package org.mule.runtime.module.extension.internal.runtime.connectivity.oauth;

import java.lang.reflect.Field;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.ConcurrentHashMap;
import java.util.function.BiConsumer;
import java.util.function.Function;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import javax.inject.Inject;
import javax.inject.Named;
import org.mule.runtime.api.artifact.Registry;
import org.mule.runtime.api.el.MuleExpressionLanguage;
import org.mule.runtime.api.exception.MuleException;
import org.mule.runtime.api.exception.MuleRuntimeException;
import org.mule.runtime.api.i18n.I18nMessageFactory;
import org.mule.runtime.api.lifecycle.Initialisable;
import org.mule.runtime.api.lifecycle.InitialisationException;
import org.mule.runtime.api.lifecycle.Startable;
import org.mule.runtime.api.lifecycle.Stoppable;
import org.mule.runtime.api.lock.LockFactory;
import org.mule.runtime.api.message.Message;
import org.mule.runtime.api.store.ObjectStore;
import org.mule.runtime.api.store.ObjectStoreManager;
import org.mule.runtime.api.util.LazyValue;
import org.mule.runtime.api.util.Pair;
import org.mule.runtime.api.util.Preconditions;
import org.mule.runtime.core.api.MuleContext;
import org.mule.runtime.core.api.config.MuleProperties;
import org.mule.runtime.core.api.construct.Flow;
import org.mule.runtime.core.api.event.CoreEvent;
import org.mule.runtime.core.api.event.EventContextFactory;
import org.mule.runtime.core.api.lifecycle.LifecycleUtils;
import org.mule.runtime.core.api.util.SystemUtils;
import org.mule.runtime.core.internal.event.DefaultEventContext;
import org.mule.runtime.core.internal.util.LazyLookup;
import org.mule.runtime.core.privileged.event.BaseEventContext;
import org.mule.runtime.core.privileged.processor.MessageProcessors;
import org.mule.runtime.dsl.api.component.config.DefaultComponentLocation;
import org.mule.runtime.extension.api.connectivity.oauth.AuthorizationCodeGrantType;
import org.mule.runtime.extension.api.connectivity.oauth.AuthorizationCodeState;
import org.mule.runtime.extension.api.connectivity.oauth.ExtensionOAuthConstants;
import org.mule.runtime.http.api.HttpService;
import org.mule.runtime.http.api.server.HttpServer;
import org.mule.runtime.http.api.server.ServerNotFoundException;
import org.mule.runtime.module.extension.api.runtime.connectivity.oauth.ImmutableAuthCodeRequest;
import org.mule.runtime.module.extension.internal.store.LazyObjectStoreToMapAdapter;
import org.mule.runtime.oauth.api.AuthorizationCodeOAuthDancer;
import org.mule.runtime.oauth.api.AuthorizationCodeRequest;
import org.mule.runtime.oauth.api.OAuthService;
import org.mule.runtime.oauth.api.builder.AuthorizationCodeDanceCallbackContext;
import org.mule.runtime.oauth.api.builder.AuthorizationCodeListener;
import org.mule.runtime.oauth.api.builder.OAuthAuthorizationCodeDancerBuilder;
import org.mule.runtime.oauth.api.state.ResourceOwnerOAuthContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import reactor.core.publisher.Mono;

/* loaded from: input_file:org/mule/runtime/module/extension/internal/runtime/connectivity/oauth/DefaultExtensionsOAuthManager.class */
public class DefaultExtensionsOAuthManager implements Initialisable, Startable, Stoppable, ExtensionsOAuthManager {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) DefaultExtensionsOAuthManager.class);
    private static final String DANCE_CALLBACK_EVENT_KEY = "event";

    @Inject
    private MuleContext muleContext;

    @Inject
    private LockFactory lockFactory;

    @Inject
    @Named(MuleProperties.OBJECT_STORE_MANAGER)
    private ObjectStoreManager objectStoreManager;

    @Inject
    private MuleExpressionLanguage expressionEvaluator;

    @Inject
    private Registry registry;
    private LazyValue<HttpService> httpService;
    private LazyValue<OAuthService> oauthService;
    private final Map<String, AuthorizationCodeOAuthDancer> dancers = new ConcurrentHashMap();
    private boolean started = false;

    @Override // org.mule.runtime.api.lifecycle.Initialisable
    public void initialise() throws InitialisationException {
        this.httpService = new LazyLookup(HttpService.class, this.muleContext);
        this.oauthService = new LazyLookup(OAuthService.class, this.muleContext);
    }

