package org.talend.esb.security.oidc;

import java.io.IOException;
import java.io.InputStream;
import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.ws.rs.core.Response;
import org.apache.cxf.helpers.IOUtils;
import org.apache.cxf.jaxrs.AbstractJAXRSFactoryBean;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.jaxrs.provider.json.JSONProvider;

/* loaded from: input_file:org/talend/esb/security/oidc/OidcClientUtils.class */
public class OidcClientUtils {
    private static OidcConfiguration oidcConfiguration = new OidcConfiguration();

    public OidcClientUtils(Map<String, String> map) {
        oidcConfiguration = new OidcConfiguration(map);
    }

    public OidcClientUtils(OidcConfiguration oidcConfiguration2) {
        oidcConfiguration = oidcConfiguration2;
    }

    public static String getValidationEndpoint() {
        return oidcConfiguration.getValidationEndpoint();
    }

    public static String getTokenEndpoint() {
        return oidcConfiguration.getTokenEndpoint();
    }

    public static String getScope() {
        return oidcConfiguration.getScope();
    }

    public static String getPublicClientID() {
        return oidcConfiguration.getPublicClientId();
    }

    public static OidcConfiguration getOidcConfiguration() {
        return oidcConfiguration;
    }

    public static Map<String, String> parseJson(InputStream inputStream) throws IOException {
        String trim = IOUtils.readStringFromStream(inputStream).trim();
        if (trim.length() == 0) {
            return Collections.emptyMap();
        }
        if (!trim.startsWith("{") || !trim.endsWith("}")) {
            throw new IOException("JSON Sequence is broken: " + trim);
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (String str : trim.substring(1, trim.length() - 1).trim().split(",")) {
            String trim2 = str.trim();
            if (trim2.length() != 0) {
                int indexOf = trim2.indexOf(":");
                String trim3 = trim2.substring(0, indexOf).trim();
                if (trim3.startsWith("\"") && trim3.endsWith("\"")) {
                    trim3 = trim3.substring(1, trim3.length() - 1);
                }
                String trim4 = trim2.substring(indexOf + 1).trim();
                if (trim4.startsWith("\"") && trim4.endsWith("\"")) {
                    trim4 = trim4.substring(1, trim4.length() - 1);
                }
                linkedHashMap.put(trim3, trim4);
            }
        }
        return linkedHashMap;
    }

    public static String oidcClientBearer(String str, String str2) throws Exception {
        return oidcClientBearer(str, str2, oidcConfiguration);
    }

    public static String oidcClientBearer(String str, String str2, Map<String, String> map) throws Exception {
        return oidcClientBearer(str, str2, new OidcConfiguration(map));
    }

    public static String oidcClientBearer(String str, String str2, OidcConfiguration oidcConfiguration2) throws Exception {
        if (oidcConfiguration2 == null) {
            throw new IllegalArgumentException("OIDC configuration is not set");
        }
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("OIDC username is a required parameter");
        }
        if (str2 == null) {
            throw new IllegalArgumentException("OIDC password is a required parameter");
        }
        String tokenEndpoint = oidcConfiguration2.getTokenEndpoint();
        if (tokenEndpoint == null || tokenEndpoint.isEmpty()) {
            throw new Exception("Token endpoint setting is null or empty");
        }
        String publicClientId = oidcConfiguration2.getPublicClientId();
        if (publicClientId == null || publicClientId.isEmpty()) {
            throw new Exception("OIDC client ID setting is null or empty");
        }
        Response post = WebClient.create(tokenEndpoint, Collections.singletonList(new JSONProvider())).type("application/x-www-form-urlencoded").post("grant_type=password&scope=" + oidcConfiguration2.getScope() + "&username=" + str + "&password=" + str2 + "&client_id=" + publicClientId);
        try {
            Map<String, String> parseJson = parseJson((InputStream) post.getEntity());
            if (post.getStatus() != 200) {
                if (parseJson.get("error") != null) {
                    throw new Exception("OIDC Access Token request failed: " + parseJson.get("error"));
                }
                throw new Exception("OIDC token endpoint replied with HTTTP " + post.getStatus() + " on token request");
            }
            if ("Bearer".equals(parseJson.get("token_type"))) {
                return "Bearer " + parseJson.get("access_token");
            }
            throw new Exception("Token returned from OIDC Access Token service is not of Bearer type");
        } catch (Exception e) {
            throw new Exception("Can not parse response from  OIDC Access Token service: ", e);
        }
    }

    public static void configureClient(AbstractJAXRSFactoryBean abstractJAXRSFactoryBean, String str, String str2, Map<String, String> map) {
        abstractJAXRSFactoryBean.getOutInterceptors().add(new OIDCRESTOutInterceptor(str, str2, map));
    }
}
