package edu.uiuc.ncsa.myproxy.oauth2.tools;

import edu.uiuc.ncsa.myproxy.oa4mp.oauth2.storage.clients.OA2Client;
import edu.uiuc.ncsa.myproxy.oa4mp.server.ClientStoreCommands;
import edu.uiuc.ncsa.security.core.Identifiable;
import edu.uiuc.ncsa.security.core.Store;
import edu.uiuc.ncsa.security.core.util.MyLoggingFacade;
import edu.uiuc.ncsa.security.delegation.server.storage.ClientApproval;
import edu.uiuc.ncsa.security.delegation.server.storage.ClientApprovalStore;
import edu.uiuc.ncsa.security.delegation.storage.BaseClient;
import edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfigurationUtil;
import edu.uiuc.ncsa.security.util.cli.ExitException;
import java.net.URI;
import java.util.Collection;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.StringTokenizer;
import net.sf.json.JSON;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import org.apache.commons.codec.digest.DigestUtils;

/* loaded from: input_file:edu/uiuc/ncsa/myproxy/oauth2/tools/OA2ClientCommands.class */
public class OA2ClientCommands extends ClientStoreCommands {
    boolean refreshTokensEnabled;
    Collection<String> supportedScopes;

    /* renamed from: edu.uiuc.ncsa.myproxy.oauth2.tools.OA2ClientCommands$1, reason: invalid class name */
    /* loaded from: input_file:edu/uiuc/ncsa/myproxy/oauth2/tools/OA2ClientCommands$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$edu$uiuc$ncsa$security$delegation$server$storage$ClientApproval$Status = new int[ClientApproval.Status.values().length];

        static {
            try {
                $SwitchMap$edu$uiuc$ncsa$security$delegation$server$storage$ClientApproval$Status[ClientApproval.Status.APPROVED.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$edu$uiuc$ncsa$security$delegation$server$storage$ClientApproval$Status[ClientApproval.Status.NONE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$edu$uiuc$ncsa$security$delegation$server$storage$ClientApproval$Status[ClientApproval.Status.PENDING.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$edu$uiuc$ncsa$security$delegation$server$storage$ClientApproval$Status[ClientApproval.Status.DENIED.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$edu$uiuc$ncsa$security$delegation$server$storage$ClientApproval$Status[ClientApproval.Status.REVOKED.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
        }
    }

    public OA2ClientCommands(MyLoggingFacade myLoggingFacade, String str, Store store, ClientApprovalStore clientApprovalStore) {
        super(myLoggingFacade, str, store, clientApprovalStore);
        this.supportedScopes = null;
    }

    public boolean isRefreshTokensEnabled() {
        return this.refreshTokensEnabled;
    }

    public void setRefreshTokensEnabled(boolean z) {
        this.refreshTokensEnabled = z;
    }

    public Collection<String> getSupportedScopes() {
        return this.supportedScopes;
    }

    public void setSupportedScopes(Collection<String> collection) {
        this.supportedScopes = collection;
    }

