package com.distribution.liquidation.upl.service.impl;

import com.distribution.liquidation.upl.domain.Address_;
import com.distribution.liquidation.upl.domain.Distributor_;
import com.distribution.liquidation.upl.service.SsoService;
import com.distribution.liquidation.upl.service.dto.AuthInfoDTO;
import com.distribution.liquidation.upl.service.dto.AuthInfoMobileDTO;
import com.distribution.liquidation.upl.service.dto.OktaAuthDTO;
import com.distribution.liquidation.upl.service.dto.OktaUserDTO;
import com.distribution.liquidation.upl.service.exception.CustomBadRequestException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Random;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springdoc.core.Constants;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.beans.factory.xml.DefaultBeanDefinitionDocumentReader;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.web.client.RestTemplate;

@Transactional
@Service
/* loaded from: input_file:BOOT-INF/classes/com/distribution/liquidation/upl/service/impl/OktaServiceImpl.class */
public class OktaServiceImpl implements SsoService {

    @Value("${application.oauth.web.redirect-base-uri}")
    private String redirectBaseUrl;

    @Value("${application.oauth.web.issuer-url}")
    private String issuerUrl;

    @Value("${application.oauth.web.client-id}")
    private String clientId;

    @Value("${application.oauth.web.client-secret}")
    private String clientSecret;

    @Value("${application.oauth.mobile.issuer-url}")
    private String mobileIssuerUrl;

    @Value("${application.oauth.mobile.client-id}")
    private String mobileClientId;

    @Value("${application.oauth.mobile.redirect-uri}")
    private String mobileRedirectUri;

    @Value("${application.oauth.mobile.end-session-redirect-uri}")
    private String mobileEndSessionRedirectUri;

    @Value("${application.oauth.mobile.discovery-uri}")
    private String mobileDiscoveryUri;

    @Value("${application.oauth.mobile.require-hardware-backed-key-store}")
    private Boolean mobileRequireHardwareBackedKeyStore;

    @Autowired
    RestTemplate restTemplate;
    static final /* synthetic */ boolean $assertionsDisabled;
    HttpHeaders headers = new HttpHeaders();
    final Logger log = LoggerFactory.getLogger((Class<?>) OktaServiceImpl.class);

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.distribution.liquidation.upl.service.SsoService
    public OktaUserDTO authenticate(String str) {
        LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
        linkedMultiValueMap.add("grant_type", "authorization_code");
        linkedMultiValueMap.add("redirect_uri", this.redirectBaseUrl + DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL);
        linkedMultiValueMap.add(Distributor_.CODE, str);
        this.headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
        this.headers.setBasicAuth(this.clientId, this.clientSecret);
        this.headers.setAccept(Collections.singletonList(MediaType.APPLICATION_JSON));
        OktaAuthDTO oktaAuthDTO = (OktaAuthDTO) this.restTemplate.exchange(this.issuerUrl + "/oauth2/v1/token", HttpMethod.POST, new HttpEntity<>(linkedMultiValueMap, this.headers), OktaAuthDTO.class, new Object[0]).getBody();
        if ($assertionsDisabled || oktaAuthDTO != null) {
            return getUserInfo(oktaAuthDTO.getAccessToken(), "/oauth2/v1/userinfo");
        }
        throw new AssertionError();
    }

    @Override // com.distribution.liquidation.upl.service.SsoService
    public OktaUserDTO authenticateAccessCode(String str) {
        return getUserInfo(str, "/oauth2/default/v1/userinfo");
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.distribution.liquidation.upl.service.SsoService
    public OktaUserDTO getUserInfo(String str, String str2) {
        this.headers.setBearerAuth(str);
        return (OktaUserDTO) this.restTemplate.exchange(this.issuerUrl + str2, HttpMethod.GET, new HttpEntity<>("", this.headers), OktaUserDTO.class, new Object[0]).getBody();
    }

    @Override // com.distribution.liquidation.upl.service.SsoService
    public AuthInfoDTO getAuthInfo() {
        HashMap hashMap = new HashMap();
        byte[] bArr = new byte[7];
        new Random().nextBytes(bArr);
        hashMap.put("client_id", this.clientId);
        hashMap.put("redirect_uri", this.redirectBaseUrl + DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL);
        hashMap.put(Address_.STATE, new String(bArr, StandardCharsets.UTF_8));
        hashMap.put("response_type", Distributor_.CODE);
        hashMap.put("response_mode", Constants.QUERY_PARAM);
        hashMap.put("scope", "openid profile email");
        String str = this.issuerUrl + "/oauth2/v1/authorize?" + ((String) hashMap.entrySet().stream().map(entry -> {
            try {
                return URLEncoder.encode((String) entry.getKey(), "UTF-8") + "=" + URLEncoder.encode((String) entry.getValue(), "UTF-8");
            } catch (UnsupportedEncodingException e) {
                this.log.error(e.getMessage());
                throw new CustomBadRequestException("Something went wrong. Please try again later.");
            }
        }).reduce((str2, str3) -> {
            return str2 + BeanFactory.FACTORY_BEAN_PREFIX + str3;
        }).orElse(""));
        HashMap hashMap2 = new HashMap();
        hashMap2.put("fromURI", this.redirectBaseUrl + "/logout");
        String str4 = this.issuerUrl + "/login/signout?" + ((String) hashMap2.entrySet().stream().map(entry2 -> {
            try {
                return URLEncoder.encode((String) entry2.getKey(), "UTF-8") + "=" + URLEncoder.encode((String) entry2.getValue(), "UTF-8");
            } catch (UnsupportedEncodingException e) {
                throw new UnsupportedOperationException(e);
            }
        }).reduce((str5, str6) -> {
            return str5 + BeanFactory.FACTORY_BEAN_PREFIX + str6;
        }).orElse(""));
        AuthInfoDTO authInfoDTO = new AuthInfoDTO();
        authInfoDTO.setLoginUrl(str);
        authInfoDTO.setLogoutUrl(str4);
        return authInfoDTO;
    }

    @Override // com.distribution.liquidation.upl.service.SsoService
    public AuthInfoMobileDTO getAuthInfoMobile() {
        AuthInfoMobileDTO authInfoMobileDTO = new AuthInfoMobileDTO();
        authInfoMobileDTO.setClientId(this.mobileClientId);
        authInfoMobileDTO.setIssuerUrl(this.mobileIssuerUrl);
        authInfoMobileDTO.setRedirectUri(this.mobileRedirectUri);
        authInfoMobileDTO.setDiscoveryUri(this.mobileDiscoveryUri);
        authInfoMobileDTO.setEndSessionRedirectUri(this.mobileEndSessionRedirectUri);
        authInfoMobileDTO.setRequireHardwareBackedKeyStore(false);
        authInfoMobileDTO.setScopes(Arrays.asList("openid", DefaultBeanDefinitionDocumentReader.PROFILE_ATTRIBUTE, "email", "offline_access"));
        return authInfoMobileDTO;
    }

    static {
        $assertionsDisabled = !OktaServiceImpl.class.desiredAssertionStatus();
    }
}
