package com.apifest.oauth20;

import com.alibaba.fastjson.JSON;
import com.apifest.oauth20.bean.ApplicationInfo;
import com.apifest.oauth20.bean.ClientCredentials;
import com.apifest.oauth20.bean.OAuthException;
import com.apifest.oauth20.bean.Scope;
import com.apifest.oauth20.bean.token_request.TokenRequest;
import com.apifest.oauth20.conf.OAuthConfig;
import com.apifest.oauth20.persistence.DBManager;
import com.apifest.oauth20.persistence.DBManagerFactory;
import com.apifest.oauth20.utils.QueryParameter;
import com.apifest.oauth20.utils.ResponseBuilder;
import com.apifest.oauth20.validator.InputValidator;
import info.xiancloud.core.util.LOG;
import io.netty.handler.codec.http.FullHttpRequest;
import io.netty.handler.codec.http.HttpHeaderNames;
import io.netty.handler.codec.http.HttpRequest;
import io.netty.handler.codec.http.HttpResponseStatus;
import io.netty.handler.codec.http.QueryStringDecoder;
import io.netty.util.CharsetUtil;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

/* loaded from: input_file:com/apifest/oauth20/ScopeService.class */
public class ScopeService {
    protected static final String MANDATORY_FIELDS_ERROR = "{\"error\":\"scope, description, cc_expires_in and pass_expires_in are mandatory\"}";
    protected static final String MANDATORY_SCOPE_ERROR = "{\"error\":\"scope is mandatory\"}";
    protected static final String SCOPE_NAME_INVALID_ERROR = "{\"error\":\"scope name not valid - it may contain aplha-numeric, - and _\"}";
    protected static final String SCOPE_STORED_OK_MESSAGE = "{\"status\":\"scope successfully stored\"}";
    protected static final String SCOPE_STORED_NOK_MESSAGE = "{\"status\":\"scope not stored\"}";
    protected static final String SCOPE_UPDATED_OK_MESSAGE = "{\"status\":\"scope successfully updated\"}";
    protected static final String SCOPE_UPDATED_NOK_MESSAGE = "{\"status\":\"scope not updated\"}";
    protected static final String SCOPE_NOT_EXIST = "{\"status\":\"scope does not exist\"}";
    protected static final String SCOPE_ALREADY_EXISTS = "{\"status\":\"scope already exists\"}";
    protected static final String SCOPE_DELETED_OK_MESSAGE = "{\"status\":\"scope successfully deleted\"}";
    protected static final String SCOPE_DELETED_NOK_MESSAGE = "{\"status\":\"scope not deleted\"}";
    protected static final String SCOPE_USED_BY_APP_MESSAGE = "{\"status\":\"scope cannot be deleted, there are client apps registered with it\"}";
    private static final String SPACE = " ";

    public String registerScope(FullHttpRequest fullHttpRequest) throws OAuthException {
        String str = fullHttpRequest.headers() != null ? fullHttpRequest.headers().get(HttpHeaderNames.CONTENT_TYPE) : null;
        if (str == null || !str.contains(ResponseBuilder.APPLICATION_JSON)) {
            throw new OAuthException(ResponseBuilder.UNSUPPORTED_MEDIA_TYPE, HttpResponseStatus.BAD_REQUEST);
        }
        try {
            Scope scope = (Scope) InputValidator.validate(fullHttpRequest.content().toString(CharsetUtil.UTF_8), Scope.class);
            if (!scope.valid()) {
                LOG.error("scope is not valid");
                throw new OAuthException(MANDATORY_FIELDS_ERROR, HttpResponseStatus.BAD_REQUEST);
            }
            if (!Scope.validScopeName(scope.getScope())) {
                LOG.error("scope name is not valid");
                throw new OAuthException(SCOPE_NAME_INVALID_ERROR, HttpResponseStatus.BAD_REQUEST);
            }
            LOG.info(">>>>>>>>>>>>>>> scope = " + scope);
            if (DBManagerFactory.getInstance().findScope(scope.getScope()) != null) {
                LOG.error("scope already exists");
                throw new OAuthException(SCOPE_ALREADY_EXISTS, HttpResponseStatus.BAD_REQUEST);
            }
            DBManagerFactory.getInstance().storeScope(scope);
            return SCOPE_STORED_OK_MESSAGE;
        } catch (IOException e) {
            LOG.error("cannot handle scope request", e);
            throw new OAuthException(e, null, HttpResponseStatus.BAD_REQUEST);
        }
    }