    @Override // org.mule.runtime.api.lifecycle.Startable
    public void start() throws MuleException {
        Iterator<AuthorizationCodeOAuthDancer> it = this.dancers.values().iterator();
        while (it.hasNext()) {
            start(it.next());
        }
        this.started = true;
    }

    @Override // org.mule.runtime.module.extension.internal.runtime.connectivity.oauth.ExtensionsOAuthManager
    public AuthorizationCodeOAuthDancer register(OAuthConfig oAuthConfig) throws MuleException {
        return register(oAuthConfig, Collections.emptyList());
    }

    @Override // org.mule.runtime.module.extension.internal.runtime.connectivity.oauth.ExtensionsOAuthManager
    public AuthorizationCodeOAuthDancer register(OAuthConfig oAuthConfig, List<AuthorizationCodeListener> list) {
        return this.dancers.computeIfAbsent(oAuthConfig.getOwnerConfigName(), str -> {
            return createDancer(oAuthConfig, list);
        });
    }

    @Override // org.mule.runtime.module.extension.internal.runtime.connectivity.oauth.ExtensionsOAuthManager
    public void invalidate(String str, String str2) {
        AuthorizationCodeOAuthDancer authorizationCodeOAuthDancer = this.dancers.get(str);
        if (authorizationCodeOAuthDancer == null) {
            return;
        }
        authorizationCodeOAuthDancer.invalidateContext(str2);
    }

    private void disable(String str, AuthorizationCodeOAuthDancer authorizationCodeOAuthDancer) {
        try {
            try {
                LifecycleUtils.stopIfNeeded(authorizationCodeOAuthDancer);
                LifecycleUtils.disposeIfNeeded(authorizationCodeOAuthDancer, LOGGER);
            } catch (Exception e) {
                LOGGER.warn("Found exception trying to Stop OAuth dancer for config " + str, (Throwable) e);
                LifecycleUtils.disposeIfNeeded(authorizationCodeOAuthDancer, LOGGER);
            }
        } catch (Throwable th) {
            LifecycleUtils.disposeIfNeeded(authorizationCodeOAuthDancer, LOGGER);
            throw th;
        }
    }

    @Override // org.mule.runtime.api.lifecycle.Stoppable
    public void stop() throws MuleException {
        this.dancers.forEach((str, authorizationCodeOAuthDancer) -> {
            try {
                disable(str, authorizationCodeOAuthDancer);
            } catch (Exception e) {
                LOGGER.warn("Found exception while trying to stop OAuth callback for config " + str, (Throwable) e);
            }
        });
        this.dancers.clear();
    }

    @Override // org.mule.runtime.module.extension.internal.runtime.connectivity.oauth.ExtensionsOAuthManager
    public void refreshToken(String str, String str2, OAuthConnectionProviderWrapper oAuthConnectionProviderWrapper) {
        try {
            this.dancers.get(str).refreshToken(str2).get();
        } catch (Exception e) {
            throw new MuleRuntimeException(I18nMessageFactory.createStaticMessage(String.format("Could not refresh token for resourceOwnerId '%s' using config '%s'", str2, str)), e);
        }
    }

    @Override // org.mule.runtime.module.extension.internal.runtime.connectivity.oauth.ExtensionsOAuthManager
    public Optional<ResourceOwnerOAuthContext> getOAuthContext(OAuthConfig oAuthConfig) {
        AuthorizationCodeOAuthDancer authorizationCodeOAuthDancer = this.dancers.get(oAuthConfig.getOwnerConfigName());
        if (authorizationCodeOAuthDancer == null) {
            return Optional.empty();
        }
        ResourceOwnerOAuthContext contextForResourceOwner = authorizationCodeOAuthDancer.getContextForResourceOwner(oAuthConfig.getAuthCodeConfig().getResourceOwnerId());
        return (contextForResourceOwner == null || contextForResourceOwner.getAccessToken() == null) ? Optional.empty() : Optional.of(contextForResourceOwner);
    }

