package org.wso2.carbon.apimgt.keymgt.service;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.Set;
import org.apache.axis2.AxisFault;
import org.apache.axis2.util.URL;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.scheme.SchemeSocketFactory;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.conn.ssl.X509HostnameVerifier;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.SingleClientConnManager;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.codehaus.jettison.json.JSONObject;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.model.API;
import org.wso2.carbon.apimgt.api.model.Application;
import org.wso2.carbon.apimgt.api.model.SubscribedAPI;
import org.wso2.carbon.apimgt.api.model.Subscriber;
import org.wso2.carbon.apimgt.handlers.security.stub.types.APIKeyMapping;
import org.wso2.carbon.apimgt.impl.APIManagerConfiguration;
import org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO;
import org.wso2.carbon.apimgt.impl.dto.APIInfoDTO;
import org.wso2.carbon.apimgt.impl.dto.Environment;
import org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder;
import org.wso2.carbon.apimgt.impl.utils.APIAuthenticationAdminClient;
import org.wso2.carbon.apimgt.keymgt.APIKeyMgtException;
import org.wso2.carbon.apimgt.keymgt.ApplicationKeysDTO;
import org.wso2.carbon.apimgt.keymgt.util.APIKeyMgtUtil;
import org.wso2.carbon.core.AbstractAdmin;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.oauth.cache.OAuthCache;
import org.wso2.carbon.identity.oauth.cache.OAuthCacheKey;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;

/* loaded from: input_file:org/wso2/carbon/apimgt/keymgt/service/APIKeyMgtSubscriberService.class */
public class APIKeyMgtSubscriberService extends AbstractAdmin {
    private static final Log log = LogFactory.getLog(APIKeyMgtSubscriberService.class);
    private static final String GRANT_TYPE_CLIENT_CREDENTIALS = "client_credentials";
    private static final String OAUTH_RESPONSE_ACCESSTOKEN = "access_token";
    private static final String OAUTH_RESPONSE_EXPIRY_TIME = "expires_in";

    public String getAccessToken(String str, APIInfoDTO aPIInfoDTO, String str2, String str3, String str4) throws APIKeyMgtException, APIManagementException, IdentityException {
        ApiMgtDAO apiMgtDAO = new ApiMgtDAO();
        String accessKeyForAPI = apiMgtDAO.getAccessKeyForAPI(str, str2, aPIInfoDTO, str3);
        if (accessKeyForAPI == null) {
            int tenantIdOFUser = IdentityUtil.getTenantIdOFUser(str);
            accessKeyForAPI = apiMgtDAO.registerAccessToken(apiMgtDAO.addOAuthConsumer(str, tenantIdOFUser, str2, str4)[0], str2, str, tenantIdOFUser, aPIInfoDTO, str3);
        }
        return accessKeyForAPI;
    }

    public ApplicationKeysDTO getApplicationAccessToken(String str, String str2, String str3, String str4, String[] strArr, String str5) throws APIKeyMgtException, APIManagementException, IdentityException {
        ApiMgtDAO apiMgtDAO = new ApiMgtDAO();
        String[] strArr2 = null;
        String accessKeyForApplication = apiMgtDAO.getAccessKeyForApplication(str, str2, str3);
        if (accessKeyForApplication == null) {
            int tenantIdOFUser = IdentityUtil.getTenantIdOFUser(str);
            strArr2 = apiMgtDAO.addOAuthConsumer(str, tenantIdOFUser, str2, str4);
            accessKeyForApplication = apiMgtDAO.registerApplicationAccessToken(strArr2[0], str2, str, tenantIdOFUser, str3, strArr, str5);
        } else if (0 == 0) {
            strArr2 = apiMgtDAO.getOAuthCredentials(accessKeyForApplication, str3);
            if (strArr2 == null || strArr2[0] == null || strArr2[1] == null) {
                throw new APIKeyMgtException("Unable to locate OAuth credentials");
            }
        }
        ApplicationKeysDTO applicationKeysDTO = new ApplicationKeysDTO();
        applicationKeysDTO.setApplicationAccessToken(accessKeyForApplication);
        applicationKeysDTO.setConsumerKey(strArr2[0]);
        applicationKeysDTO.setConsumerSecret(strArr2[1]);
        applicationKeysDTO.setValidityTime(str5);
        return applicationKeysDTO;
    }

    public APIInfoDTO[] getSubscribedAPIsOfUser(String str) throws APIKeyMgtException, APIManagementException, IdentityException {
        return new ApiMgtDAO().getSubscribedAPIsOfUser(str);
    }

