package org.mule.runtime.module.oauth2.internal.authorizationcode;

import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.mule.runtime.api.exception.MuleException;
import org.mule.runtime.api.exception.MuleRuntimeException;
import org.mule.runtime.core.api.DefaultMuleException;
import org.mule.runtime.core.api.Event;
import org.mule.runtime.core.api.message.InternalMessage;
import org.mule.runtime.core.api.processor.Processor;
import org.mule.runtime.core.api.transformer.TransformerException;
import org.mule.runtime.core.config.i18n.CoreMessages;
import org.mule.runtime.core.session.DefaultMuleSession;
import org.mule.runtime.core.util.StringUtils;
import org.mule.runtime.module.http.api.HttpConstants;
import org.mule.runtime.module.http.internal.HttpParser;
import org.mule.runtime.module.oauth2.internal.AbstractTokenRequestHandler;
import org.mule.runtime.module.oauth2.internal.MuleEventLogger;
import org.mule.runtime.module.oauth2.internal.OAuthConstants;
import org.mule.runtime.module.oauth2.internal.StateDecoder;
import org.mule.runtime.module.oauth2.internal.TokenNotFoundException;
import org.mule.runtime.module.oauth2.internal.TokenResponseProcessor;
import org.mule.runtime.module.oauth2.internal.authorizationcode.state.ResourceOwnerOAuthContext;
import org.slf4j.Logger;

/* loaded from: input_file:org/mule/runtime/module/oauth2/internal/authorizationcode/AutoAuthorizationCodeTokenRequestHandler.class */
public class AutoAuthorizationCodeTokenRequestHandler extends AbstractAuthorizationCodeTokenRequestHandler {
    public static final String AUTHORIZATION_STATUS_QUERY_PARAM_KEY = "authorizationStatus";
    public static final int NO_AUTHORIZATION_CODE_STATUS = 100;
    public static final int TOKEN_URL_CALL_FAILED_STATUS = 200;
    public static final int TOKEN_NOT_FOUND_STATUS = 201;
    public static final int FAILURE_PROCESSING_REDIRECT_URL_REQUEST_STATUS = 300;
    private TokenResponseConfiguration tokenResponseConfiguration = new TokenResponseConfiguration();
    private MuleEventLogger muleEventLogger;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/mule/runtime/module/oauth2/internal/authorizationcode/AutoAuthorizationCodeTokenRequestHandler$NoAuthorizationCodeException.class */
    public class NoAuthorizationCodeException extends Exception {
        private NoAuthorizationCodeException() {
        }
    }

    public void setTokenResponseConfiguration(TokenResponseConfiguration tokenResponseConfiguration) {
        this.tokenResponseConfiguration = tokenResponseConfiguration;
    }

    @Override // org.mule.runtime.module.oauth2.internal.authorizationcode.AbstractAuthorizationCodeTokenRequestHandler
    public void init() throws MuleException {
        createListenerForCallbackUrl();
        this.muleEventLogger = new MuleEventLogger(this.logger, this.muleContext);
    }

