package com.adobe.granite.auth.ims.impl;

import com.adobe.granite.auth.ims.IMSInstance;
import com.adobe.granite.auth.ims.ImsConfigProvider;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Dictionary;
import java.util.Hashtable;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.apache.sling.commons.osgi.PropertiesUtil;
import org.osgi.framework.BundleContext;
import org.osgi.framework.InvalidSyntaxException;
import org.osgi.framework.ServiceReference;
import org.osgi.framework.ServiceRegistration;
import org.osgi.service.cm.Configuration;
import org.osgi.service.cm.ConfigurationAdmin;
import org.osgi.service.cm.ConfigurationEvent;
import org.osgi.service.cm.ConfigurationListener;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.metatype.annotations.AttributeDefinition;
import org.osgi.service.metatype.annotations.Designate;
import org.osgi.service.metatype.annotations.ObjectClassDefinition;
import org.scribe.utils.OAuthEncoder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Designate(ocd = Config.class)
@Component(service = {ImsConfigProvider.class}, property = {"service.description=Provides a configuration aggregating the IMSProvider config. and OAuth config. for the configured configid."}, immediate = true)
/* loaded from: input_file:com/adobe/granite/auth/ims/impl/ImsConfigProviderImpl.class */
public class ImsConfigProviderImpl implements ImsConfigProvider {
    static final String SERVICE_DESCRIPTION = "Provides a configuration aggregating the IMSProvider config. and OAuth config. for the configured configid.";
    private static final String IMS_AUTHORIZATION_URL = "oauth.provider.ims.authorization.url";
    private static final String PID_IMS_PROVIDER = IMSProviderImpl.class.getName();
    private static final String LOGIN_URL = "/j_security_check?provider=%s&configid=%s";
    private static final String RESOURCE = "resource";
    private static final String PID_OAUTH = "com.adobe.granite.auth.oauth.provider";
    private static final String PID_IMS_LOGIN_CONFIG = "com.adobe.granite.auth.ims";
    private static final String KEY_CONFIG_ID = "oauth.config.id";
    private ServiceRegistration<ConfigurationListener> listenerReg;

    @Reference
    private ConfigurationAdmin configAdmin;
    private BundleContext context;
    private String endpoint;
    private String clientId;
    private String configId;
    private String owningEntity;
    private String instanceId;
    private String serviceCode;
    private volatile ServiceReference<?> ref;
    private final Logger log = LoggerFactory.getLogger(getClass());
    private final Object lock = new Object();
    private String scope = "ims";

    @ObjectClassDefinition(name = "Adobe Granite OAuth IMS Configuration Provider", description = ImsConfigProviderImpl.SERVICE_DESCRIPTION)
    /* loaded from: input_file:com/adobe/granite/auth/ims/impl/ImsConfigProviderImpl$Config.class */
    public @interface Config {
        @AttributeDefinition(name = "OAuth configuration ID", description = "Identifier that must match a configured oauth.config.id.")
        String oauth_configmanager_ims_configid() default "ims";

        @AttributeDefinition(name = "IMS Owning Entity", description = "IMS Organization Identifier")
        String ims_owningEntity();

        @AttributeDefinition(name = "Instance Id", description = "AEM instance unique identifier")
        String aem_instanceId();

        @AttributeDefinition(name = "Service Code", description = "IMS Service Code")
        String ims_serviceCode() default "dma_aem_ams";
    }

    /* loaded from: input_file:com/adobe/granite/auth/ims/impl/ImsConfigProviderImpl$OAuthConfigListener.class */
    private class OAuthConfigListener implements ConfigurationListener {
        private OAuthConfigListener() {
        }

        public void configurationEvent(ConfigurationEvent configurationEvent) {
            ConfigurationAdmin configurationAdmin;
            boolean z = false;
            boolean z2 = false;
            if (ImsConfigProviderImpl.PID_IMS_PROVIDER.equals(configurationEvent.getPid())) {
                z = true;
            } else if (!ImsConfigProviderImpl.PID_OAUTH.equals(configurationEvent.getFactoryPid())) {
                return;
            } else {
                z2 = true;
            }
            ServiceReference reference = configurationEvent.getReference();
            try {
                if (reference == null) {
                    configurationAdmin = null;
                } else {
                    try {
                        configurationAdmin = (ConfigurationAdmin) ImsConfigProviderImpl.this.context.getService(reference);
                    } catch (InvalidSyntaxException e) {
                        ImsConfigProviderImpl.this.log.warn("Error occurred while reading and updating IMS related configuration ", e);
                        if (reference != null) {
                            ImsConfigProviderImpl.this.context.ungetService(reference);
                            return;
                        }
                        return;
                    } catch (IOException e2) {
                        ImsConfigProviderImpl.this.log.warn("Error occurred while reading and updating IMS related configuration ", e2);
                        if (reference != null) {
                            ImsConfigProviderImpl.this.context.ungetService(reference);
                            return;
                        }
                        return;
                    }
                }
                ConfigurationAdmin configurationAdmin2 = configurationAdmin;
                if (configurationAdmin2 != null) {
                    if (z) {
                        ImsConfigProviderImpl.this.readProviderConfig(configurationAdmin2);
                    } else if (z2) {
                        ImsConfigProviderImpl.this.readOAuthConfig(configurationAdmin2);
                    }
                    ImsConfigProviderImpl.this.registerConfig(configurationAdmin2);
                }
                if (reference != null) {
                    ImsConfigProviderImpl.this.context.ungetService(reference);
                }
            } catch (Throwable th) {
                if (reference != null) {
                    ImsConfigProviderImpl.this.context.ungetService(reference);
                }
                throw th;
            }
        }
    }

