package org.eclipsefoundation.efservices.services.impl;

import io.quarkus.arc.Unremovable;
import jakarta.enterprise.context.ApplicationScoped;
import java.util.List;
import org.eclipse.microprofile.rest.client.inject.RestClient;
import org.eclipsefoundation.efservices.api.DrupalOAuthAPI;
import org.eclipsefoundation.efservices.api.models.DrupalOAuthData;
import org.eclipsefoundation.efservices.api.models.DrupalUserInfo;
import org.eclipsefoundation.efservices.helpers.DrupalAuthHelper;
import org.eclipsefoundation.efservices.services.DrupalOAuthService;
import org.eclipsefoundation.utils.exception.FinalForbiddenException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@ApplicationScoped
@Unremovable
/* loaded from: input_file:org/eclipsefoundation/efservices/services/impl/DefaultDrupalOAuthService.class */
public class DefaultDrupalOAuthService implements DrupalOAuthService {
    private static final Logger LOGGER = LoggerFactory.getLogger(DefaultDrupalOAuthService.class);

    @RestClient
    DrupalOAuthAPI oauthAPI;

    @Override // org.eclipsefoundation.efservices.services.DrupalOAuthService
    public DrupalOAuthData validateTokenStatus(String str, List<String> list, List<String> list2) {
        try {
            DrupalOAuthData tokenInfo = this.oauthAPI.getTokenInfo(str);
            if (DrupalAuthHelper.isExpired(tokenInfo.getExpires())) {
                throw new FinalForbiddenException("This token is expired");
            }
            if (!DrupalAuthHelper.hasScopes(tokenInfo.getScope(), list)) {
                throw new FinalForbiddenException("This token has invalid scope(s)");
            }
            if (DrupalAuthHelper.hasValidclientId(tokenInfo.getClientId(), list2)) {
                return tokenInfo;
            }
            throw new FinalForbiddenException("Invalid client_id associated with token");
        } catch (Exception e) {
            LOGGER.error("Error validating token", e);
            throw new FinalForbiddenException("Error validating token");
        }
    }

    @Override // org.eclipsefoundation.efservices.services.DrupalOAuthService
    public DrupalUserInfo getTokenUserInfo(String str) {
        try {
            return this.oauthAPI.getUserInfoFromToken("Bearer " + str);
        } catch (Exception e) {
            LOGGER.error("Error getting user from token", e);
            throw new FinalForbiddenException("Error getting user from token");
        }
    }
}