    private AuthorizationCodeOAuthDancer createDancer(OAuthConfig oAuthConfig, List<AuthorizationCodeListener> list) throws MuleException {
        Preconditions.checkArgument(list != null, "listeners cannot be null");
        OAuthAuthorizationCodeDancerBuilder authorizationCodeGrantTypeDancerBuilder = this.oauthService.get().authorizationCodeGrantTypeDancerBuilder(str -> {
            return this.lockFactory.createLock(str);
        }, new LazyObjectStoreToMapAdapter(getObjectStoreSupplier(oAuthConfig)), this.expressionEvaluator);
        AuthCodeConfig authCodeConfig = oAuthConfig.getAuthCodeConfig();
        AuthorizationCodeGrantType grantType = oAuthConfig.getGrantType();
        OAuthCallbackConfig callbackConfig = oAuthConfig.getCallbackConfig();
        authorizationCodeGrantTypeDancerBuilder.encoding(SystemUtils.getDefaultEncoding(this.muleContext)).clientCredentials(authCodeConfig.getConsumerKey(), authCodeConfig.getConsumerSecret()).tokenUrl(authCodeConfig.getAccessTokenUrl()).responseExpiresInExpr(grantType.getExpirationRegex()).responseRefreshTokenExpr(grantType.getRefreshTokenExpr()).responseAccessTokenExpr(grantType.getAccessTokenExpr()).resourceOwnerIdTransformer(str2 -> {
            return str2 + "-" + oAuthConfig.getOwnerConfigName();
        });
        String orElseGet = authCodeConfig.getScope().orElseGet(() -> {
            return grantType.getDefaultScope().orElse(null);
        });
        if (orElseGet != null) {
            authorizationCodeGrantTypeDancerBuilder.scopes(orElseGet);
        }
        try {
            HttpServer lookup = this.httpService.get().getServerFactory().lookup(callbackConfig.getListenerConfig());
            authorizationCodeGrantTypeDancerBuilder.localCallback(lookup, callbackConfig.getCallbackPath()).externalCallbackUrl(getExternalCallback(lookup, callbackConfig)).authorizationUrl(authCodeConfig.getAuthorizationUrl()).localAuthorizationUrlPath(callbackConfig.getLocalAuthorizePath()).localAuthorizationUrlResourceOwnerId("#[attributes.queryParams.resourceOwnerId]").state("#[attributes.queryParams.state]").customParameters(oAuthConfig.getCustomParameters()).customParametersExtractorsExprs(getParameterExtractors(oAuthConfig));
            Pair<Optional<Flow>, Optional<Flow>> listenerFlows = getListenerFlows(oAuthConfig);
            listenerFlows.getFirst().ifPresent(flow -> {
                authorizationCodeGrantTypeDancerBuilder.beforeDanceCallback(beforeCallback(oAuthConfig, flow));
            });
            listenerFlows.getSecond().ifPresent(flow2 -> {
                authorizationCodeGrantTypeDancerBuilder.afterDanceCallback(afterCallback(oAuthConfig, flow2));
            });
            authorizationCodeGrantTypeDancerBuilder.getClass();
            list.forEach(authorizationCodeGrantTypeDancerBuilder::addListener);
            AuthorizationCodeOAuthDancer build = authorizationCodeGrantTypeDancerBuilder.build();
            if (this.started) {
                start(build);
            }
            return build;
        } catch (ServerNotFoundException e) {
            throw new MuleRuntimeException(I18nMessageFactory.createStaticMessage(String.format("Connector '%s' defines '%s' as the http:listener-config to use for provisioning callbacks, but no such definition exists in the application configuration", oAuthConfig.getOwnerConfigName(), callbackConfig.getListenerConfig())), e);
        }
    }

    private String getExternalCallback(HttpServer httpServer, OAuthCallbackConfig oAuthCallbackConfig) {
        return oAuthCallbackConfig.getExternalCallbackUrl().orElseGet(() -> {
            try {
                return new URL(httpServer.getProtocol().getScheme(), httpServer.getServerAddress().getIp(), httpServer.getServerAddress().getPort(), oAuthCallbackConfig.getCallbackPath()).toExternalForm();
            } catch (MalformedURLException e) {
                throw new MuleRuntimeException(I18nMessageFactory.createStaticMessage(String.format("Could not derive a external callback url from <http:listener-config> '%s'", oAuthCallbackConfig.getListenerConfig())), e);
            }
        });
    }

    private void start(AuthorizationCodeOAuthDancer authorizationCodeOAuthDancer) throws MuleException {
        LifecycleUtils.initialiseIfNeeded(authorizationCodeOAuthDancer, this.muleContext);
        LifecycleUtils.startIfNeeded(authorizationCodeOAuthDancer);
    }

