
public class OidcService implements IOidcService, IDiagnosableService, IParasoftServiceWithDispose {
    private final IConsole _console;
    private final AuthorizationData _authData;
    private ParamsValidationResult _paramsValidationResult;
    private boolean _isInitialized;
    private boolean _initializeWithRefreshToken;
    private boolean _removeSession;
    private OidcConfiguration _oidcConfiguration;
    private AccessTokenProducer _tokenProducer;
    private AccessTokenResponse _accessTokenResponse;
    private TokenRefresher _refresher;
    private final Object _MUTEX = new Object();

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:WEB-INF/lib/com.parasoft.xtest.common-10.5.0.20201016.jar:com/parasoft/xtest/common/oidc/OidcService$AuthorizationData.class */
    public static class AuthorizationData {
        private final String _issuerUri;
        private final String _clientId;
        private final String _clientSecret;
        private final File _keyStoreFile;
        private final String _keyStorePassword;
        private final String _keyStoreAlias;
        private String _refreshToken;
        private KeyStore _loadedKeyStore = null;
        private URI _validIssuerURI = null;
        private static final String _KEY_SEPARATOR = "::";
        protected static final AuthorizationData DISABLED = new AuthorizationData(null, null, null, null, null, null);

        private AuthorizationData(String str, String str2, String str3, String str4, String str5, String str6) {
            this._issuerUri = str;
            this._clientId = str2;
            this._clientSecret = str3;
            this._keyStoreFile = new File(str4 == null ? "" : str4);
            this._keyStorePassword = str5 == null ? "" : str5;
            this._keyStoreAlias = str6;
        }

        public String getUniqueKey() {
            String str = String.valueOf(this._issuerUri) + "::" + this._clientId;
            if (UString.isNonEmptyTrimmed(this._clientSecret)) {
                str = String.valueOf(str) + "::" + this._clientSecret.hashCode();
            }
            return String.valueOf(str) + "::" + this._keyStoreFile.getAbsolutePath() + "::" + this._keyStorePassword.hashCode();
        }

        public void setRefreshToken(String str) {
            this._refreshToken = str;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        public static AuthorizationData create(IOidcPreferences iOidcPreferences) {
            return !iOidcPreferences.isEnabled() ? DISABLED : new AuthorizationData(iOidcPreferences.getIssuerUri(), iOidcPreferences.getClientId(), iOidcPreferences.getClientSecret(), iOidcPreferences.getKeyStorePath(), iOidcPreferences.getKeyStorePassword(), iOidcPreferences.getKeyStoreAlias());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:WEB-INF/lib/com.parasoft.xtest.common-10.5.0.20201016.jar:com/parasoft/xtest/common/oidc/OidcService$ParamsValidationResult.class */
    public static class ParamsValidationResult {
        private final String _errorMessage;
        private final Throwable _cause;
        static final ParamsValidationResult VALID = create(null, null);

        private ParamsValidationResult(String str, Throwable th) {
            this._errorMessage = str;
            this._cause = th;
        }

        boolean isValid() {
            return UString.isEmpty(this._errorMessage);
        }

        static ParamsValidationResult create(String str) {
            return new ParamsValidationResult(str, null);
        }

        static ParamsValidationResult create(String str, Throwable th) {
            return new ParamsValidationResult(str, th);
        }
    }

    public OidcService(AuthorizationData authorizationData, IConsole iConsole) {
        this._console = iConsole;
        this._authData = authorizationData;
        if (this._authData == null || this._authData._refreshToken == null) {
            return;
        }
        this._initializeWithRefreshToken = true;
        new SafeRunnable() { // from class: com.parasoft.xtest.common.oidc.OidcService.1
            @Override // com.parasoft.xtest.common.SafeRunnable
            protected void runImpl() throws Throwable {
                OidcService.this.getAccessToken();
            }
        }.run();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v16, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r0v2, types: [java.lang.Object] */
    /* JADX WARN: Type inference failed for: r0v3, types: [java.lang.Throwable] */
    @Override // com.parasoft.xtest.common.oidc.IOidcService
    public String getAccessToken() throws OidcException {
        initialize();
        ?? r0 = this._MUTEX;
        synchronized (r0) {
            if (this._accessTokenResponse == null) {
                if (this._initializeWithRefreshToken) {
                    Logger.getLogger().debug("Using refresh token for initialization");
                    this._accessTokenResponse = createAccessTokenResponseFromRefreshToken();
                    this._initializeWithRefreshToken = false;
                }
                if (this._accessTokenResponse == null) {
                    this._accessTokenResponse = createAccessTokenResponse();
                }
            } else if (!this._accessTokenResponse.isAccessTokenValid()) {
                if (this._accessTokenResponse.isRefreshTokenValid()) {
                    this._tokenProducer.refreshToken(this._accessTokenResponse, this._authData._clientSecret, this._authData._loadedKeyStore, this._authData._keyStorePassword, this._authData._keyStoreAlias);
                } else {
                    this._accessTokenResponse = createAccessTokenResponse();
                }
            }
            r0 = this._accessTokenResponse.getAccessToken();
        }
        return r0;
    }

