package com.mulesoft.tools.migration.library.mule.steps.security.oauth2;

import com.mulesoft.tools.migration.library.mule.steps.core.SetSecureProperties;
import com.mulesoft.tools.migration.library.mule.steps.http.AbstractHttpConnectorMigrationStep;
import com.mulesoft.tools.migration.library.mule.steps.http.HttpInboundEndpoint;
import com.mulesoft.tools.migration.library.mule.steps.http.HttpsInboundEndpoint;
import com.mulesoft.tools.migration.project.model.ApplicationModel;
import com.mulesoft.tools.migration.step.AbstractApplicationModelMigrationStep;
import com.mulesoft.tools.migration.step.category.MigrationReport;
import com.mulesoft.tools.migration.step.util.XmlDslUtils;
import java.util.Arrays;
import java.util.Collections;
import java.util.concurrent.atomic.AtomicReference;
import java.util.stream.Collectors;
import org.apache.http.HttpHost;
import org.apache.http.cookie.ClientCookie;
import org.jdom2.Content;
import org.jdom2.Element;
import org.jdom2.Namespace;
import org.mule.runtime.internal.dsl.DslConstants;

/* loaded from: input_file:com/mulesoft/tools/migration/library/mule/steps/security/oauth2/OAuth2ProviderConfig.class */
public class OAuth2ProviderConfig extends AbstractApplicationModelMigrationStep {
    public static final String OAUTH2_PROVIDER_NAMESPACE_URI = "http://www.mulesoft.org/schema/mule/oauth2-provider";
    public static final Namespace OAUTH2_PROVIDER_NAMESPACE = Namespace.getNamespace("oauth2-provider", OAUTH2_PROVIDER_NAMESPACE_URI);
    public static final String XPATH_SELECTOR = "/*/*[namespace-uri() = 'http://www.mulesoft.org/schema/mule/oauth2-provider' and local-name() = 'config']";

    @Override // com.mulesoft.tools.migration.step.AbstractApplicationModelMigrationStep, com.mulesoft.tools.migration.step.MigrationStep
    public String getDescription() {
        return "Update oauth2 provider configuration.";
    }

    public OAuth2ProviderConfig() {
        setAppliedTo(XPATH_SELECTOR);
        setNamespacesContributions(Collections.singletonList(OAUTH2_PROVIDER_NAMESPACE));
    }

