package org.mule.extension.oauth2.internal.authorizationcode;

import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import org.mule.extension.http.api.HttpResponseAttributes;
import org.mule.extension.http.internal.listener.server.HttpListenerConfig;
import org.mule.extension.oauth2.api.RequestAuthenticationException;
import org.mule.extension.oauth2.internal.AbstractGrantType;
import org.mule.extension.oauth2.internal.OAuthCallbackServersManager;
import org.mule.extension.oauth2.internal.authorizationcode.state.ConfigOAuthContext;
import org.mule.extension.oauth2.internal.authorizationcode.state.ResourceOwnerOAuthContext;
import org.mule.extension.oauth2.internal.tokenmanager.TokenManagerConfig;
import org.mule.runtime.api.connection.ConnectionException;
import org.mule.runtime.api.exception.MuleException;
import org.mule.runtime.api.i18n.I18nMessageFactory;
import org.mule.runtime.api.lifecycle.InitialisationException;
import org.mule.runtime.api.lifecycle.Lifecycle;
import org.mule.runtime.api.meta.ExpressionSupport;
import org.mule.runtime.api.tls.TlsContextFactory;
import org.mule.runtime.core.api.DefaultMuleException;
import org.mule.runtime.core.api.MuleContext;
import org.mule.runtime.core.api.lifecycle.LifecycleUtils;
import org.mule.runtime.core.api.scheduler.SchedulerService;
import org.mule.runtime.extension.api.annotation.Alias;
import org.mule.runtime.extension.api.annotation.Expression;
import org.mule.runtime.extension.api.annotation.param.Optional;
import org.mule.runtime.extension.api.annotation.param.Parameter;
import org.mule.runtime.extension.api.annotation.param.ParameterGroup;
import org.mule.runtime.extension.api.annotation.param.UseConfig;
import org.mule.runtime.extension.api.annotation.param.display.DisplayName;
import org.mule.runtime.extension.api.annotation.param.display.Placement;
import org.mule.runtime.extension.api.runtime.operation.ParameterResolver;
import org.mule.runtime.extension.api.runtime.operation.Result;
import org.mule.service.http.api.domain.message.request.HttpRequestBuilder;
import org.mule.service.http.api.server.HttpServer;
import org.mule.service.http.api.server.HttpServerConfiguration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Alias("authorization-code-grant-type")
/* loaded from: input_file:org/mule/extension/oauth2/internal/authorizationcode/DefaultAuthorizationCodeGrantType.class */
public class DefaultAuthorizationCodeGrantType extends AbstractGrantType implements Lifecycle, AuthorizationCodeGrantType {
    private static final Logger LOGGER = LoggerFactory.getLogger(DefaultAuthorizationCodeGrantType.class);

    @Parameter
    private String clientId;

    @Parameter
    private String clientSecret;

    @UseConfig
    @Optional
    private HttpListenerConfig localCallbackConfig;

    @Optional
    @Parameter
    private String localCallbackConfigPath;

    @Optional
    @Parameter
    private String localCallbackUrl;

    @Parameter
    private String externalCallbackUrl;

    @Parameter
    @ParameterGroup(name = "authorization-request")
    private AuthorizationRequestHandler authorizationRequestHandler;

    @Parameter
    @ParameterGroup(name = "token-request")
    private AutoAuthorizationCodeTokenRequestHandler tokenRequestHandler;
    private OAuthCallbackServersManager serversManager;
    private SchedulerService schedulerService;

    @Optional
    @Parameter
    @Placement(tab = "Security")
    @DisplayName("TLS Configuration")
    @Expression(ExpressionSupport.NOT_SUPPORTED)
    private TlsContextFactory tlsContextFactory;
    private HttpServer server;

    @Optional(defaultValue = ResourceOwnerOAuthContext.DEFAULT_RESOURCE_OWNER_ID)
    @Parameter
    private ParameterResolver<String> resourceOwnerId;

    @Override // org.mule.extension.oauth2.internal.authorizationcode.AuthorizationCodeGrantType
    public HttpListenerConfig getLocalCallbackConfig() {
        return this.localCallbackConfig;
    }

    @Override // org.mule.extension.oauth2.internal.authorizationcode.AuthorizationCodeGrantType
    public String getLocalCallbackConfigPath() {
        return this.localCallbackConfigPath;
    }

    @Override // org.mule.extension.oauth2.internal.authorizationcode.AuthorizationCodeGrantType
    public String getLocalCallbackUrl() {
        return this.localCallbackUrl;
    }

    @Override // org.mule.extension.oauth2.internal.authorizationcode.AuthorizationCodeGrantType
    public String getExternalCallbackUrl() {
        return this.externalCallbackUrl;
    }

    @Override // org.mule.extension.oauth2.internal.authorizationcode.AuthorizationCodeGrantType
    public ConfigOAuthContext getUserOAuthContext() {
        return this.tokenManager.getConfigOAuthContext();
    }

    @Override // org.mule.extension.oauth2.internal.ApplicationCredentials
    public String getClientSecret() {
        return this.clientSecret;
    }

