package org.mule.extension.oauth2.internal.authorizationcode;

import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.function.Function;
import org.mule.extension.http.api.HttpRequestAttributes;
import org.mule.extension.http.api.HttpResponseAttributes;
import org.mule.extension.oauth2.api.exception.TokenNotFoundException;
import org.mule.extension.oauth2.internal.AbstractTokenRequestHandler;
import org.mule.extension.oauth2.internal.MuleEventLogger;
import org.mule.extension.oauth2.internal.OAuthConstants;
import org.mule.extension.oauth2.internal.StateDecoder;
import org.mule.extension.oauth2.internal.authorizationcode.state.ResourceOwnerOAuthContext;
import org.mule.runtime.api.exception.MuleException;
import org.mule.runtime.api.exception.MuleRuntimeException;
import org.mule.runtime.api.metadata.MediaType;
import org.mule.runtime.core.api.DefaultMuleException;
import org.mule.runtime.core.api.transformer.TransformerException;
import org.mule.runtime.core.config.i18n.CoreMessages;
import org.mule.runtime.core.util.StringUtils;
import org.mule.runtime.extension.api.runtime.operation.Result;
import org.mule.service.http.api.HttpConstants;
import org.mule.service.http.api.domain.ParameterMap;
import org.mule.service.http.api.utils.HttpEncoderDecoderUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/mule/extension/oauth2/internal/authorizationcode/AutoAuthorizationCodeTokenRequestHandler.class */
public class AutoAuthorizationCodeTokenRequestHandler extends AbstractAuthorizationCodeTokenRequestHandler {
    private static final Logger LOGGER = LoggerFactory.getLogger(AutoAuthorizationCodeTokenRequestHandler.class);
    public static final String AUTHORIZATION_STATUS_QUERY_PARAM_KEY = "authorizationStatus";
    public static final int NO_AUTHORIZATION_CODE_STATUS = 100;
    public static final int TOKEN_URL_CALL_FAILED_STATUS = 200;
    public static final int TOKEN_NOT_FOUND_STATUS = 201;
    public static final int FAILURE_PROCESSING_REDIRECT_URL_REQUEST_STATUS = 300;
    private MuleEventLogger muleEventLogger;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/mule/extension/oauth2/internal/authorizationcode/AutoAuthorizationCodeTokenRequestHandler$NoAuthorizationCodeException.class */
    public class NoAuthorizationCodeException extends Exception {
        private NoAuthorizationCodeException() {
        }
    }

    @Override // org.mule.extension.oauth2.internal.authorizationcode.AbstractAuthorizationCodeTokenRequestHandler
    public void init() throws MuleException {
        createListenerForCallbackUrl();
        this.muleEventLogger = new MuleEventLogger(LOGGER);
    }