    @Override // com.mulesoft.tools.migration.step.StepExecutable
    public void execute(Element element, MigrationReport migrationReport) throws RuntimeException {
        getApplicationModel();
        ApplicationModel.addNameSpace(OAUTH2_PROVIDER_NAMESPACE, "http://www.mulesoft.org/schema/mule/oauth2-provider/current/mule-oauth2-provider.xsd", element.getDocument());
        if (element.getAttribute("preFlow-ref") != null) {
            migrationReport.report("oauth2Provider.preFlow", element, element, new String[0]);
            element.removeAttribute("preFlow-ref");
        }
        if (element.getAttribute("name") == null) {
            if (element.getAttribute("providerName") != null) {
                element.setAttribute("name", element.getAttributeValue("providerName").replaceAll(" ", "_"));
            } else {
                element.setAttribute("name", "oauth2ProviderConfig");
            }
        }
        if (element.getAttribute("clientStore-ref") != null) {
            getApplicationModel().getNodeOptional("//*[namespace-uri() = 'http://www.springframework.org/schema/beans' and local-name() = 'bean' and @name='" + element.getAttributeValue("clientStore-ref") + "']").ifPresent(element2 -> {
                element.getAttribute("clientStore-ref").setValue((String) element2.getAttributes().stream().filter(attribute -> {
                    return "objectStore-ref".equals(attribute.getName());
                }).map(attribute2 -> {
                    return attribute2.getValue();
                }).findFirst().get());
            });
            element.getAttribute("clientStore-ref").setName("clientStore");
        }
        handleHttpListener(element, migrationReport);
        if (element.getAttribute("resourceOwnerSecurityProvider-ref") != null) {
            element.getAttribute("resourceOwnerSecurityProvider-ref").setName("resourceOwnerSecurityProvider");
        }
        if (element.getAttribute("clientSecurityProvider-ref") != null) {
            element.getAttribute("clientSecurityProvider-ref").setName("clientSecurityProvider");
        }
        if (element.getAttribute("tokenGeneratorStrategy-ref") != null) {
            element.getAttribute("tokenGeneratorStrategy-ref").setName("tokenGeneratorStrategy");
        }
        String attributeValue = element.getAttributeValue("scopes");
        if (attributeValue != null) {
            element.setAttribute("scopes", (String) Arrays.stream(attributeValue.split(" ")).collect(Collectors.joining(SetSecureProperties.SECURE_PROPERTIES_SEPARATOR)));
        }
        String attributeValue2 = element.getAttributeValue("defaultScopes");
        if (attributeValue2 != null) {
            element.setAttribute("defaultScopes", (String) Arrays.stream(attributeValue2.split(" ")).collect(Collectors.joining(SetSecureProperties.SECURE_PROPERTIES_SEPARATOR)));
        }
        String attributeValue3 = element.getAttributeValue("supportedGrantTypes");
        if (attributeValue3 != null) {
            element.setAttribute("supportedGrantTypes", (String) Arrays.stream(attributeValue3.split(" ")).collect(Collectors.joining(SetSecureProperties.SECURE_PROPERTIES_SEPARATOR)));
        }
        if (element.getAttribute("rateLimiter-ref") != null) {
            migrateRateLimiter(element, migrationReport);
        }
        migrateTokenConfig(element, migrationReport);
        migrateAuthorizationConfig(element, migrationReport);
        migrateClients(element);
    }

    private void handleHttpListener(Element element, MigrationReport migrationReport) {
        if (element.getAttribute("listenerConfig-ref") != null) {
            element.getAttribute("listenerConfig-ref").setName("listenerConfig");
        } else if (element.getAttribute("connector-ref") != null) {
            String attributeValue = element.getAttributeValue("connector-ref");
            String attributeValue2 = element.getAttributeValue("host");
            String attributeValue3 = element.getAttributeValue(ClientCookie.PORT_ATTR);
            Element httpConnector = getHttpConnector(element.getAttributeValue("connector-ref"));
            HttpInboundEndpoint.extractListenerConfig(getApplicationModel(), element, () -> {
                return httpConnector;
            }, AbstractHttpConnectorMigrationStep.HTTP_NAMESPACE, attributeValue, attributeValue2 != null ? attributeValue2 : "localhost", attributeValue3 != null ? attributeValue3 : "9999");
            getApplicationModel().addNameSpace(HttpHost.DEFAULT_SCHEME_NAME, AbstractHttpConnectorMigrationStep.HTTP_NAMESPACE_URI, "http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd");
            if (AbstractHttpConnectorMigrationStep.HTTPS_NAMESPACE.equals(httpConnector.getNamespace())) {
                HttpsInboundEndpoint.handleHttpsListenerConfig(getApplicationModel(), element, migrationReport, httpConnector);
            }
            element.removeAttribute(DslConstants.CONFIG_ATTRIBUTE_NAME);
            element.getAttribute("connector-ref").setName("listenerConfig");
        } else {
            String str = element.getAttributeValue("name") + "_httpListenerConfig";
            element.setAttribute("listenerConfig", str);
            String attributeValue4 = element.getAttributeValue("host");
            String attributeValue5 = element.getAttributeValue(ClientCookie.PORT_ATTR);
            XmlDslUtils.addElementAfter(new Element("listener-config", AbstractHttpConnectorMigrationStep.HTTP_NAMESPACE).setAttribute("name", str).addContent((Content) new Element("listener-connection", AbstractHttpConnectorMigrationStep.HTTP_NAMESPACE).setAttribute("host", attributeValue4 != null ? attributeValue4 : "localhost").setAttribute(ClientCookie.PORT_ATTR, attributeValue5 != null ? attributeValue5 : "9999")), element);
        }
        element.removeAttribute("host");
        element.removeAttribute(ClientCookie.PORT_ATTR);
    }