    public String getScopes(HttpRequest httpRequest) throws OAuthException {
        Map parameters = new QueryStringDecoder(httpRequest.uri()).parameters();
        if (parameters.containsKey(QueryParameter.CLIENT_ID)) {
            return getScopes((String) ((List) parameters.get(QueryParameter.CLIENT_ID)).get(0));
        }
        try {
            return JSON.toJSONString(DBManagerFactory.getInstance().getAllScopes());
        } catch (Exception e) {
            LOG.error("cannot load scopes", e);
            throw new OAuthException(e, null, HttpResponseStatus.BAD_REQUEST);
        }
    }

    public String getValidScope(String str, String str2) {
        ClientCredentials findClientCredentials = DBManagerFactory.getInstance().findClientCredentials(str2);
        if (findClientCredentials == null) {
            return null;
        }
        return getValidScopeByScope(str, findClientCredentials.getScope());
    }

    public String getValidScopeByScope(String str, String str2) {
        String str3 = null;
        if (str == null || str.length() == 0) {
            str3 = str2;
        } else if (scopeAllowed(str, str2)) {
            str3 = str;
        }
        return str3;
    }

    public boolean scopeAllowed(String str, String str2) {
        List asList = Arrays.asList(str2.split(" "));
        String[] split = str.split(" ");
        int i = 0;
        for (String str3 : split) {
            if (asList.contains(str3)) {
                i++;
            }
        }
        return i == split.length;
    }

    public int getExpiresIn(String str, String str2) {
        int i = Integer.MAX_VALUE;
        List<Scope> loadScopes = loadScopes(str2);
        boolean equals = TokenRequest.CLIENT_CREDENTIALS.equals(str);
        if (TokenRequest.CLIENT_CREDENTIALS.equals(str)) {
            for (Scope scope : loadScopes) {
                if (scope.getCcExpiresIn().intValue() < i) {
                    i = scope.getCcExpiresIn().intValue();
                }
            }
        } else if (TokenRequest.PASSWORD.equals(str)) {
            for (Scope scope2 : loadScopes) {
                if (scope2.getPassExpiresIn().intValue() < i) {
                    i = scope2.getPassExpiresIn().intValue();
                }
            }
        } else {
            for (Scope scope3 : loadScopes) {
                if (scope3.getRefreshExpiresIn().intValue() < i) {
                    i = scope3.getRefreshExpiresIn().intValue();
                }
            }
        }
        if (loadScopes.size() == 0 || i == Integer.MAX_VALUE) {
            i = equals ? OAuthConfig.DEFAULT_CC_EXPIRES_IN : OAuthConfig.DEFAULT_PASSWORD_EXPIRES_IN;
        }
        return i;
    }

    public String updateScope(FullHttpRequest fullHttpRequest, String str) throws OAuthException {
        String str2 = fullHttpRequest.headers() != null ? fullHttpRequest.headers().get(HttpHeaderNames.CONTENT_TYPE) : null;
        if (str2 == null || !str2.contains(ResponseBuilder.APPLICATION_JSON)) {
            throw new OAuthException(ResponseBuilder.UNSUPPORTED_MEDIA_TYPE, HttpResponseStatus.BAD_REQUEST);
        }
        try {
            Scope scope = (Scope) InputValidator.validate(fullHttpRequest.content().toString(CharsetUtil.UTF_8), Scope.class);
            if (!scope.validForUpdate()) {
                LOG.error("scope is not valid");
                throw new OAuthException(MANDATORY_SCOPE_ERROR, HttpResponseStatus.BAD_REQUEST);
            }
            Scope findScope = DBManagerFactory.getInstance().findScope(str);
            if (findScope == null) {
                LOG.error("scope does not exist");
                throw new OAuthException(SCOPE_NOT_EXIST, HttpResponseStatus.BAD_REQUEST);
            }
            setScopeEmptyValues(scope, findScope);
            DBManagerFactory.getInstance().storeScope(scope);
            return SCOPE_UPDATED_OK_MESSAGE;
        } catch (Exception e) {
            LOG.error("cannot handle scope request", e);
            throw new OAuthException(e, null, HttpResponseStatus.BAD_REQUEST);
        }
    }