    protected void longFormat(BaseClient baseClient, ClientApproval clientApproval) {
        OA2Client oA2Client = (OA2Client) baseClient;
        say("Client name=" + (oA2Client.getName() == null ? "(no name)" : oA2Client.getName()));
        sayi("identifier=" + oA2Client.getIdentifier());
        sayi("email=" + oA2Client.getEmail());
        sayi("home uri=" + oA2Client.getHomeUri());
        sayi("error uri=" + oA2Client.getErrorUri());
        sayi("limited proxies? " + oA2Client.isProxyLimited());
        sayi("creation timestamp=" + oA2Client.getCreationTS());
        sayi("sign ID tokens?=" + oA2Client.isSignTokens());
        sayi("issuer=" + oA2Client.getIssuer());
        sayi("is public?=" + oA2Client.isPublicClient());
        if (clientApproval == null) {
            clientApproval = (ClientApproval) getClientApprovalStore().create();
            clientApproval.setIdentifier(oA2Client.getIdentifier());
            clientApproval.setStatus(ClientApproval.Status.PENDING);
            clientApproval.setApproved(false);
            getClientApprovalStore().save(clientApproval);
        }
        if (clientApproval.isApproved() && clientApproval.getStatus() != ClientApproval.Status.APPROVED) {
            clientApproval.setStatus(ClientApproval.Status.APPROVED);
        }
        switch (AnonymousClass1.$SwitchMap$edu$uiuc$ncsa$security$delegation$server$storage$ClientApproval$Status[clientApproval.getStatus().ordinal()]) {
            case 1:
                sayi("status=approved by " + (clientApproval.getApprover() != null ? clientApproval.getApprover() : "(unknown)"));
                break;
            case 2:
                sayi("status=none");
                break;
            case 3:
                sayi("status=pending");
                break;
            case 4:
                sayi("status=approval denied");
                break;
            case 5:
                sayi("status=revoked");
                break;
        }
        if (oA2Client.getSecret() == null) {
            sayi("client secret: (none)");
        } else {
            sayi("client secret (hash):" + oA2Client.getSecret());
        }
        Collection callbackURIs = oA2Client.getCallbackURIs();
        if (callbackURIs == null) {
            sayi("callback uris: (none)");
        } else {
            sayi("callback uris" + (callbackURIs.isEmpty() ? ":(none)" : ":"));
            Iterator it = callbackURIs.iterator();
            while (it.hasNext()) {
                sayi("      " + ((String) it.next()));
            }
        }
        Collection scopes = oA2Client.getScopes();
        if (scopes == null) {
            sayi("scopes: (none)");
        } else {
            sayi("scopes" + (scopes.isEmpty() ? ":(none)" : ":"));
            Iterator it2 = scopes.iterator();
            while (it2.hasNext()) {
                sayi("      " + ((String) it2.next()));
            }
        }
        if (isRefreshTokensEnabled()) {
            sayi("refresh lifetime (sec): " + (oA2Client.isRTLifetimeEnabled() ? Long.valueOf(oA2Client.getRtLifetime() / 1000) : "none"));
        }
        if (oA2Client.getLdaps() == null || oA2Client.getLdaps().isEmpty()) {
            sayi("ldap:(none configured.)");
        } else {
            sayi("LDAPS (warning-deprecated, use the config instead):");
            say(new LDAPConfigurationUtil().toJSON(oA2Client.getLdaps()).toString(2));
        }
        if (oA2Client.getConfig() == null || oA2Client.getConfig().isEmpty()) {
            sayi("config:(none)");
        } else {
            sayi("config:");
            sayi(oA2Client.getConfig().toString(2));
        }
    }