    @Override // org.mule.extension.oauth2.internal.ApplicationCredentials
    public String getClientId() {
        return this.clientId;
    }

    @Override // org.mule.extension.oauth2.internal.authorizationcode.AuthorizationCodeGrantType
    public TlsContextFactory getTlsContext() {
        return this.tlsContextFactory;
    }

    public void initialise() throws InitialisationException {
        try {
            this.serversManager = (OAuthCallbackServersManager) this.muleContext.getRegistry().lookupObject(OAuthCallbackServersManager.class);
            this.schedulerService = this.muleContext.getSchedulerService();
            if (this.tokenManager == null) {
                this.tokenManager = TokenManagerConfig.createDefault(this.muleContext);
            }
            LifecycleUtils.initialiseIfNeeded(this.tokenManager, this.muleContext);
            if (this.localCallbackConfig != null && this.localCallbackUrl != null) {
                throw new IllegalArgumentException("Attributes localCallbackConfig and localCallbackUrl are mutually exclusive");
            }
            if ((this.localCallbackConfig == null) != (this.localCallbackConfigPath == null)) {
                throw new IllegalArgumentException("Attributes localCallbackConfig and localCallbackConfigPath must be both present or absent");
            }
            if (this.tlsContextFactory != null) {
                LifecycleUtils.initialiseIfNeeded(this.tlsContextFactory);
                this.tokenRequestHandler.setTlsContextFactory(this.tlsContextFactory);
            }
            this.tokenRequestHandler.setMuleContext(this.muleContext);
            this.tokenRequestHandler.initialise();
            buildHttpServer();
        } catch (Exception e) {
            throw new InitialisationException(e, this);
        }
    }

    private void buildHttpServer() throws InitialisationException {
        HttpServerConfiguration.Builder builder = new HttpServerConfiguration.Builder();
        if (getLocalCallbackUrl() == null) {
            if (getLocalCallbackConfig() == null) {
                throw new IllegalStateException("No localCallbackUrl or localCallbackConfig defined.");
            }
            throw new UnsupportedOperationException("Not implemented yet.");
        }
        try {
            URL url = new URL(getLocalCallbackUrl());
            builder.setHost(url.getHost()).setPort(url.getPort());
            if (getTlsContext() != null) {
                builder.setTlsContextFactory(getTlsContext());
            }
            try {
                this.server = this.serversManager.getServer(builder.setSchedulerSupplier(() -> {
                    return this.schedulerService.ioScheduler();
                }).build());
            } catch (ConnectionException e) {
                LOGGER.warn("Could not create server for OAuth callback.");
                throw new InitialisationException(e, this);
            }
        } catch (MalformedURLException e2) {
            LOGGER.warn("Could not parse provided url %s. Validate that the url is correct", getLocalCallbackUrl());
            throw new InitialisationException(e2, this);
        }
    }

    public void authenticate(HttpRequestBuilder httpRequestBuilder) throws MuleException {
        String accessToken = getUserOAuthContext().getContextForResourceOwner((String) this.resourceOwnerId.resolve()).getAccessToken();
        if (accessToken == null) {
            throw new RequestAuthenticationException(I18nMessageFactory.createStaticMessage(String.format("No access token for the '%s' user. Verify that you have authenticated the user before trying to execute an operation to the API.", this.resourceOwnerId.resolve())));
        }
        httpRequestBuilder.addHeader("Authorization", buildAuthorizationHeaderContent(accessToken));
    }

    public boolean shouldRetry(Result<Object, HttpResponseAttributes> result) throws MuleException {
        Boolean bool = (Boolean) this.resolver.resolveExpression(this.tokenRequestHandler.getRefreshTokenWhen(), result);
        if (bool.booleanValue()) {
            this.tokenRequestHandler.refreshToken((String) this.resolver.resolveExpression(this.resourceOwnerId, result));
        }
        return bool.booleanValue();
    }

    @Override // org.mule.extension.oauth2.internal.AbstractGrantType
    public void setMuleContext(MuleContext muleContext) {
        super.setMuleContext(muleContext);
        this.authorizationRequestHandler.setMuleContext(muleContext);
    }

    public void start() throws MuleException {
        try {
            this.server.start();
            if (this.authorizationRequestHandler != null) {
                this.authorizationRequestHandler.setOauthConfig(this);
                this.authorizationRequestHandler.init();
                this.authorizationRequestHandler.start();
            }
            if (this.tokenRequestHandler != null) {
                this.tokenRequestHandler.setOauthConfig(this);
                this.tokenRequestHandler.init();
                this.tokenRequestHandler.start();
            }
        } catch (IOException e) {
            throw new DefaultMuleException(e);
        }
    }

    public void stop() throws MuleException {
        this.tokenRequestHandler.stop();
        this.authorizationRequestHandler.stop();
        this.server.stop();
    }

    public void dispose() {
        this.server.dispose();
    }

    @Override // org.mule.extension.oauth2.internal.authorizationcode.AuthorizationCodeGrantType
    public HttpServer getServer() {
        return this.server;
    }
}