    public String renewAccessToken(String str, String str2, String[] strArr, String str3, String str4, String str5) throws Exception {
        String firstProperty = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration().getFirstProperty("APIKeyManager.TokenEndPointName");
        String firstProperty2 = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration().getFirstProperty("APIKeyManager.ServerURL");
        int port = new URL(firstProperty2).getPort();
        String str6 = null;
        if (firstProperty2 != null) {
            str6 = firstProperty2.split("services")[0] + firstProperty;
        }
        String replace = str6.replace("token", "revoke");
        X509HostnameVerifier x509HostnameVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
        DefaultHttpClient defaultHttpClient = new DefaultHttpClient();
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
        socketFactory.setHostnameVerifier(x509HostnameVerifier);
        if (port >= 0) {
            schemeRegistry.register(new Scheme("https", port, (SchemeSocketFactory) socketFactory));
        } else {
            schemeRegistry.register(new Scheme("https", 443, (SchemeSocketFactory) socketFactory));
        }
        SingleClientConnManager singleClientConnManager = new SingleClientConnManager(schemeRegistry);
        SingleClientConnManager singleClientConnManager2 = new SingleClientConnManager(schemeRegistry);
        DefaultHttpClient defaultHttpClient2 = new DefaultHttpClient(singleClientConnManager, defaultHttpClient.getParams());
        DefaultHttpClient defaultHttpClient3 = new DefaultHttpClient(singleClientConnManager2, defaultHttpClient.getParams());
        HttpPost httpPost = new HttpPost(str6);
        HttpPost httpPost2 = new HttpPost(replace);
        ArrayList arrayList = new ArrayList(3);
        ArrayList arrayList2 = new ArrayList(3);
        arrayList.add(new BasicNameValuePair("grant_type", GRANT_TYPE_CLIENT_CREDENTIALS));
        arrayList.add(new BasicNameValuePair("client_id", str3));
        arrayList.add(new BasicNameValuePair("client_secret", str4));
        arrayList2.add(new BasicNameValuePair("client_id", str3));
        arrayList2.add(new BasicNameValuePair("client_secret", str4));
        arrayList2.add(new BasicNameValuePair("token", str2));
        try {
            httpPost2.setEntity(new UrlEncodedFormEntity(arrayList2, "UTF-8"));
            HttpResponse execute = defaultHttpClient2.execute(httpPost2);
            if (execute.getStatusLine().getStatusCode() != 200) {
                throw new RuntimeException("Failed : HTTP error code : " + execute.getStatusLine().getStatusCode());
            }
            if (log.isDebugEnabled()) {
                log.debug("Successfully revoked old application access token");
            }
            httpPost.setEntity(new UrlEncodedFormEntity(arrayList, "UTF-8"));
            HttpResponse execute2 = defaultHttpClient3.execute(httpPost);
            HttpEntity entity = execute2.getEntity();
            if (execute2.getStatusLine().getStatusCode() != 200) {
                throw new RuntimeException("Failed : HTTP error code : " + execute2.getStatusLine().getStatusCode());
            }
            JSONObject jSONObject = new JSONObject(EntityUtils.toString(entity));
            String obj = jSONObject.get(OAUTH_RESPONSE_ACCESSTOKEN).toString();
            long parseLong = Long.parseLong(jSONObject.get(OAUTH_RESPONSE_EXPIRY_TIME).toString());
            if (str5 != null && !"".equals(str5)) {
                parseLong = Long.parseLong(str5);
            }
            new ApiMgtDAO().updateRefreshedApplicationAccessToken(str, obj, parseLong);
            return obj;
        } catch (Exception e) {
            log.error("Error in getting new accessToken");
            throw new APIKeyMgtException("Error in getting new accessToken", e);
        }
    }

    public void unsubscribeFromAPI(String str, APIInfoDTO aPIInfoDTO) {
    }

    public void revokeAccessToken(String str, String str2, String str3) throws APIManagementException, AxisFault {
        new ApiMgtDAO().revokeAccessToken(str);
        clearOAuthCache(str2, str3);
    }

    public void revokeAccessTokenForApplication(Application application) throws APIManagementException, AxisFault {
        APIManagerConfiguration aPIManagerConfiguration = ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration();
        boolean z = aPIManagerConfiguration.getApiGatewayEnvironments().size() > 0;
        Set<SubscribedAPI> set = null;
        Set<String> set2 = null;
        ApiMgtDAO apiMgtDAO = new ApiMgtDAO();
        if (z) {
            set2 = apiMgtDAO.getApplicationKeys(application.getId());
            set = apiMgtDAO.getSubscribedAPIs(application.getSubscriber());
        }
        ArrayList arrayList = new ArrayList();
        for (String str : set2) {
            apiMgtDAO.revokeAccessToken(str);
            for (SubscribedAPI subscribedAPI : set) {
                APIKeyMapping aPIKeyMapping = new APIKeyMapping();
                API api = APIKeyMgtUtil.getAPI(subscribedAPI.getApiId());
                aPIKeyMapping.setApiVersion(subscribedAPI.getApiId().getVersion());
                aPIKeyMapping.setContext(api.getContext());
                aPIKeyMapping.setKey(str);
                arrayList.add(aPIKeyMapping);
            }
        }
        if (arrayList.size() > 0) {
            Iterator it = aPIManagerConfiguration.getApiGatewayEnvironments().iterator();
            while (it.hasNext()) {
                new APIAuthenticationAdminClient((Environment) it.next()).invalidateKeys(arrayList);
            }
        }
    }

    public void revokeAccessTokenBySubscriber(Subscriber subscriber) throws APIManagementException, AxisFault {
        for (Application application : new ApiMgtDAO().getApplications(subscriber)) {
            revokeAccessTokenForApplication(application);
        }
    }

    public void revokeKeysByTier(String str) throws APIManagementException, AxisFault {
        for (Application application : new ApiMgtDAO().getApplicationsByTier(str)) {
            revokeAccessTokenForApplication(application);
        }
    }

    public void clearOAuthCache(String str, String str2) {
        OAuthCacheKey oAuthCacheKey = new OAuthCacheKey(str + ":" + str2);
        if (OAuthServerConfiguration.getInstance().isCacheEnabled()) {
            OAuthCache.getInstance().clearCacheEntry(oAuthCacheKey);
        }
    }
}