    public void extraUpdates(Identifiable identifiable) {
        OA2Client oA2Client = (OA2Client) identifiable;
        String secret = oA2Client.getSecret();
        boolean z = true;
        while (true) {
            if (!z) {
                break;
            }
            String input = getInput("enter a new secret or return to skip.", secret);
            if (isEmpty(input)) {
                sayi("Nothing entered. Client secret entry skipped.");
                break;
            } else if (input.equals(secret)) {
                sayi(" Client secret entry skipped.");
                break;
            } else {
                secret = DigestUtils.sha1Hex(input);
                oA2Client.setSecret(secret);
                z = false;
            }
        }
        OA2Client oA2Client2 = (OA2Client) identifiable;
        if (isRefreshTokensEnabled()) {
            String input2 = getInput("enter the refresh lifetime in ms.", oA2Client2.isRTLifetimeEnabled() ? Long.toString(oA2Client2.getRtLifetime() / 1000) : "none");
            if (input2 == null || input2.length() == 0 || input2.toLowerCase().equals("none")) {
                oA2Client2.setRtLifetime(0L);
            } else {
                try {
                    oA2Client2.setRtLifetime(Long.parseLong(input2));
                } catch (Throwable th) {
                    sayi("Sorry but \"" + input2 + "\" is not a valid number. No change.");
                }
            }
        }
        String input3 = getInput("is this client public?", Boolean.toString(oA2Client2.isPublicClient()));
        if ((input3 != null && input3.toLowerCase().equalsIgnoreCase("y")) || input3.toLowerCase().equalsIgnoreCase("yes")) {
            input3 = "true";
        }
        try {
            oA2Client2.setPublicClient(Boolean.parseBoolean(input3));
        } catch (Throwable th2) {
            sayi("Sorry, but unable to parse the response of \"" + input3 + "\". No change.");
        }
        String input4 = getInput("enter the issuer (optional)", oA2Client2.getIssuer());
        if (!isEmpty(input4)) {
            oA2Client2.setIssuer(input4);
        }
        String input5 = getInput("Enable ID token signing (true/false)?", Boolean.toString(oA2Client2.isSignTokens()));
        if (!isEmpty(input5)) {
            try {
                oA2Client2.setSignTokens(Boolean.parseBoolean(input5));
            } catch (Throwable th3) {
                sayi("Unknown response of \"" + input5 + "\". Must be \"true\" or \"false\", ignoring.");
            }
        }
        String str = null;
        if (oA2Client2.getScopes() != null) {
            boolean z2 = true;
            for (String str2 : oA2Client2.getScopes()) {
                if (z2) {
                    z2 = false;
                    str = str2;
                } else {
                    str = str + "," + str2;
                }
            }
        }
        String input6 = getInput("enter a comma separated list of scopes. Scopes to this server will be rejected.", str);
        if (input6 != null && !input6.isEmpty()) {
            LinkedList linkedList = new LinkedList();
            StringTokenizer stringTokenizer = new StringTokenizer(input6, ",");
            while (stringTokenizer.hasMoreTokens()) {
                String trim = stringTokenizer.nextToken().trim();
                if (getSupportedScopes().contains(trim)) {
                    linkedList.add(trim);
                } else {
                    say("Unknown scope \"" + trim + "\" rejected.");
                }
            }
            oA2Client2.setScopes(linkedList);
        }
        String str3 = null;
        if (oA2Client2.getCallbackURIs() != null) {
            boolean z3 = true;
            for (String str4 : oA2Client2.getCallbackURIs()) {
                if (z3) {
                    z3 = false;
                    str3 = str4;
                } else {
                    str3 = str3 + "," + str4;
                }
            }
        }
        String input7 = getInput("enter a comma separated list of callback uris. These must start with https or they will be ignored.", str3);
        if (!input7.isEmpty()) {
            LinkedList linkedList2 = new LinkedList();
            StringTokenizer stringTokenizer2 = new StringTokenizer(input7, ",");
            while (stringTokenizer2.hasMoreTokens()) {
                String trim2 = stringTokenizer2.nextToken().trim();
                try {
                    if (URI.create(trim2).getScheme().toLowerCase().equals("https")) {
                        linkedList2.add(trim2);
                    } else {
                        sayi("\"" + trim2 + "\" rejected -- illegal protocol");
                    }
                } catch (Throwable th4) {
                    sayi("\"" + trim2 + "\" rejected -- illegal uri");
                }
            }
            oA2Client2.setCallbackURIs(linkedList2);
        }
        LDAPConfigurationUtil lDAPConfigurationUtil = new LDAPConfigurationUtil();
        JSONArray inputJSON = inputJSON((oA2Client.getLdaps() == null || oA2Client.getLdaps().isEmpty()) ? null : lDAPConfigurationUtil.toJSON(oA2Client.getLdaps()), "ldap configuration", true);
        if (inputJSON != null) {
            oA2Client.setLdaps(lDAPConfigurationUtil.fromJSON(inputJSON));
        }
        JSONObject inputJSON2 = inputJSON(oA2Client.getConfig(), "client configuration");
        if (inputJSON2 != null) {
            oA2Client.setConfig(inputJSON2);
        }
    }

    protected JSON inputJSON(JSON json, String str) {
        return inputJSON(json, str, false);
    }

    protected JSON inputJSON(JSON json, String str, boolean z) {
        if (json == null) {
            sayi("no current value for " + str);
        } else {
            sayi("current value for " + str + ":");
            say(json.toString(2));
        }
        sayi("Enter new JSON value. An empty line terminates input. Entering a line with /exit will terminate input too.\n Hitting /clear will clear the contents of this.");
        String str2 = "";
        boolean z2 = true;
        while (z2) {
            try {
                String readline = readline();
                while (!isEmpty(readline)) {
                    if (readline.equals("/clear")) {
                        return z ? new JSONArray() : new JSONObject();
                    }
                    str2 = str2 + readline;
                    readline = readline();
                }
                if (str2.isEmpty()) {
                    return null;
                }
                try {
                    JSONArray fromObject = z ? JSONArray.fromObject(str2) : JSONObject.fromObject(str2);
                    sayi("Success! JSON is valid.");
                    return fromObject;
                } catch (Throwable th) {
                    sayi("uh-oh... It seems this was not a valid JSON object. The parser message reads:\"" + th.getMessage() + "\"");
                    z2 = isOk(getInput("Try to re-enter this?", "true"));
                }
            } catch (ExitException e) {
                return null;
            }
        }
        return null;
    }

    protected void showDeserializeHelp() {
        super.showDeserializeHelp();
        say("NOTE that for clients, the assumption is that you are supplying the hashed secret, not the actual secret.");
        say("If you need to create a hash of a secret, invoke the create_hash method on the secret");
    }

    public OA2ClientCommands(MyLoggingFacade myLoggingFacade, Store store) {
        super(myLoggingFacade, store);
        this.supportedScopes = null;
    }
}
