package org.squashtest.tm.service.internal.servers;

import com.google.api.client.auth.oauth.AbstractOAuthGetToken;
import com.google.api.client.auth.oauth.OAuthAuthorizeTemporaryTokenUrl;
import com.google.api.client.auth.oauth.OAuthCredentialsResponse;
import com.google.api.client.auth.oauth.OAuthGetAccessToken;
import com.google.api.client.auth.oauth.OAuthGetTemporaryToken;
import com.google.api.client.auth.oauth.OAuthSigner;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.http.apache.ApacheHttpTransport;
import java.io.IOException;
import javax.inject.Inject;
import org.apache.commons.lang3.NotImplementedException;
import org.apache.commons.lang3.concurrent.ConcurrentException;
import org.apache.commons.lang3.concurrent.LazyInitializer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import org.squashtest.csp.core.bugtracker.core.BugTrackerNoCredentialsException;
import org.squashtest.csp.core.bugtracker.core.BugTrackerRemoteException;
import org.squashtest.csp.core.bugtracker.net.OAuthUtils;
import org.squashtest.tm.domain.servers.AuthenticationProtocol;
import org.squashtest.tm.domain.servers.OAuth1aCredentials;
import org.squashtest.tm.service.internal.servers.ServerOAuth1aConsumerConf;
import org.squashtest.tm.service.servers.CredentialsProvider;
import org.squashtest.tm.service.servers.OAuth1aConsumerService;
import org.squashtest.tm.service.servers.OAuth1aTemporaryTokens;
import org.squashtest.tm.service.servers.ServerAuthConfiguration;
import org.squashtest.tm.service.servers.StoredCredentialsManager;

@Service("squashtest.tm.service.OAuth1aConsumerService")
/* loaded from: input_file:WEB-INF/lib/tm.service-5.0.0.IT5.jar:org/squashtest/tm/service/internal/servers/OAuth1aConsumerServiceImpl.class */
public class OAuth1aConsumerServiceImpl implements OAuth1aConsumerService {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) OAuth1aConsumerServiceImpl.class);
    private static LazyInitializer<HttpTransport> transportInitializer = new LazyInitializer<HttpTransport>() { // from class: org.squashtest.tm.service.internal.servers.OAuth1aConsumerServiceImpl.1
        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.apache.commons.lang3.concurrent.LazyInitializer
        public HttpTransport initialize() throws ConcurrentException {
            return new ApacheHttpTransport();
        }
    };

    @Inject
    private StoredCredentialsManager credManager;

    @Inject
    private CredentialsProvider credProvider;
    private static volatile /* synthetic */ int[] $SWITCH_TABLE$org$squashtest$tm$domain$servers$OAuth1aCredentials$SignatureMethod;

    /* loaded from: input_file:WEB-INF/lib/tm.service-5.0.0.IT5.jar:org/squashtest/tm/service/internal/servers/OAuth1aConsumerServiceImpl$SquashGetAccessToken.class */
    private static final class SquashGetAccessToken extends OAuthGetAccessToken {
        public SquashGetAccessToken(ServerOAuth1aConsumerConf serverOAuth1aConsumerConf, OAuth1aTemporaryTokens oAuth1aTemporaryTokens) {
            super(serverOAuth1aConsumerConf.getAccessTokenUrl());
            boolean z = serverOAuth1aConsumerConf.getRequestTokenHttpMethod() == ServerOAuth1aConsumerConf.HttpMethod.POST;
            this.consumerKey = serverOAuth1aConsumerConf.getConsumerKey();
            this.signer = OAuth1aConsumerServiceImpl.createSigner(serverOAuth1aConsumerConf, oAuth1aTemporaryTokens.getTempTokenSecret());
            this.temporaryToken = oAuth1aTemporaryTokens.getTempToken();
            this.transport = OAuth1aConsumerServiceImpl.transport();
            this.verifier = oAuth1aTemporaryTokens.getVerifier();
            this.usePost = z;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/tm.service-5.0.0.IT5.jar:org/squashtest/tm/service/internal/servers/OAuth1aConsumerServiceImpl$SquashGetTemporaryToken.class */
    private static final class SquashGetTemporaryToken extends OAuthGetTemporaryToken {
        public SquashGetTemporaryToken(ServerOAuth1aConsumerConf serverOAuth1aConsumerConf, String str) {
            super(serverOAuth1aConsumerConf.getRequestTokenUrl());
            boolean z = serverOAuth1aConsumerConf.getRequestTokenHttpMethod() == ServerOAuth1aConsumerConf.HttpMethod.POST;
            this.callback = str;
            this.transport = OAuth1aConsumerServiceImpl.transport();
            this.consumerKey = serverOAuth1aConsumerConf.getConsumerKey();
            this.usePost = z;
            this.signer = OAuth1aConsumerServiceImpl.createSigner(serverOAuth1aConsumerConf, null);
        }
    }