    @Override // org.mule.extension.oauth2.internal.authorizationcode.AbstractAuthorizationCodeTokenRequestHandler
    protected Function<Result<Object, HttpRequestAttributes>, Result<String, HttpResponseAttributes>> createRedirectUrlProcessor() {
        return result -> {
            int i = 0;
            HttpConstants.HttpStatus httpStatus = HttpConstants.HttpStatus.OK;
            String str = "Successfully retrieved access token";
            HttpRequestAttributes httpRequestAttributes = (HttpRequestAttributes) result.getAttributes().get();
            String str2 = httpRequestAttributes.getQueryParams().get(OAuthConstants.STATE_PARAMETER);
            StateDecoder stateDecoder = new StateDecoder(str2);
            try {
                String processAuthorizationCode = processAuthorizationCode(httpRequestAttributes);
                if (LOGGER.isDebugEnabled()) {
                    LOGGER.debug("Redirect url request state: " + str2);
                    LOGGER.debug("Redirect url request code: " + processAuthorizationCode);
                }
                Result<Object, HttpResponseAttributes> invokeTokenUrl = invokeTokenUrl(setMapPayloadWithTokenRequestParameters(processAuthorizationCode), null);
                String decodeOriginalState = stateDecoder.decodeOriginalState();
                String decodeResourceOwnerId = stateDecoder.decodeResourceOwnerId();
                ResourceOwnerOAuthContext contextForResourceOwner = getOauthConfig().getUserOAuthContext().getContextForResourceOwner(decodeResourceOwnerId == null ? ResourceOwnerOAuthContext.DEFAULT_RESOURCE_OWNER_ID : decodeResourceOwnerId);
                logResourceOwnerOAuthContextBeforeUpdate(contextForResourceOwner);
                updateResourceOwnerState(contextForResourceOwner, decodeOriginalState, processTokenUrlResponse(invokeTokenUrl));
                getOauthConfig().getUserOAuthContext().updateResourceOwnerOAuthContext(contextForResourceOwner);
            } catch (TokenNotFoundException e) {
                LOGGER.error(e.getMessage());
                i = 201;
                httpStatus = HttpConstants.HttpStatus.INTERNAL_SERVER_ERROR;
                str = "Failed getting access token or refresh token from token URL response. See logs for details.";
            } catch (AbstractTokenRequestHandler.TokenUrlResponseException e2) {
                LOGGER.error(e2.getMessage());
                LOGGER.error("Token URL response body was: " + e2.getTokenUrlResponse());
                i = 200;
                httpStatus = HttpConstants.HttpStatus.INTERNAL_SERVER_ERROR;
                str = String.format("Failure calling token url %s. Exception message is %s", getTokenUrl(), e2.getMessage());
            } catch (MuleException e3) {
                LOGGER.error("Fail processing redirect URL request", e3);
                i = 300;
                httpStatus = HttpConstants.HttpStatus.INTERNAL_SERVER_ERROR;
                str = "Failed processing redirect URL request done from OAuth provider. See logs for details.";
            } catch (NoAuthorizationCodeException e4) {
                LOGGER.error("Could not extract authorization code from OAuth provider HTTP request done to the redirect URL");
                this.muleEventLogger.logContent(result);
                i = 100;
                httpStatus = HttpConstants.HttpStatus.BAD_REQUEST;
                str = "Failure retrieving access token.\n OAuth Server uri from callback: " + httpRequestAttributes.getRequestUri();
            }
            String decodeOnCompleteRedirectTo = stateDecoder.decodeOnCompleteRedirectTo();
            return Result.builder().output(str).attributes(!isEmpty(decodeOnCompleteRedirectTo) ? new HttpResponseAttributes(HttpConstants.HttpStatus.MOVED_TEMPORARILY.getStatusCode(), HttpConstants.HttpStatus.MOVED_TEMPORARILY.getReasonPhrase(), new ParameterMap(Collections.singletonMap("Location", HttpEncoderDecoderUtils.appendQueryParam(decodeOnCompleteRedirectTo, AUTHORIZATION_STATUS_QUERY_PARAM_KEY, String.valueOf(i))))) : new HttpResponseAttributes(httpStatus.getStatusCode(), httpStatus.getReasonPhrase(), new ParameterMap())).mediaType(MediaType.TEXT).build();
        };
    }

    private String processAuthorizationCode(HttpRequestAttributes httpRequestAttributes) throws NoAuthorizationCodeException {
        String str = httpRequestAttributes.getQueryParams().get(OAuthConstants.CODE_PARAMETER);
        if (str != null) {
            return str;
        }
        LOGGER.info("HTTP Request to redirect URL done by the OAuth provider does not contains a code query parameter. Code query parameter is required to get the access token.");
        throw new NoAuthorizationCodeException();
    }

    private Map<String, String> setMapPayloadWithTokenRequestParameters(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put(OAuthConstants.CODE_PARAMETER, str);
        hashMap.put(OAuthConstants.CLIENT_ID_PARAMETER, getOauthConfig().getClientId());
        hashMap.put(OAuthConstants.CLIENT_SECRET_PARAMETER, getOauthConfig().getClientSecret());
        hashMap.put(OAuthConstants.GRANT_TYPE_PARAMETER, OAuthConstants.GRANT_TYPE_AUTHENTICATION_CODE);
        hashMap.put(OAuthConstants.REDIRECT_URI_PARAMETER, getOauthConfig().getExternalCallbackUrl());
        return Collections.unmodifiableMap(hashMap);
    }