    @Override // com.adobe.granite.auth.ims.ImsConfigProvider
    public String getImsLoginUrl() {
        return getImsLoginUrl(new StringBuilder());
    }

    @Override // com.adobe.granite.auth.ims.ImsConfigProvider
    public String getImsLoginUrl(HttpServletRequest httpServletRequest) {
        String parameter;
        StringBuilder sb = new StringBuilder();
        if (httpServletRequest != null && (parameter = httpServletRequest.getParameter(RESOURCE)) != null && !"/".equals(parameter)) {
            sb.append(parameter);
        }
        return getImsLoginUrl(sb);
    }

    @Override // com.adobe.granite.auth.ims.ImsConfigProvider
    public IMSInstance currentIMSInstance() {
        if (this.instanceId != null && this.owningEntity != null && this.serviceCode != null) {
            return new IMSInstance(this.instanceId, this.owningEntity, this.serviceCode);
        }
        this.log.warn("Could not retrieve IMS instance information (instance_id:{}, owningEntity:{}, serviceCode:{}) from configuration", new Object[]{this.instanceId, this.owningEntity, this.serviceCode});
        return null;
    }

    @Activate
    private void activate(ComponentContext componentContext, Config config) throws Exception {
        this.ref = componentContext.getServiceReference();
        this.configId = config.oauth_configmanager_ims_configid();
        this.context = componentContext.getBundleContext();
        this.listenerReg = this.context.registerService(ConfigurationListener.class, new OAuthConfigListener(), (Dictionary) null);
        this.owningEntity = config.ims_owningEntity();
        this.instanceId = config.aem_instanceId();
        this.serviceCode = config.ims_serviceCode();
        readProviderConfig(this.configAdmin);
        readOAuthConfig(this.configAdmin);
        registerConfig(this.configAdmin);
    }

    private String getImsLoginUrl(StringBuilder sb) {
        if (this.clientId == null || this.configId == null || sb == null) {
            return null;
        }
        if (sb.toString().isEmpty()) {
            sb.append(String.format(LOGIN_URL, OAuthEncoder.encode(this.clientId), OAuthEncoder.encode(this.configId)));
            return sb.toString();
        }
        try {
            URI uri = new URI(sb.toString());
            StringBuilder append = new StringBuilder(uri.getPath()).append(String.format(LOGIN_URL, OAuthEncoder.encode(this.clientId), OAuthEncoder.encode(this.configId)));
            String query = uri.getQuery();
            if (query != null && query.length() > 0) {
                append.append("&").append(query);
            }
            return append.toString();
        } catch (URISyntaxException e) {
            this.log.debug("Issue while parsing the URI", e);
            return null;
        }
    }

    @Deactivate
    private void deactivate() {
        if (this.listenerReg != null) {
            this.listenerReg.unregister();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void registerConfig(ConfigurationAdmin configurationAdmin) throws IOException {
        Configuration configuration = configurationAdmin.getConfiguration(PID_IMS_LOGIN_CONFIG, (String) null);
        Hashtable hashtable = new Hashtable();
        safePut(hashtable, "configid", this.configId);
        safePut(hashtable, "endpoint", this.endpoint);
        safePut(hashtable, IMSConstants.CLIENT_ID, this.clientId);
        safePut(hashtable, "scope", this.scope);
        hashtable.put("org.apache.sling.installer.configuration.persist", Boolean.FALSE);
        configuration.update(hashtable);
        this.log.info("Update the IMS configuration to be used for web authentication with pid {}", PID_IMS_LOGIN_CONFIG);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void readProviderConfig(ConfigurationAdmin configurationAdmin) throws IOException, InvalidSyntaxException {
        String str;
        Configuration[] listConfigurations = configurationAdmin.listConfigurations("(service.pid=" + PID_IMS_PROVIDER + ")");
        if (listConfigurations == null || listConfigurations.length <= 0 || (str = (String) listConfigurations[0].getProcessedProperties(this.ref).get(IMS_AUTHORIZATION_URL)) == null) {
            return;
        }
        String extractUrl = extractUrl(str);
        synchronized (this.lock) {
            this.endpoint = extractUrl;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void readOAuthConfig(ConfigurationAdmin configurationAdmin) throws IOException, InvalidSyntaxException {
        Configuration configuration = null;
        Configuration[] listConfigurations = configurationAdmin.listConfigurations("(service.factoryPid=com.adobe.granite.auth.oauth.provider)");
        if (listConfigurations != null) {
            int length = listConfigurations.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Configuration configuration2 = listConfigurations[i];
                if (this.configId.equals((String) configuration2.getProcessedProperties(this.ref).get(KEY_CONFIG_ID))) {
                    configuration = configuration2;
                    break;
                }
                i++;
            }
        }
        if (configuration != null) {
            Object obj = configuration.getProcessedProperties(this.ref).get("oauth.scope");
            String str = null;
            if (obj != null) {
                str = StringUtils.join(PropertiesUtil.toStringArray(obj), ",");
            }
            synchronized (this.lock) {
                this.clientId = (String) configuration.getProcessedProperties(this.ref).get("oauth.client.id");
                this.scope = str;
            }
        }
    }

    private static void safePut(Dictionary<String, Object> dictionary, String str, String str2) {
        if (str2 != null) {
            dictionary.put(str, str2);
        }
    }

    private String extractUrl(String str) {
        if (str != null) {
            str = str.replaceFirst("/ims(/.*)?$", "/ims");
        }
        return str;
    }
}