    private AccessTokenResponse createAccessTokenResponseFromRefreshToken() {
        AccessTokenResponse accessTokenResponse = new AccessTokenResponse(null, this._authData._refreshToken, 0L, 60L);
        try {
            this._tokenProducer.refreshToken(accessTokenResponse, this._authData._clientSecret, this._authData._loadedKeyStore, this._authData._keyStorePassword, this._authData._keyStoreAlias);
            this._refresher = new TokenRefresher(this._tokenProducer, accessTokenResponse);
            this._refresher.start(this._authData._clientSecret, this._authData._loadedKeyStore, this._authData._keyStorePassword, this._authData._keyStoreAlias);
            String tokenEndpoint = this._oidcConfiguration.getTokenEndpoint();
            String decodeUserNameFromAccessToken = OidcUtil.decodeUserNameFromAccessToken(accessTokenResponse.getAccessToken());
            OidcUtil.writeOnConsole(this._console, NLS.getFormatted(Messages.OIDC_TOKEN_OBTAINED, decodeUserNameFromAccessToken, tokenEndpoint));
            Logger.getLogger().info("Initialization using refresh token for user: " + decodeUserNameFromAccessToken + " from: " + tokenEndpoint + " completed");
            return accessTokenResponse;
        } catch (Exception e) {
            Logger.getLogger().debug("Unable to initialize using refresh token: " + e.getMessage());
            return null;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v11, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v14 */
    /* JADX WARN: Type inference failed for: r0v15, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r0v19 */
    /* JADX WARN: Type inference failed for: r0v3 */
    @Override // com.parasoft.xtest.common.oidc.IOidcService
    public String getRefreshToken(boolean z) throws OidcException {
        ?? r0;
        initialize();
        synchronized (this._MUTEX) {
            r0 = z;
            if (r0 != 0) {
                if (this._accessTokenResponse == null || !this._accessTokenResponse.isRefreshTokenValid()) {
                    this._accessTokenResponse = createAccessTokenResponse();
                } else {
                    refreshToken();
                }
            }
            r0 = this._accessTokenResponse != null ? this._accessTokenResponse.getRefreshToken() : 0;
        }
        return r0;
    }

    protected AccessTokenResponse createAccessTokenResponse() throws OidcException {
        if (this._refresher != null) {
            this._refresher.stop();
        }
        this._removeSession = true;
        AccessTokenResponse createAccessToken = this._tokenProducer.createAccessToken(this._authData._clientSecret, this._authData._loadedKeyStore, this._authData._keyStorePassword, this._authData._keyStoreAlias);
        this._refresher = new TokenRefresher(this._tokenProducer, createAccessToken);
        this._refresher.start(this._authData._clientSecret, this._authData._loadedKeyStore, this._authData._keyStorePassword, this._authData._keyStoreAlias);
        return createAccessToken;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v2, types: [java.lang.Object] */
    /* JADX WARN: Type inference failed for: r0v3, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v6 */
    @Override // com.parasoft.xtest.common.oidc.IOidcService
    public void refreshToken() throws OidcException {
        initialize();
        ?? r0 = this._MUTEX;
        synchronized (r0) {
            if (this._accessTokenResponse != null && this._accessTokenResponse.isRefreshTokenValid()) {
                this._tokenProducer.refreshToken(this._accessTokenResponse, this._authData._clientSecret, this._authData._loadedKeyStore, this._authData._keyStorePassword, this._authData._keyStoreAlias);
            }
            r0 = r0;
        }
    }

    @Override // com.parasoft.xtest.common.oidc.IOidcService
    public boolean isEnabled() {
        return this._authData != AuthorizationData.DISABLED;
    }