    private Map<String, String> setMapPayloadWithRefreshTokenRequestParameters(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("refresh_token", str);
        hashMap.put(OAuthConstants.CLIENT_ID_PARAMETER, getOauthConfig().getClientId());
        hashMap.put(OAuthConstants.CLIENT_SECRET_PARAMETER, getOauthConfig().getClientSecret());
        hashMap.put(OAuthConstants.GRANT_TYPE_PARAMETER, "refresh_token");
        hashMap.put(OAuthConstants.REDIRECT_URI_PARAMETER, getOauthConfig().getExternalCallbackUrl());
        return Collections.unmodifiableMap(hashMap);
    }

    private void logResourceOwnerOAuthContextBeforeUpdate(ResourceOwnerOAuthContext resourceOwnerOAuthContext) {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Update OAuth Context for resourceOwnerId %s", resourceOwnerOAuthContext.getResourceOwnerId());
        }
    }

    private AbstractTokenRequestHandler.TokenResponse processTokenUrlResponse(Result<Object, HttpResponseAttributes> result) throws TokenNotFoundException, TransformerException {
        AbstractTokenRequestHandler.TokenResponse processTokenResponse = processTokenResponse(result, true);
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Retrieved access token, refresh token and expires from token url are: %s, %s, %s", new Object[]{processTokenResponse.getAccessToken(), processTokenResponse.getRefreshToken(), processTokenResponse.getExpiresIn()});
        }
        if (tokenResponseContentIsValid(processTokenResponse)) {
            return processTokenResponse;
        }
        throw new TokenNotFoundException(result);
    }

    private void updateResourceOwnerState(ResourceOwnerOAuthContext resourceOwnerOAuthContext, String str, AbstractTokenRequestHandler.TokenResponse tokenResponse) {
        resourceOwnerOAuthContext.setAccessToken(tokenResponse.getAccessToken());
        if (tokenResponse.getRefreshToken() != null) {
            resourceOwnerOAuthContext.setRefreshToken(tokenResponse.getRefreshToken());
        }
        resourceOwnerOAuthContext.setExpiresIn(tokenResponse.getExpiresIn());
        if (str != null) {
            resourceOwnerOAuthContext.setState(str);
        }
        Map<String, Object> customResponseParameters = tokenResponse.getCustomResponseParameters();
        for (String str2 : customResponseParameters.keySet()) {
            Object obj = customResponseParameters.get(str2);
            if (obj != null) {
                resourceOwnerOAuthContext.getTokenResponseParameters().put(str2, obj);
            }
        }
        if (LOGGER.isDebugEnabled()) {
            Logger logger = LOGGER;
            Object[] objArr = new Object[5];
            objArr[0] = resourceOwnerOAuthContext.getResourceOwnerId();
            objArr[1] = resourceOwnerOAuthContext.getAccessToken();
            objArr[2] = StringUtils.isBlank(resourceOwnerOAuthContext.getRefreshToken()) ? "Not issued" : resourceOwnerOAuthContext.getRefreshToken();
            objArr[3] = resourceOwnerOAuthContext.getExpiresIn();
            objArr[4] = resourceOwnerOAuthContext.getState();
            logger.debug("New OAuth State for resourceOwnerId %s is: accessToken(%s), refreshToken(%s), expiresIn(%s), state(%s)", objArr);
        }
    }

    @Override // org.mule.extension.oauth2.internal.authorizationcode.AbstractAuthorizationCodeTokenRequestHandler
    public void doRefreshToken(ResourceOwnerOAuthContext resourceOwnerOAuthContext) {
        try {
            String refreshToken = resourceOwnerOAuthContext.getRefreshToken();
            if (refreshToken == null) {
                throw new DefaultMuleException(CoreMessages.createStaticMessage("The user with user id %s has no refresh token in his OAuth state so we can't execute the refresh token call", new Object[]{resourceOwnerOAuthContext.getResourceOwnerId()}));
            }
            Result<Object, HttpResponseAttributes> invokeTokenUrl = invokeTokenUrl(setMapPayloadWithRefreshTokenRequestParameters(refreshToken), null);
            logResourceOwnerOAuthContextBeforeUpdate(resourceOwnerOAuthContext);
            updateResourceOwnerState(resourceOwnerOAuthContext, null, processTokenUrlResponse(invokeTokenUrl));
        } catch (Exception e) {
            throw new MuleRuntimeException(e);
        }
    }
}