    @Override // org.mule.runtime.module.oauth2.internal.authorizationcode.AbstractAuthorizationCodeTokenRequestHandler
    protected Processor createRedirectUrlProcessor() {
        return event -> {
            int i = 0;
            int statusCode = HttpConstants.HttpStatus.OK.getStatusCode();
            String str = "Successfully retrieved access token";
            String str2 = (String) ((Map) event.getMessage().getInboundProperty("http.query.params")).get(OAuthConstants.STATE_PARAMETER);
            StateDecoder stateDecoder = new StateDecoder(str2);
            try {
                String processAuthorizationCode = processAuthorizationCode(event);
                if (this.logger.isDebugEnabled()) {
                    this.logger.debug("Redirect url request state: " + str2);
                    this.logger.debug("Redirect url request code: " + processAuthorizationCode);
                }
                Event callTokenUrl = callTokenUrl(event, processAuthorizationCode);
                String decodeOriginalState = stateDecoder.decodeOriginalState();
                String decodeResourceOwnerId = stateDecoder.decodeResourceOwnerId();
                ResourceOwnerOAuthContext contextForResourceOwner = getOauthConfig().getUserOAuthContext().getContextForResourceOwner(decodeResourceOwnerId == null ? ResourceOwnerOAuthContext.DEFAULT_RESOURCE_OWNER_ID : decodeResourceOwnerId);
                logResourceOwnerOAuthContextBeforeUpdate(contextForResourceOwner);
                updateResourceOwnerState(contextForResourceOwner, decodeOriginalState, processTokenUrlResponse(callTokenUrl));
                getOauthConfig().getUserOAuthContext().updateResourceOwnerOAuthContext(contextForResourceOwner);
            } catch (AbstractTokenRequestHandler.TokenUrlResponseException e) {
                this.logger.error(String.format("HTTP response from token URL %s returned a failure status code", getTokenUrl()));
                this.muleEventLogger.logContent(e.getTokenUrlResponse());
                i = 200;
                statusCode = HttpConstants.HttpStatus.INTERNAL_SERVER_ERROR.getStatusCode();
                str = String.format("Failure calling token url %s. Exception message is %s", getTokenUrl(), e.getMessage());
            } catch (MuleException e2) {
                this.logger.error("Fail processing redirect URL request", e2);
                i = 300;
                statusCode = HttpConstants.HttpStatus.INTERNAL_SERVER_ERROR.getStatusCode();
                str = "Failed processing redirect URL request done from OAuth provider. See logs for details.";
            } catch (TokenNotFoundException e3) {
                Logger logger = this.logger;
                Object[] objArr = new Object[2];
                objArr[0] = e3.getTokenResponseProcessor().getAccessToken();
                objArr[1] = StringUtils.isBlank(e3.getTokenResponseProcessor().getRefreshToken()) ? "(Not issued)" : e3.getTokenResponseProcessor().getRefreshToken();
                logger.error(String.format("Could not extract access token from token URL. Access token is %s, Refresh token is %s", objArr));
                this.muleEventLogger.logContent(e3.getTokenUrlResponse());
                i = 201;
                statusCode = HttpConstants.HttpStatus.INTERNAL_SERVER_ERROR.getStatusCode();
                str = "Failed getting access token or refresh token from token URL response. See logs for details.";
            } catch (NoAuthorizationCodeException e4) {
                this.logger.error("Could not extract authorization code from OAuth provider HTTP request done to the redirect URL");
                this.muleEventLogger.logContent(event);
                i = 100;
                statusCode = HttpConstants.HttpStatus.BAD_REQUEST.getStatusCode();
                str = "Failure retrieving access token.\n OAuth Server uri from callback: " + event.getMessage().getInboundProperty("http.request.uri");
            }
            int i2 = i;
            InternalMessage.Builder addOutboundProperty = InternalMessage.builder(event.getMessage()).payload(str).addOutboundProperty("http.status", Integer.valueOf(statusCode));
            String decodeOnCompleteRedirectTo = stateDecoder.decodeOnCompleteRedirectTo();
            if (!org.springframework.util.StringUtils.isEmpty(decodeOnCompleteRedirectTo)) {
                addOutboundProperty.addOutboundProperty("http.status", Integer.valueOf(HttpConstants.HttpStatus.MOVED_TEMPORARILY.getStatusCode()));
                addOutboundProperty.addOutboundProperty("Location", HttpParser.appendQueryParam(decodeOnCompleteRedirectTo, AUTHORIZATION_STATUS_QUERY_PARAM_KEY, String.valueOf(i2)));
            }
            return Event.builder(event).message(addOutboundProperty.build()).build();
        };
    }

    private Event callTokenUrl(Event event, String str) throws MuleException, AbstractTokenRequestHandler.TokenUrlResponseException {
        return invokeTokenUrl(setMapPayloadWithTokenRequestParameters(event, str));
    }

    private String processAuthorizationCode(Event event) throws NoAuthorizationCodeException {
        String str = (String) ((Map) event.getMessage().getInboundProperty("http.query.params")).get(OAuthConstants.CODE_PARAMETER);
        if (str != null) {
            return str;
        }
        this.logger.info("HTTP Request to redirect URL done by the OAuth provider does not contains a code query parameter. Code query parameter is required to get the access token.");
        throw new NoAuthorizationCodeException();
    }

    private boolean tokenResponseContentIsValid(TokenResponseProcessor tokenResponseProcessor) {
        return tokenResponseProcessor.getAccessToken() != null;
    }

    private Event setMapPayloadWithTokenRequestParameters(Event event, String str) {
        HashMap hashMap = new HashMap();
        hashMap.put(OAuthConstants.CODE_PARAMETER, str);
        hashMap.put(OAuthConstants.CLIENT_ID_PARAMETER, getOauthConfig().getClientId());
        hashMap.put(OAuthConstants.CLIENT_SECRET_PARAMETER, getOauthConfig().getClientSecret());
        hashMap.put(OAuthConstants.GRANT_TYPE_PARAMETER, OAuthConstants.GRANT_TYPE_AUTHENTICATION_CODE);
        hashMap.put(OAuthConstants.REDIRECT_URI_PARAMETER, getOauthConfig().getExternalCallbackUrl());
        return Event.builder(event).message(InternalMessage.builder(event.getMessage()).payload(hashMap).build()).build();
    }