    /* JADX WARN: Type inference failed for: r0v3, types: [java.lang.Throwable, java.lang.Object] */
    private void initialize() throws OidcException {
        if (!isEnabled()) {
            throw new OidcException("OIDC Service is disabled");
        }
        synchronized (this._MUTEX) {
            if (this._isInitialized) {
                return;
            }
            if (this._paramsValidationResult == null) {
                this._paramsValidationResult = validateParameters();
                if (!this._paramsValidationResult.isValid()) {
                    OidcUtil.writeOnConsole(this._console, this._paramsValidationResult._errorMessage, MessageSeverity.HIGH);
                }
            }
            if (!this._paramsValidationResult.isValid()) {
                throw new OidcInvalidArgumentsException(this._paramsValidationResult._errorMessage, this._paramsValidationResult._cause);
            }
            this._tokenProducer = createTokenProducer();
            this._isInitialized = true;
        }
    }

    protected AccessTokenProducer createTokenProducer() throws OidcException {
        this._oidcConfiguration = createOidcConfiguration();
        return createTokenProducerInstance();
    }

    protected AccessTokenProducer createTokenProducerInstance() {
        return new AccessTokenProducer(this._oidcConfiguration.getTokenEndpoint(), this._authData._clientId, this._console);
    }

    protected ParamsValidationResult validateParameters() {
        boolean z = !this._initializeWithRefreshToken;
        if (UString.isEmptyTrimmed(this._authData._issuerUri)) {
            return ParamsValidationResult.create(NLS.getFormatted(Messages.MISSING_OIDC_ISSUER_URI, new Object[0]));
        }
        if (UString.isEmptyTrimmed(this._authData._clientId)) {
            return ParamsValidationResult.create(NLS.getFormatted(Messages.MISSING_OIDC_CLIENT_ID, new Object[0]));
        }
        if (z && UString.isEmptyTrimmed(this._authData._keyStoreFile.getPath())) {
            return ParamsValidationResult.create(NLS.getFormatted(Messages.MISSING_OIDC_KEY_STORE, new Object[0]));
        }
        if (z && !this._authData._keyStoreFile.exists()) {
            return ParamsValidationResult.create(NLS.getFormatted(Messages.NO_OIDC_KEY_STORE, this._authData._keyStoreFile.getAbsolutePath()));
        }
        try {
            this._authData._validIssuerURI = URI.create(this._authData._issuerUri);
            if (z) {
                try {
                    loadKeystore();
                } catch (Exception e) {
                    return ParamsValidationResult.create(NLS.getFormatted(Messages.UNABLE_LOAD_OIDC_KEY_STORE, this._authData._keyStoreFile.getAbsolutePath()), e);
                }
            }
            return ParamsValidationResult.VALID;
        } catch (Exception e2) {
            return ParamsValidationResult.create(NLS.getFormatted(Messages.INVALID_OIDC_ISSUER_URI, this._authData._issuerUri), e2);
        }
    }

    protected TokenRefresher getRefresher() {
        return this._refresher;
    }

    protected void setRefresher(TokenRefresher tokenRefresher) {
        this._refresher = tokenRefresher;
    }

    protected AccessTokenProducer getTokenProducer() {
        return this._tokenProducer;
    }

    protected void setOidcConfiguration(OidcConfiguration oidcConfiguration) {
        this._oidcConfiguration = oidcConfiguration;
    }

    protected void loadKeystore() throws IOException, GeneralSecurityException {
        this._authData._loadedKeyStore = OidcUtil.loadKeystore(this._authData._keyStoreFile, this._authData._keyStorePassword);
    }

    protected OidcConfiguration createOidcConfiguration() throws OidcException {
        if (this._authData._validIssuerURI == null) {
            throw new OidcException("Internal problem with OIDC configuration.");
        }
        return new OidcConfiguration(this._authData._validIssuerURI, this._console);
    }

    @Override // com.parasoft.xtest.services.api.diagnostics.IDiagnosableService
    public Properties getServiceSettings(IParasoftServiceContext iParasoftServiceContext) {
        return OidcServiceDiagnostics.getServiceSettings(iParasoftServiceContext);
    }

    @Override // com.parasoft.xtest.services.api.diagnostics.IDiagnosableService
    public String getDiagnosticInfo(IParasoftServiceContext iParasoftServiceContext, IDiagnosableService.VerbosityLevel verbosityLevel) {
        return OidcServiceDiagnostics.getDiagnosticInfo(iParasoftServiceContext);
    }

    @Override // com.parasoft.xtest.common.services.IParasoftServiceWithDispose
    public void dispose() {
        if (this._removeSession) {
            String logoutEndpoint = this._oidcConfiguration != null ? this._oidcConfiguration.getLogoutEndpoint() : null;
            if (logoutEndpoint != null) {
                try {
                    this._tokenProducer.logout(logoutEndpoint, this._accessTokenResponse, this._authData._clientSecret);
                } catch (OidcException unused) {
                    Logger.getLogger().warn("Couldn't delete OIDC session from the server");
                }
            }
        }
    }

    protected boolean getRemoveSession() {
        return this._removeSession;
    }
}