    public String deleteScope(String str) throws OAuthException {
        if (DBManagerFactory.getInstance().findScope(str) != null) {
            return getClientAppsByScope(str).size() > 0 ? SCOPE_USED_BY_APP_MESSAGE : DBManagerFactory.getInstance().deleteScope(str) ? SCOPE_DELETED_OK_MESSAGE : SCOPE_DELETED_NOK_MESSAGE;
        }
        LOG.error("scope does not exist");
        throw new OAuthException(SCOPE_NOT_EXIST, HttpResponseStatus.BAD_REQUEST);
    }

    public String getScopeByName(String str) throws OAuthException {
        Scope findScope = DBManagerFactory.getInstance().findScope(str);
        if (findScope == null) {
            throw new OAuthException(SCOPE_NOT_EXIST, HttpResponseStatus.NOT_FOUND);
        }
        try {
            return JSON.toJSONString(findScope);
        } catch (Exception e) {
            LOG.error("cannot load scopes", e);
            throw new OAuthException(e, null, HttpResponseStatus.BAD_REQUEST);
        }
    }

    protected List<ApplicationInfo> getClientAppsByScope(String str) {
        ArrayList arrayList = new ArrayList();
        Iterator<ApplicationInfo> it = DBManagerFactory.getInstance().getAllApplications().iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            ApplicationInfo next = it.next();
            if (next.getScope() != null && next.getScope().contains(str)) {
                arrayList.add(next);
                break;
            }
        }
        return arrayList;
    }

    protected void setScopeEmptyValues(Scope scope, Scope scope2) {
        scope.setScope(scope2.getScope());
        if (scope.getDescription() == null || scope.getDescription().length() == 0) {
            scope.setDescription(scope2.getDescription());
        }
        if (scope.getCcExpiresIn() == null) {
            scope.setCcExpiresIn(scope2.getCcExpiresIn());
        }
        if (scope.getPassExpiresIn() == null) {
            scope.setPassExpiresIn(scope2.getPassExpiresIn().intValue());
        }
        if (scope.getRefreshExpiresIn() == null) {
            scope.setRefreshExpiresIn(scope2.getRefreshExpiresIn());
        }
    }

    protected List<Scope> loadScopes(String str) {
        String[] split = str.split(" ");
        ArrayList arrayList = new ArrayList();
        DBManager dBManagerFactory = DBManagerFactory.getInstance();
        for (String str2 : split) {
            arrayList.add(dBManagerFactory.findScope(str2));
        }
        return arrayList;
    }

    protected String getScopes(String str) throws OAuthException {
        ClientCredentials findClientCredentials = DBManagerFactory.getInstance().findClientCredentials(str);
        if (findClientCredentials == null) {
            throw new OAuthException(null, HttpResponseStatus.NOT_FOUND);
        }
        String[] split = findClientCredentials.getScope().split(" ");
        ArrayList arrayList = new ArrayList();
        for (String str2 : split) {
            arrayList.add(DBManagerFactory.getInstance().findScope(str2));
        }
        try {
            return JSON.toJSONString(arrayList);
        } catch (Exception e) {
            LOG.error("cannot load scopes per LOCAL_NODE_ID", e);
            throw new OAuthException(e, null, HttpResponseStatus.BAD_REQUEST);
        }
    }
}