    private Event setMapPayloadWithRefreshTokenRequestParameters(Event event, String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("refresh_token", str);
        hashMap.put(OAuthConstants.CLIENT_ID_PARAMETER, getOauthConfig().getClientId());
        hashMap.put(OAuthConstants.CLIENT_SECRET_PARAMETER, getOauthConfig().getClientSecret());
        hashMap.put(OAuthConstants.GRANT_TYPE_PARAMETER, "refresh_token");
        hashMap.put(OAuthConstants.REDIRECT_URI_PARAMETER, getOauthConfig().getExternalCallbackUrl());
        return Event.builder(event).message(InternalMessage.builder(event.getMessage()).payload(hashMap).build()).build();
    }

    private void logResourceOwnerOAuthContextBeforeUpdate(ResourceOwnerOAuthContext resourceOwnerOAuthContext) {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Update OAuth Context for resourceOwnerId %s", resourceOwnerOAuthContext.getResourceOwnerId());
        }
    }

    private TokenResponseProcessor processTokenUrlResponse(Event event) throws TokenNotFoundException, TransformerException {
        TokenResponseProcessor createAuthorizationCodeProcessor = TokenResponseProcessor.createAuthorizationCodeProcessor(this.tokenResponseConfiguration, getMuleContext().getExpressionManager());
        createAuthorizationCodeProcessor.process(event);
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Retrieved access token, refresh token and expires from token url are: %s, %s, %s", new Object[]{createAuthorizationCodeProcessor.getAccessToken(), createAuthorizationCodeProcessor.getRefreshToken(), createAuthorizationCodeProcessor.getExpiresIn()});
        }
        if (tokenResponseContentIsValid(createAuthorizationCodeProcessor)) {
            return createAuthorizationCodeProcessor;
        }
        throw new TokenNotFoundException(event, createAuthorizationCodeProcessor);
    }

    private void updateResourceOwnerState(ResourceOwnerOAuthContext resourceOwnerOAuthContext, String str, TokenResponseProcessor tokenResponseProcessor) {
        resourceOwnerOAuthContext.setAccessToken(tokenResponseProcessor.getAccessToken());
        if (tokenResponseProcessor.getRefreshToken() != null) {
            resourceOwnerOAuthContext.setRefreshToken(tokenResponseProcessor.getRefreshToken());
        }
        resourceOwnerOAuthContext.setExpiresIn(tokenResponseProcessor.getExpiresIn());
        if (str != null) {
            resourceOwnerOAuthContext.setState(str);
        }
        Map<String, Object> customResponseParameters = tokenResponseProcessor.getCustomResponseParameters();
        for (String str2 : customResponseParameters.keySet()) {
            Object obj = customResponseParameters.get(str2);
            if (obj != null) {
                resourceOwnerOAuthContext.getTokenResponseParameters().put(str2, obj);
            }
        }
        if (this.logger.isDebugEnabled()) {
            Logger logger = this.logger;
            Object[] objArr = new Object[5];
            objArr[0] = resourceOwnerOAuthContext.getResourceOwnerId();
            objArr[1] = resourceOwnerOAuthContext.getAccessToken();
            objArr[2] = StringUtils.isBlank(resourceOwnerOAuthContext.getRefreshToken()) ? "Not issued" : resourceOwnerOAuthContext.getRefreshToken();
            objArr[3] = resourceOwnerOAuthContext.getExpiresIn();
            objArr[4] = resourceOwnerOAuthContext.getState();
            logger.debug("New OAuth State for resourceOwnerId %s is: accessToken(%s), refreshToken(%s), expiresIn(%s), state(%s)", objArr);
        }
    }

    @Override // org.mule.runtime.module.oauth2.internal.authorizationcode.AbstractAuthorizationCodeTokenRequestHandler
    public void doRefreshToken(Event event, ResourceOwnerOAuthContext resourceOwnerOAuthContext) {
        try {
            Event build = Event.builder(event).message(InternalMessage.builder(event.getMessage()).outboundProperties(Collections.emptyMap()).build()).session(new DefaultMuleSession(event.getSession())).build();
            String refreshToken = resourceOwnerOAuthContext.getRefreshToken();
            if (refreshToken == null) {
                throw new DefaultMuleException(CoreMessages.createStaticMessage("The user with user id %s has no refresh token in his OAuth state so we can't execute the refresh token call", new Object[]{resourceOwnerOAuthContext.getResourceOwnerId()}));
            }
            Event invokeTokenUrl = invokeTokenUrl(setMapPayloadWithRefreshTokenRequestParameters(build, refreshToken));
            logResourceOwnerOAuthContextBeforeUpdate(resourceOwnerOAuthContext);
            updateResourceOwnerState(resourceOwnerOAuthContext, null, processTokenUrlResponse(invokeTokenUrl));
        } catch (TokenNotFoundException e) {
            throw new MuleRuntimeException(CoreMessages.createStaticMessage("Access token was not found from the refresh token oauth call"), e);
        } catch (Exception e2) {
            throw new MuleRuntimeException(e2);
        }
    }
}