    @Override // org.squashtest.tm.service.servers.OAuth1aConsumerService
    public OAuth1aTemporaryTokens requestTemporaryToken(long j, String str) {
        LOGGER.debug("requesting temporary tokens for user '{}' on server '{}' ", this.credProvider.currentUser(), Long.valueOf(j));
        ServerOAuth1aConsumerConf loadConf = loadConf(j);
        try {
            OAuthCredentialsResponse tryRequestToken = tryRequestToken(new SquashGetTemporaryToken(loadConf, str));
            LOGGER.trace("temporary token acquired, caching the tokens for the coming authorization step");
            OAuthAuthorizeTemporaryTokenUrl oAuthAuthorizeTemporaryTokenUrl = new OAuthAuthorizeTemporaryTokenUrl(loadConf.getUserAuthorizationUrl());
            oAuthAuthorizeTemporaryTokenUrl.temporaryToken = tryRequestToken.token;
            return new OAuth1aTemporaryTokens(tryRequestToken.token, tryRequestToken.tokenSecret, oAuthAuthorizeTemporaryTokenUrl.toString());
        } catch (IOException e) {
            throw new BugTrackerRemoteException("failed to retrieve OAuth temporary tokens because an exception occurred at the endpoint", e);
        }
    }

    @Override // org.squashtest.tm.service.servers.OAuth1aConsumerService
    public void authorize(long j, OAuth1aTemporaryTokens oAuth1aTemporaryTokens) {
        String currentUser = this.credProvider.currentUser();
        LOGGER.debug("authorizing Squash-TM for user '{}' on server '{}'", currentUser, Long.valueOf(j));
        try {
            UserOAuth1aToken userOAuth1aToken = new UserOAuth1aToken(tryRequestToken(new SquashGetAccessToken(loadConf(j), oAuth1aTemporaryTokens)).token, oAuth1aTemporaryTokens.getVerifier());
            LOGGER.trace("Squash-TM is now authorized by user '{}' on server '{}', now storing them in the database", currentUser, Long.valueOf(j));
            this.credManager.storeUserCredentials(j, currentUser, userOAuth1aToken);
        } catch (IOException e) {
            throw new BugTrackerRemoteException("failed to obtain authorization because an exception occurred at the endpoint", e);
        }
    }

    private ServerOAuth1aConsumerConf loadConf(long j) {
        LOGGER.debug("loading oauth conf for server '{}'", Long.valueOf(j));
        ServerAuthConfiguration unsecuredFindServerAuthConfiguration = this.credManager.unsecuredFindServerAuthConfiguration(j);
        if (unsecuredFindServerAuthConfiguration == null || unsecuredFindServerAuthConfiguration.getImplementedProtocol() != AuthenticationProtocol.OAUTH_1A) {
            throw new BugTrackerNoCredentialsException("No OAuth 1a configuration available !", null);
        }
        return (ServerOAuth1aConsumerConf) unsecuredFindServerAuthConfiguration;
    }

    private static OAuthSigner createSigner(ServerOAuth1aConsumerConf serverOAuth1aConsumerConf, String str) {
        OAuthSigner createRsaSigner;
        switch ($SWITCH_TABLE$org$squashtest$tm$domain$servers$OAuth1aCredentials$SignatureMethod()[serverOAuth1aConsumerConf.getSignatureMethod().ordinal()]) {
            case 1:
                createRsaSigner = OAuthUtils.createHmacSigner(serverOAuth1aConsumerConf.getClientSecret(), str);
                break;
            case 2:
                createRsaSigner = OAuthUtils.createRsaSigner(serverOAuth1aConsumerConf.getClientSecret());
                break;
            default:
                throw new NotImplementedException("OAuth signature protocol '" + serverOAuth1aConsumerConf.getSignatureMethod() + "' not supported !");
        }
        return createRsaSigner;
    }

    private OAuthCredentialsResponse tryRequestToken(AbstractOAuthGetToken abstractOAuthGetToken) throws IOException {
        IOException iOException = null;
        LOGGER.debug("contacting remote server...");
        for (int i = 2; i >= 0; i--) {
            try {
                OAuthCredentialsResponse execute = abstractOAuthGetToken.execute();
                LOGGER.trace("communication was successful");
                return execute;
            } catch (IOException e) {
                LOGGER.trace("communication failed with IOException : {}, retrying", e.getMessage());
                iOException = e;
                try {
                    Thread.sleep(1000L);
                } catch (InterruptedException e2) {
                    LOGGER.error("thread was unexpectedly interrupted ! Is the server shutting down ?");
                    throw new RuntimeException(e2);
                }
            }
        }
        throw iOException;
    }

    private static final HttpTransport transport() {
        try {
            return transportInitializer.get();
        } catch (ConcurrentException e) {
            LOGGER.error("Failed to create the shared HttpTransport ! Creating a new instance just for this. If you note this message littering all over the log file please report to Squash-TM development team.", (Throwable) e);
            return new ApacheHttpTransport();
        }
    }

    static /* synthetic */ int[] $SWITCH_TABLE$org$squashtest$tm$domain$servers$OAuth1aCredentials$SignatureMethod() {
        int[] iArr = $SWITCH_TABLE$org$squashtest$tm$domain$servers$OAuth1aCredentials$SignatureMethod;
        if (iArr != null) {
            return iArr;
        }
        int[] iArr2 = new int[OAuth1aCredentials.SignatureMethod.valuesCustom().length];
        try {
            iArr2[OAuth1aCredentials.SignatureMethod.HMAC_SHA1.ordinal()] = 1;
        } catch (NoSuchFieldError unused) {
        }
        try {
            iArr2[OAuth1aCredentials.SignatureMethod.RSA_SHA1.ordinal()] = 2;
        } catch (NoSuchFieldError unused2) {
        }
        $SWITCH_TABLE$org$squashtest$tm$domain$servers$OAuth1aCredentials$SignatureMethod = iArr2;
        return iArr2;
    }
}
