package no.spid.api.client;

import java.util.Map;
import no.spid.api.connection.SpidConnectionClientFactory;
import no.spid.api.connection.SpidUrlConnectionClientFactory;
import no.spid.api.exceptions.SpidApiException;
import no.spid.api.exceptions.SpidOAuthException;
import no.spid.api.oauth.SpidOAuthBearerClientRequest;
import no.spid.api.oauth.SpidOAuthToken;
import no.spid.api.oauth.SpidOAuthTokenType;
import no.spid.api.security.SpidSecurityHelper;
import org.apache.oltu.oauth2.client.OAuthClient;
import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
import org.apache.oltu.oauth2.client.response.OAuthResourceResponse;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.types.GrantType;

/* loaded from: input_file:no/spid/api/client/SpidApiClient.class */
public class SpidApiClient {
    private String clientId;
    private String clientSecret;
    private String clientSignatureSecret;
    private String redirectUrl;
    private String spidBaseUrl;
    private String spidAPIBaseUrl;
    private String spidTokenUrl;
    private String spidFlowUrl;
    private SpidSecurityHelper securityHelper;
    private SpidConnectionClientFactory connectionClientFactory;
    private boolean autorefresh;
    private boolean autorenew;
    private boolean autoDecryptSignedResponses;

    /* loaded from: input_file:no/spid/api/client/SpidApiClient$ClientBuilder.class */
    public static class ClientBuilder {
        private String clientId;
        private String clientSecret;
        private String clientSignatureSecret;
        private String redirectUrl;
        private String spidBaseUrl;
        private SpidSecurityHelper securityHelper;
        private boolean autorefresh = true;
        private boolean autorenew = true;
        private boolean autoDecryptSignedResponses = true;
        private SpidConnectionClientFactory connectionClientFactory = new SpidUrlConnectionClientFactory();

        public ClientBuilder(String str, String str2, String str3, String str4, String str5) {
            this.clientId = str;
            this.clientSecret = str2;
            this.clientSignatureSecret = str3;
            this.redirectUrl = str4;
            this.spidBaseUrl = str5;
            this.securityHelper = new SpidSecurityHelper(this.clientSignatureSecret);
        }

        public ClientBuilder autoRenew(boolean z) {
            this.autorenew = z;
            return this;
        }

        public ClientBuilder autoRefresh(boolean z) {
            this.autorefresh = z;
            return this;
        }

        public ClientBuilder autoDecryptSignedResponses(boolean z) {
            this.autoDecryptSignedResponses = z;
            return this;
        }

        public ClientBuilder connectionClientFactory(SpidConnectionClientFactory spidConnectionClientFactory) {
            this.connectionClientFactory = spidConnectionClientFactory;
            return this;
        }

        public SpidApiClient build() {
            return new SpidApiClient(this);
        }
    }

    private SpidApiClient(ClientBuilder clientBuilder) {
        this.clientId = clientBuilder.clientId;
        this.clientSecret = clientBuilder.clientSecret;
        this.clientSignatureSecret = clientBuilder.clientSignatureSecret;
        this.redirectUrl = clientBuilder.redirectUrl;
        this.spidBaseUrl = clientBuilder.spidBaseUrl;
        this.autorenew = clientBuilder.autorenew;
        this.autorefresh = clientBuilder.autorefresh;
        this.autoDecryptSignedResponses = clientBuilder.autoDecryptSignedResponses;
        this.spidAPIBaseUrl = this.spidBaseUrl + "/api/2";
        this.spidTokenUrl = this.spidBaseUrl + "/oauth/token";
        this.spidFlowUrl = this.spidBaseUrl + "/flow/";
        this.securityHelper = clientBuilder.securityHelper;
        this.connectionClientFactory = clientBuilder.connectionClientFactory;
    }

    public String getFlowUrl(String str, String str2) throws SpidOAuthException {
        try {
            return OAuthClientRequest.authorizationLocation(this.spidFlowUrl + str).setClientId(this.clientId).setRedirectURI(str2).setResponseType("code").buildQueryMessage().getLocationUri();
        } catch (OAuthSystemException e) {
            throw new SpidOAuthException((Throwable) e);
        }
    }

    public String getLogoutURL(SpidOAuthToken spidOAuthToken, String str) throws SpidOAuthException {
        try {
            return new SpidOAuthBearerClientRequest(this.spidBaseUrl + "/logout").m3setAccessToken(getAccessToken(spidOAuthToken)).setRedirectUrl(str).buildQueryMessage().getLocationUri();
        } catch (OAuthSystemException e) {
            throw new SpidOAuthException((Throwable) e);
        }
    }

    private SpidApiResponse handleApiResponse(OAuthResourceResponse oAuthResourceResponse) throws SpidApiException, SpidOAuthException {
        SpidApiResponse spidApiResponse = new SpidApiResponse(oAuthResourceResponse.getResponseCode(), null, oAuthResourceResponse.getBody());
        if (spidApiResponse.getResponseCode() < 200 || spidApiResponse.getResponseCode() >= 300) {
            throw new SpidApiException(oAuthResourceResponse.getResponseCode() + ":" + oAuthResourceResponse.getBody(), spidApiResponse);
        }
        return (this.autoDecryptSignedResponses && spidApiResponse.isEncrypted()) ? this.securityHelper.decryptAndValidateSignedResponse(spidApiResponse) : spidApiResponse;
    }