    private Supplier<ObjectStore> getObjectStoreSupplier(OAuthConfig oAuthConfig) {
        return () -> {
            return this.objectStoreManager.getObjectStore((String) oAuthConfig.getStoreConfig().map((v0) -> {
                return v0.getObjectStoreName();
            }).orElse(ObjectStoreManager.BASE_PERSISTENT_OBJECT_STORE_KEY));
        };
    }

    private Map<String, String> getParameterExtractors(OAuthConfig oAuthConfig) {
        return (Map) oAuthConfig.getParameterExtractors().entrySet().stream().collect(Collectors.toMap(entry -> {
            return ((Field) entry.getKey()).getName();
        }, (v0) -> {
            return v0.getValue();
        }));
    }

    private Pair<Optional<Flow>, Optional<Flow>> getListenerFlows(OAuthConfig oAuthConfig) {
        AuthCodeConfig authCodeConfig = oAuthConfig.getAuthCodeConfig();
        try {
            return new Pair<>(lookupFlow(authCodeConfig.getBefore()), lookupFlow(authCodeConfig.getAfter()));
        } catch (Exception e) {
            throw new MuleRuntimeException(I18nMessageFactory.createStaticMessage("Could not obtain 'before' and 'after' OAuth flows defined by config " + oAuthConfig.getOwnerConfigName(), e));
        }
    }

    private Optional<Flow> lookupFlow(Optional<String> optional) {
        return optional.map(this::lookupFlow);
    }

    private Flow lookupFlow(String str) {
        return (Flow) this.registry.lookupByName(str).orElseThrow(() -> {
            return new IllegalArgumentException("Flow " + str + " doesn't exist");
        });
    }

    private Function<AuthorizationCodeRequest, AuthorizationCodeDanceCallbackContext> beforeCallback(OAuthConfig oAuthConfig, Flow flow) {
        return authorizationCodeRequest -> {
            CoreEvent runFlow = runFlow(flow, createEvent(new ImmutableAuthCodeRequest(authorizationCodeRequest.getResourceOwnerId(), authorizationCodeRequest.getScopes(), authorizationCodeRequest.getState().orElse(null), oAuthConfig.getCallbackConfig().getExternalCallbackUrl()), oAuthConfig, flow), oAuthConfig, ExtensionOAuthConstants.BEFORE_FLOW_PARAMETER_NAME);
            return str -> {
                return DANCE_CALLBACK_EVENT_KEY.equals(str) ? Optional.of(runFlow) : Optional.empty();
            };
        };
    }

    private BiConsumer<AuthorizationCodeDanceCallbackContext, ResourceOwnerOAuthContext> afterCallback(OAuthConfig oAuthConfig, Flow flow) {
        return (authorizationCodeDanceCallbackContext, resourceOwnerOAuthContext) -> {
            AuthorizationCodeState authorizationCodeState = ExtensionsOAuthUtils.toAuthorizationCodeState(oAuthConfig, resourceOwnerOAuthContext);
            runFlow(flow, CoreEvent.builder((CoreEvent) authorizationCodeDanceCallbackContext.getParameter(DANCE_CALLBACK_EVENT_KEY).orElseGet(() -> {
                return createEvent(authorizationCodeState, oAuthConfig, flow);
            })).message(Message.builder().value(authorizationCodeState).build()).build(), oAuthConfig, ExtensionOAuthConstants.AFTER_FLOW_PARAMETER_NAME);
        };
    }

    private CoreEvent createEvent(Object obj, OAuthConfig oAuthConfig, Flow flow) {
        return CoreEvent.builder(EventContextFactory.create(flow, DefaultComponentLocation.fromSingleComponent(oAuthConfig.getOwnerConfigName()))).message(Message.builder().value(obj).build()).build();
    }

    private CoreEvent runFlow(Flow flow, CoreEvent coreEvent, OAuthConfig oAuthConfig, String str) {
        return (CoreEvent) Mono.from(MessageProcessors.processWithChildContext(coreEvent, flow, DefaultEventContext.child((BaseEventContext) coreEvent.getContext(), Optional.of(flow.getLocation())))).onErrorMap(MuleException.class, muleException -> {
            return new MuleRuntimeException(I18nMessageFactory.createStaticMessage(String.format("Error found while execution flow '%s' which is configured in the '%s' parameter of the '%s' config", flow.getName(), str, oAuthConfig.getOwnerConfigName()), muleException));
        }).block();
    }
}