    private void migrateRateLimiter(Element element, MigrationReport migrationReport) {
        Element element2 = new Element("client-validation-rate-limiter", OAUTH2_PROVIDER_NAMESPACE);
        element2.addContent((Content) new Element("period-rate-limiter", OAUTH2_PROVIDER_NAMESPACE));
        element.addContent((Content) element2);
        getApplicationModel().getNodeOptional("//*[namespace-uri() = 'http://www.springframework.org/schema/beans' and local-name() = 'bean' and @name='" + element.getAttributeValue("rateLimiter-ref") + "']").ifPresent(element3 -> {
            migrationReport.report("oauth2Provider.clientValidationRateLimiter", element3, element2, new String[0]);
        });
        element.removeAttribute("rateLimiter-ref");
    }

    private void migrateTokenConfig(Element element, MigrationReport migrationReport) {
        Element element2 = new Element("token-config", OAUTH2_PROVIDER_NAMESPACE);
        String attributeValue = element.getAttributeValue("accessTokenEndpointPath");
        if (attributeValue != null) {
            element2.setAttribute(ClientCookie.PATH_ATTR, attributeValue.startsWith("/") ? attributeValue : "/" + attributeValue);
            element.removeAttribute("accessTokenEndpointPath");
        }
        AtomicReference atomicReference = new AtomicReference();
        if ("true".equals(element.getAttributeValue("enableRefreshToken"))) {
            if ("true".equals(element.getAttributeValue("issueNewRefreshToken"))) {
                atomicReference.set(new Element("multiple-refresh-tokens", OAUTH2_PROVIDER_NAMESPACE));
            } else {
                atomicReference.set(new Element("single-refresh-tokens", OAUTH2_PROVIDER_NAMESPACE));
            }
            element.removeAttribute("issueNewRefreshToken");
            element2.addContent((Content) new Element("refresh-token-strategy", OAUTH2_PROVIDER_NAMESPACE).addContent((Content) atomicReference.get()));
            if (element.getAttributeValue("refreshTokenTtlSeconds") != null) {
                migrationReport.report("oauth2Provider.refreshTokenTtl", element, element2, new String[0]);
                element.removeAttribute("refreshTokenTtlSeconds");
            }
        }
        element.removeAttribute("enableRefreshToken");
        getApplicationModel().getNodeOptional("//*[namespace-uri() = 'http://www.springframework.org/schema/beans' and local-name() = 'bean' and @name='" + element.getAttributeValue("tokenStore-ref") + "']").ifPresent(element3 -> {
            element2.setAttribute("tokenStore", (String) element3.getAttributes().stream().filter(attribute -> {
                return "accessTokenObjectStore-ref".equals(attribute.getName());
            }).map(attribute2 -> {
                return attribute2.getValue();
            }).findFirst().get());
            if (atomicReference.get() != null) {
                ((Element) atomicReference.get()).setAttribute("objectStore", (String) element3.getAttributes().stream().filter(attribute3 -> {
                    return "refreshTokenObjectStore-ref".equals(attribute3.getName());
                }).map(attribute4 -> {
                    return attribute4.getValue();
                }).findFirst().get());
            }
        });
        if (element.getAttributeValue("tokenStore-ref") != null) {
            element.removeAttribute("tokenStore-ref");
            if (element.getAttributeValue("tokenTtlSeconds") != null) {
                migrationReport.report("oauth2Provider.tokenTtl", element, element2, new String[0]);
                element.removeAttribute("tokenTtlSeconds");
            }
        }
        element.addContent((Content) element2);
    }