    public SpidApiResponse GET(SpidOAuthToken spidOAuthToken, String str, Map<String, String> map) throws SpidOAuthException, SpidApiException {
        try {
            return handleApiResponse((OAuthResourceResponse) new OAuthClient(this.connectionClientFactory.getClient()).resource(new SpidOAuthBearerClientRequest(this.spidAPIBaseUrl + str).m3setAccessToken(getAccessToken(spidOAuthToken)).addParameters(map).buildQueryMessage(), "GET", OAuthResourceResponse.class));
        } catch (OAuthProblemException e) {
            throw new SpidOAuthException((Throwable) e);
        } catch (OAuthSystemException e2) {
            throw new SpidOAuthException((Throwable) e2);
        }
    }

    public SpidApiResponse POST(SpidOAuthToken spidOAuthToken, String str, Map<String, String> map) throws SpidOAuthException, SpidApiException {
        try {
            return handleApiResponse((OAuthResourceResponse) new OAuthClient(this.connectionClientFactory.getClient()).resource(new SpidOAuthBearerClientRequest(this.spidAPIBaseUrl + str).m3setAccessToken(getAccessToken(spidOAuthToken)).addParameters(map).buildBodyMessage(), "POST", OAuthResourceResponse.class));
        } catch (OAuthProblemException e) {
            throw new SpidOAuthException((Throwable) e);
        } catch (OAuthSystemException e2) {
            throw new SpidOAuthException((Throwable) e2);
        }
    }

    public SpidApiResponse DELETE(SpidOAuthToken spidOAuthToken, String str, Map<String, String> map) throws SpidOAuthException, SpidApiException {
        try {
            return handleApiResponse((OAuthResourceResponse) new OAuthClient(this.connectionClientFactory.getClient()).resource(new SpidOAuthBearerClientRequest(this.spidAPIBaseUrl + str).m3setAccessToken(getAccessToken(spidOAuthToken)).addParameters(map).buildQueryMessage(), "DELETE", OAuthResourceResponse.class));
        } catch (OAuthProblemException e) {
            throw new SpidOAuthException((Throwable) e);
        } catch (OAuthSystemException e2) {
            throw new SpidOAuthException((Throwable) e2);
        }
    }

    public SpidOAuthToken getServerToken() throws SpidOAuthException {
        try {
            return new SpidOAuthToken(new OAuthClient(this.connectionClientFactory.getClient()).accessToken(OAuthClientRequest.tokenLocation(this.spidTokenUrl).setClientId(this.clientId).setClientSecret(this.clientSecret).setGrantType(GrantType.CLIENT_CREDENTIALS).setRedirectURI(this.redirectUrl).buildBodyMessage()).getOAuthToken(), SpidOAuthTokenType.CLIENT);
        } catch (OAuthSystemException e) {
            throw new SpidOAuthException((Throwable) e);
        } catch (OAuthProblemException e2) {
            throw new SpidOAuthException((Throwable) e2);
        }
    }

    public SpidOAuthToken getUserToken(String str) throws SpidOAuthException {
        try {
            return new SpidOAuthToken(new OAuthClient(this.connectionClientFactory.getClient()).accessToken(OAuthClientRequest.tokenLocation(this.spidTokenUrl).setClientId(this.clientId).setClientSecret(this.clientSecret).setGrantType(GrantType.AUTHORIZATION_CODE).setRedirectURI(this.redirectUrl).setCode(str).buildBodyMessage()).getOAuthToken(), SpidOAuthTokenType.USER);
        } catch (OAuthProblemException e) {
            throw new SpidOAuthException((Throwable) e);
        } catch (OAuthSystemException e2) {
            throw new SpidOAuthException((Throwable) e2);
        }
    }

    public SpidOAuthToken getUserToken(String str, String str2) throws SpidOAuthException {
        try {
            return new SpidOAuthToken(new OAuthClient(this.connectionClientFactory.getClient()).accessToken(OAuthClientRequest.tokenLocation(this.spidTokenUrl).setClientId(this.clientId).setClientSecret(this.clientSecret).setGrantType(GrantType.PASSWORD).setRedirectURI(this.redirectUrl).setUsername(str).setPassword(str2).buildBodyMessage()).getOAuthToken(), SpidOAuthTokenType.USER);
        } catch (OAuthProblemException e) {
            throw new SpidOAuthException((Throwable) e);
        } catch (OAuthSystemException e2) {
            throw new SpidOAuthException((Throwable) e2);
        }
    }

    private String getAccessToken(SpidOAuthToken spidOAuthToken) throws SpidOAuthException {
        if (spidOAuthToken == null) {
            throw new SpidOAuthException("No token supplied");
        }
        if (!spidOAuthToken.isExpired()) {
            return spidOAuthToken.getAccessToken();
        }
        if (this.autorefresh && refreshToken(spidOAuthToken)) {
            return spidOAuthToken.getAccessToken();
        }
        if (!this.autorenew || spidOAuthToken.getType() != SpidOAuthTokenType.CLIENT) {
            throw new SpidOAuthException("Failed all attempts to get a valid token.");
        }
        spidOAuthToken.refresh(getServerToken());
        return spidOAuthToken.getAccessToken();
    }

    private boolean refreshToken(SpidOAuthToken spidOAuthToken) {
        try {
            spidOAuthToken.refresh(new SpidOAuthToken(new OAuthClient(this.connectionClientFactory.getClient()).accessToken(OAuthClientRequest.tokenLocation(this.spidTokenUrl).setClientId(this.clientId).setClientSecret(this.clientSecret).setGrantType(GrantType.REFRESH_TOKEN).setRedirectURI(this.redirectUrl).setRefreshToken(spidOAuthToken.getRefreshToken()).buildBodyMessage()).getOAuthToken(), spidOAuthToken.getType()));
            return true;
        } catch (OAuthProblemException e) {
            return false;
        } catch (OAuthSystemException e2) {
            return false;
        }
    }
}
