package com.appiancorp.security.auth.piee;

import com.appiancorp.security.auth.phpmyadmin.PhpMyAdminAuthenticatorRequestHandler;
import com.appiancorp.security.auth.piee.PieeHttpRequestExecutor;
import com.appiancorp.security.auth.piee.persistence.PieeSettings;
import com.appiancorp.suite.cfg.PieeConfiguration;
import com.appiancorp.suiteapi.encryption.EncryptionService;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Base64;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/appiancorp/security/auth/piee/PieeOAuthTokenRetrieverImpl.class */
public class PieeOAuthTokenRetrieverImpl implements PieeOAuthTokenRetriever {
    private static final Logger LOG = LoggerFactory.getLogger(PieeOAuthTokenRetrieverImpl.class);
    private static final String CODE_KEY = "code";
    private static final String CLIENT_ID_KEY = "client_id";
    private static final String REDIRECT_URI_KEY = "redirect_uri";
    private static final String AUTHORIZATION_HEADER_KEY = "Authorization";
    private final PieeConfiguration pieeConfiguration;
    private final PieeTokenResponseParser pieeTokenResponseParser;
    private final PieeHttpRequestExecutor pieeHttpRequestExecutor;
    private final EncryptionService encryptionService;

    public PieeOAuthTokenRetrieverImpl(PieeConfiguration pieeConfiguration, PieeTokenResponseParser pieeTokenResponseParser, PieeHttpRequestExecutor pieeHttpRequestExecutor, EncryptionService encryptionService) {
        this.pieeConfiguration = pieeConfiguration;
        this.pieeTokenResponseParser = pieeTokenResponseParser;
        this.pieeHttpRequestExecutor = pieeHttpRequestExecutor;
        this.encryptionService = encryptionService;
    }

    @Override // com.appiancorp.security.auth.piee.PieeOAuthTokenRetriever
    public PieeTokenResponse retrieve(PieeSettings pieeSettings, String str) {
        try {
            HttpPost httpPost = new HttpPost(pieeSettings.getTokenEndpoint());
            httpPost.addHeader(AUTHORIZATION_HEADER_KEY, PhpMyAdminAuthenticatorRequestHandler.BASIC_AUTH_PREFIX + getBasicAuthzHeaderEncodedValue(pieeSettings));
            ArrayList arrayList = new ArrayList();
            arrayList.add(new BasicNameValuePair("grant_type", "authorization_code"));
            arrayList.add(new BasicNameValuePair(CODE_KEY, str));
            arrayList.add(new BasicNameValuePair(REDIRECT_URI_KEY, this.pieeConfiguration.getRedirectUri().toString()));
            httpPost.setEntity(new UrlEncodedFormEntity(arrayList, "UTF-8"));
            PieeHttpRequestExecutor.HttpRequestWatcher httpRequestWatcher = new PieeHttpRequestExecutor.HttpRequestWatcher();
            try {
                return this.pieeTokenResponseParser.parse(this.pieeHttpRequestExecutor.execute(httpPost, httpRequestWatcher, this::processHttpResponse));
            } catch (Exception e) {
                if (!httpRequestWatcher.didTimerRunOut()) {
                    throw new PieeAuthenticationException("Unable to retrieve access token.", e);
                }
                URIBuilder uRIBuilder = new URIBuilder(httpPost.getURI());
                LOG.error(String.format("Timeout on token request execution %s. Error: %s", String.format("%s://%s:%d%s", uRIBuilder.getScheme(), uRIBuilder.getHost(), Integer.valueOf(uRIBuilder.getPort()), uRIBuilder.getPath()), e.getMessage()), e);
                throw new PieeAuthenticationTimeoutException("Timeout on token request.", e);
            }
        } catch (Exception e2) {
            LOG.error("Unable to retrieve access token.", e2);
            throw new PieeAuthenticationException("Exception retrieving access token.", e2);
        }
    }

    private String processHttpResponse(CloseableHttpResponse closeableHttpResponse) {
        int statusCode = closeableHttpResponse.getStatusLine().getStatusCode();
        if (statusCode != 200) {
            LOG.error("Unsuccessful response attempting to retrieve access token. Status Code: {}", Integer.valueOf(statusCode));
            throw new PieeAuthenticationException("Unsuccessful response attempting to retrieve access token.");
        }
        try {
            return EntityUtils.toString(closeableHttpResponse.getEntity(), StandardCharsets.UTF_8);
        } catch (IOException e) {
            throw new PieeAuthenticationException("Error parsing http response body.", e);
        }
    }

    private String getBasicAuthzHeaderEncodedValue(PieeSettings pieeSettings) {
        return Base64.getEncoder().encodeToString((pieeSettings.getClientId() + ":" + this.encryptionService.decryptFromString(pieeSettings.getClientSecret())).getBytes(StandardCharsets.UTF_8));
    }
}
