package com.networknt.oauth.client.handler;

import com.hazelcast.map.IMap;
import com.networknt.config.Config;
import com.networknt.config.JsonMapper;
import com.networknt.handler.LightHttpHandler;
import com.networknt.httpstring.AttachmentConstants;
import com.networknt.oauth.cache.CacheStartupHookProvider;
import com.networknt.oauth.cache.model.Client;
import com.networknt.security.JwtVerifier;
import com.networknt.utility.Constants;
import io.undertow.server.HttpServerExchange;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/networknt/oauth/client/handler/Oauth2ClientClientIdDeleteHandler.class */
public class Oauth2ClientClientIdDeleteHandler extends ClientAuditHandler implements LightHttpHandler {
    private static Logger logger = LoggerFactory.getLogger((Class<?>) Oauth2ClientClientIdDeleteHandler.class);
    private static final String CLIENT_NOT_FOUND = "ERR12014";
    private static final String OPENAPI_SECURITY_CONFIG = "openapi-security";
    private static final String ENABLE_VERIFY_JWT = "enableVerifyJwt";
    private static final String INCORRECT_TOKEN_TYPE = "ERR11601";
    private static final String PERMISSION_DENIED = "ERR11620";
    private static boolean enableSecurity;

    @Override // io.undertow.server.HttpHandler
    public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
        Object obj = (String) httpServerExchange.getQueryParameters().get("clientId").getFirst();
        IMap map = CacheStartupHookProvider.hz.getMap("clients");
        Client client = (Client) map.get(obj);
        if (client == null) {
            setExchangeStatus(httpServerExchange, CLIENT_NOT_FOUND, obj);
        } else {
            if (enableSecurity) {
                String ownerId = client.getOwnerId();
                Map map2 = (Map) httpServerExchange.getAttachment(AttachmentConstants.AUDIT_INFO);
                String str = (String) map2.get(Constants.USER_ID_STRING);
                String str2 = (String) map2.get(Constants.ROLES_STRING);
                if (str == null) {
                    setExchangeStatus(httpServerExchange, INCORRECT_TOKEN_TYPE, "Authorization Code Token");
                    return;
                } else if (!str.equals(ownerId) && (str2 == null || !str2.contains("admin"))) {
                    setExchangeStatus(httpServerExchange, PERMISSION_DENIED, str2);
                    return;
                }
            }
            Client copyClient = Client.copyClient(client);
            copyClient.setClientSecret(null);
            map.delete(obj);
            httpServerExchange.getResponseSender().send(JsonMapper.toJson(copyClient));
        }
        processAudit(httpServerExchange);
    }

    static {
        enableSecurity = false;
        Map<String, Object> jsonMapConfig = Config.getInstance().getJsonMapConfig(OPENAPI_SECURITY_CONFIG);
        if (jsonMapConfig == null) {
            jsonMapConfig = Config.getInstance().getJsonMapConfig(JwtVerifier.SECURITY_CONFIG);
        }
        Object obj = jsonMapConfig.get(ENABLE_VERIFY_JWT);
        enableSecurity = obj != null && Boolean.valueOf(obj.toString()).booleanValue();
    }
}