    private void migrateAuthorizationConfig(Element element, MigrationReport migrationReport) {
        Element element2 = new Element("authorization-config", OAUTH2_PROVIDER_NAMESPACE);
        if (element.getAttributeValue("loginPage") != null) {
            element2.setAttribute("loginPage", element.getAttributeValue("loginPage"));
            element.removeAttribute("loginPage");
        }
        String attributeValue = element.getAttributeValue("authorizationEndpointPath");
        if (attributeValue != null) {
            element2.setAttribute(ClientCookie.PATH_ATTR, attributeValue.startsWith("/") ? attributeValue : "/" + attributeValue);
            element.removeAttribute("authorizationEndpointPath");
        }
        if (element.getAttributeValue("authorizationCodeStore-ref") != null) {
            getApplicationModel().getNodeOptional("//*[namespace-uri() = 'http://www.springframework.org/schema/beans' and local-name() = 'bean' and @name='" + element.getAttributeValue("authorizationCodeStore-ref") + "']").ifPresent(element3 -> {
                element2.setAttribute("authorizationCodeStore", (String) element3.getAttributes().stream().filter(attribute -> {
                    return "objectStore-ref".equals(attribute.getName());
                }).map(attribute2 -> {
                    return attribute2.getValue();
                }).findFirst().get());
            });
            element.removeAttribute("authorizationCodeStore-ref");
            if (element.getAttributeValue("authorizationTtlSeconds") != null) {
                migrationReport.report("oauth2Provider.authorizationTtl", element, element2, new String[0]);
                element.removeAttribute("authorizationTtlSeconds");
            }
        }
        element.addContent((Content) element2);
    }

    private void migrateClients(Element element) {
        Element child = element.getChild("clients", OAUTH2_PROVIDER_NAMESPACE);
        if (child != null) {
            child.detach();
            element.addContent((Content) child);
            child.getChildren("client", OAUTH2_PROVIDER_NAMESPACE).forEach(element2 -> {
                if (element2.getChild("redirect-uris", OAUTH2_PROVIDER_NAMESPACE) != null) {
                    element2.getChild("redirect-uris", OAUTH2_PROVIDER_NAMESPACE).setName("client-redirect-uris").getChildren("redirect-uri", OAUTH2_PROVIDER_NAMESPACE).forEach(element2 -> {
                        element2.setAttribute("value", element2.getTextTrim());
                        element2.setName("client-redirect-uri");
                        element2.removeContent();
                    });
                }
                if (element2.getChild("authorized-grant-types", OAUTH2_PROVIDER_NAMESPACE) != null) {
                    element2.getChild("authorized-grant-types", OAUTH2_PROVIDER_NAMESPACE).setName("client-authorized-grant-types").getChildren("authorized-grant-type", OAUTH2_PROVIDER_NAMESPACE).forEach(element3 -> {
                        element3.setAttribute("value", element3.getTextTrim());
                        element3.setName("client-authorized-grant-type");
                        element3.removeContent();
                    });
                }
                if (element2.getChild("scopes", OAUTH2_PROVIDER_NAMESPACE) != null) {
                    element2.getChild("scopes", OAUTH2_PROVIDER_NAMESPACE).setName("client-scopes").getChildren("scope", OAUTH2_PROVIDER_NAMESPACE).forEach(element4 -> {
                        element4.setAttribute("value", element4.getTextTrim());
                        element4.setName("client-scope");
                        element4.removeContent();
                    });
                }
            });
        }
    }

    protected Element getHttpConnector(String str) {
        return getApplicationModel().getNodeOptional("/*/*[namespace-uri()='http://www.mulesoft.org/schema/mule/http' and local-name()='connector' and @name = '" + str + "']").orElse(getApplicationModel().getNode("/*/*[namespace-uri()='http://www.mulesoft.org/schema/mule/https' and local-name()='connector' and @name = '" + str + "']"));
    }
}
