package org.squashtest.tm.service.internal.servers;

import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import javax.inject.Provider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Propagation;
import org.springframework.transaction.annotation.Transactional;
import org.squashtest.csp.core.bugtracker.core.BugTrackerNoCredentialsException;
import org.squashtest.csp.core.bugtracker.domain.BugTracker;
import org.squashtest.csp.core.bugtracker.spi.DefaultOAuth2FormValues;
import org.squashtest.tm.domain.servers.AuthenticationProtocol;
import org.squashtest.tm.domain.servers.OAuth2Credentials;
import org.squashtest.tm.exception.bugtracker.CannotObtainOauth2TokensException;
import org.squashtest.tm.exception.bugtracker.InvalidOauth2RequestException;
import org.squashtest.tm.service.bugtracker.BugTrackerFinderService;
import org.squashtest.tm.service.internal.bugtracker.BugTrackerConnectorFactory;
import org.squashtest.tm.service.servers.CredentialsProvider;
import org.squashtest.tm.service.servers.Oauth2Tokens;
import org.squashtest.tm.service.servers.ServerAuthConfiguration;
import org.squashtest.tm.service.servers.StoredCredentialsManager;

@Service("squashtest.tm.service.OAuth2ConsumerService")
/* loaded from: input_file:WEB-INF/lib/tm.service-6.1.0.RELEASE.jar:org/squashtest/tm/service/internal/servers/OAuth2ConsumerServiceImpl.class */
public class OAuth2ConsumerServiceImpl implements OAuth2ConsumerService {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) OAuth2ConsumerServiceImpl.class);
    private final StoredCredentialsManager credManager;
    private final CredentialsProvider credProvider;
    private final BugTrackerConnectorFactory bugTrackerConnectorFactory;
    private final Provider<BugTrackerFinderService> bugTrackerFinderServiceProvider;
    private final HttpClient httpClient = HttpClient.newBuilder().version(HttpClient.Version.HTTP_2).build();

    public OAuth2ConsumerServiceImpl(StoredCredentialsManager storedCredentialsManager, CredentialsProvider credentialsProvider, BugTrackerConnectorFactory bugTrackerConnectorFactory, Provider<BugTrackerFinderService> provider) {
        this.credManager = storedCredentialsManager;
        this.credProvider = credentialsProvider;
        this.bugTrackerConnectorFactory = bugTrackerConnectorFactory;
        this.bugTrackerFinderServiceProvider = provider;
    }

    @Override // org.squashtest.tm.service.internal.servers.OAuth2ConsumerService
    public String getOauth2AuthenticationUrl(BugTracker bugTracker) {
        return this.bugTrackerConnectorFactory.findOauth2Handler(bugTracker).getOauth2AuthenticationUrl(bugTracker, loadOauth2Conf(bugTracker.getId().longValue()));
    }

    @Override // org.squashtest.tm.service.internal.servers.OAuth2ConsumerService
    public void getOauth2token(Long l, String str, String str2) {
        requestAndSaveTokens(l, str2, this.bugTrackerConnectorFactory.findOauth2Handler(this.bugTrackerFinderServiceProvider.get().findById(l.longValue())).getOauth2RequestTokenUrl(l, str, loadOauth2Conf(l.longValue())));
    }

    @Override // org.squashtest.tm.service.internal.servers.OAuth2ConsumerService
    @Transactional(propagation = Propagation.REQUIRES_NEW)
    public OAuth2Credentials refreshOauth2Token(Long l, OAuth2Credentials oAuth2Credentials, String str) {
        Oauth2Tokens requestAndSaveTokens = requestAndSaveTokens(l, str, this.bugTrackerConnectorFactory.findOauth2Handler(this.bugTrackerFinderServiceProvider.get().findById(l.longValue())).getRefreshTokenUrl(loadOauth2Conf(l.longValue()), oAuth2Credentials));
        oAuth2Credentials.setAccessToken(requestAndSaveTokens.getAccessToken());
        oAuth2Credentials.setRefreshToken(requestAndSaveTokens.getRefreshToken());
        oAuth2Credentials.setExpirationDate(requestAndSaveTokens.getExpirationDate());
        return oAuth2Credentials;
    }

    @Override // org.squashtest.tm.service.internal.servers.OAuth2ConsumerService
    public DefaultOAuth2FormValues getDefaultOAuth2FormValue(Long l) {
        BugTracker findById = this.bugTrackerFinderServiceProvider.get().findById(l.longValue());
        return this.bugTrackerConnectorFactory.findOauth2Handler(findById).getDefaultValueForOauth2Form(findById.getUrl().replaceAll("\\/*$", ""));
    }

    @Override // org.squashtest.tm.service.internal.servers.OAuth2ConsumerService
    public void getCurrentUserOauth2token(long j, String str) {
        getOauth2token(Long.valueOf(j), str, this.credProvider.currentUser());
    }

    private Oauth2Tokens requestAndSaveTokens(Long l, String str, String str2) {
        ObjectMapper configure = new ObjectMapper().configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
        try {
            HttpResponse send = this.httpClient.send(HttpRequest.newBuilder().header("Content-Type", "application/x-www-form-urlencoded").uri(new URI(str2)).POST(HttpRequest.BodyPublishers.noBody()).build(), HttpResponse.BodyHandlers.ofString());
            String str3 = (String) send.body();
            if (send.statusCode() != 200) {
                throw new CannotObtainOauth2TokensException(str3);
            }
            Oauth2Tokens oauth2Tokens = (Oauth2Tokens) configure.readValue(str3, Oauth2Tokens.class);
            oauth2Tokens.setExpirationDate();
            saveOauth2TokenToDataBase(l, oauth2Tokens, str);
            return oauth2Tokens;
        } catch (IOException | InterruptedException | URISyntaxException e) {
            throw new InvalidOauth2RequestException(e);
        }
    }

    private void saveOauth2TokenToDataBase(Long l, Oauth2Tokens oauth2Tokens, String str) {
        if (str == null) {
            LOGGER.trace("Squash-TM is now authorized on server '{}'. Storing app level credentials in the database", l);
            this.credManager.storeAppLevelCredentials(l.longValue(), oauth2Tokens);
        } else {
            LOGGER.trace("Squash-TM is now authorized by user '{}' on server '{}', now storing them in the database", str, l);
            this.credManager.storeUserCredentials(l.longValue(), str, oauth2Tokens);
        }
    }

    private ServerOAuth2Conf loadOauth2Conf(long j) {
        LOGGER.debug("loading oauth2 conf for server '{}'", Long.valueOf(j));
        ServerAuthConfiguration unsecuredFindServerAuthConfiguration = this.credManager.unsecuredFindServerAuthConfiguration(j);
        if (unsecuredFindServerAuthConfiguration == null || unsecuredFindServerAuthConfiguration.getImplementedProtocol() != AuthenticationProtocol.OAUTH_2) {
            throw new BugTrackerNoCredentialsException("No OAuth 2 configuration available !", null);
        }
        return (ServerOAuth2Conf) unsecuredFindServerAuthConfiguration;
    }
}
