package br.com.fiorilli.cobrancaregistrada.token;

import br.com.fiorilli.cobrancaregistrada.ClientTrustingHostVerifier;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.StringReader;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.commons.codec.binary.Base64;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.ParseException;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.util.EntityUtils;
import org.json.simple.parser.JSONParser;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;

/* loaded from: input_file:br/com/fiorilli/cobrancaregistrada/token/OAuthUtils.class */
public class OAuthUtils {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:br/com/fiorilli/cobrancaregistrada/token/OAuthUtils$ClientTrustManager.class */
    public static class ClientTrustManager implements X509TrustManager {
        private ClientTrustManager() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    public static OAuth2Details createOAuthDetails(String str, String str2, String str3, String str4, String str5) {
        OAuth2Details oAuth2Details = new OAuth2Details();
        oAuth2Details.setAccessToken("");
        oAuth2Details.setRefreshToken(null);
        oAuth2Details.setGrantType(str2);
        oAuth2Details.setClientId(str4);
        oAuth2Details.setClientSecret(str5);
        oAuth2Details.setScope(str3);
        oAuth2Details.setAuthenticationServerUrl(str);
        oAuth2Details.setUsername(str4);
        oAuth2Details.setPassword(str5);
        oAuth2Details.setResourceServerUrl(null);
        if (!isValid(oAuth2Details.getResourceServerUrl())) {
            oAuth2Details.setAccessTokenRequest(true);
        }
        return oAuth2Details;
    }

    public static void getProtectedResource(OAuth2Details oAuth2Details) {
        HttpGet httpGet = new HttpGet(oAuth2Details.getResourceServerUrl());
        httpGet.addHeader(OAuthConstants.AUTHORIZATION, getAuthorizationHeaderForAccessToken(oAuth2Details.getAccessToken()));
        try {
            try {
                CloseableHttpClient build = HttpClientBuilder.create().setSSLSocketFactory(createClientTrusting()).build();
                try {
                    HttpResponse execute = build.execute(httpGet);
                    int statusCode = execute.getStatusLine().getStatusCode();
                    if (statusCode == 401 || statusCode == 403) {
                        String accessToken = getAccessToken(oAuth2Details);
                        if (!isValid(accessToken)) {
                            throw new RuntimeException("Could not regenerate access token");
                        }
                        oAuth2Details.setAccessToken(accessToken);
                        httpGet.removeHeaders(OAuthConstants.AUTHORIZATION);
                        httpGet.addHeader(OAuthConstants.AUTHORIZATION, getAuthorizationHeaderForAccessToken(oAuth2Details.getAccessToken()));
                        httpGet.releaseConnection();
                        execute = build.execute(httpGet);
                        int statusCode2 = execute.getStatusLine().getStatusCode();
                        if (statusCode2 >= 400) {
                            throw new RuntimeException("Could not access protected resource. Server returned http code: " + statusCode2);
                        }
                    }
                    handleResponse(execute);
                    if (build != null) {
                        build.close();
                    }
                    httpGet.releaseConnection();
                } catch (Throwable th) {
                    if (build != null) {
                        try {
                            build.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (Exception e) {
                e.printStackTrace();
                httpGet.releaseConnection();
            }
        } catch (Throwable th3) {
            httpGet.releaseConnection();
            throw th3;
        }
    }

    public static String getAccessToken(OAuth2Details oAuth2Details) {
        HttpPost httpPost = new HttpPost(oAuth2Details.getAuthenticationServerUrl());
        String scope = oAuth2Details.getScope();
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair(OAuthConstants.GRANT_TYPE, oAuth2Details.getGrantType()));
        if (isValid(scope)) {
            arrayList.add(new BasicNameValuePair(OAuthConstants.SCOPE, scope));
        }
        if (oAuth2Details.getClientSecret() == null) {
            arrayList.add(new BasicNameValuePair(OAuthConstants.CLIENT_ID, oAuth2Details.getClientId()));
        }
        String str = null;
        try {
            CloseableHttpClient createClient = createClient(oAuth2Details.getCertificate(), oAuth2Details.getCertificatePasswordAsCharArray(), "SSL");
            try {
                httpPost.setEntity(new UrlEncodedFormEntity(arrayList, StandardCharsets.UTF_8));
                httpPost.addHeader("Content-Type", OAuthConstants.URL_ENCODED_CONTENT);
                if (oAuth2Details.getClientSecret() != null) {
                    httpPost.addHeader(OAuthConstants.AUTHORIZATION, getBasicAuthorizationHeader(oAuth2Details.getClientId(), oAuth2Details.getClientSecret()));
                }
                HttpResponse execute = createClient.execute(httpPost);
                if (execute.getStatusLine().getStatusCode() == 401) {
                    httpPost.addHeader(OAuthConstants.AUTHORIZATION, getBasicAuthorizationHeader(oAuth2Details.getClientId(), oAuth2Details.getClientSecret()));
                    httpPost.releaseConnection();
                    execute = createClient.execute(httpPost);
                    int statusCode = execute.getStatusLine().getStatusCode();
                    if (statusCode == 401 || statusCode == 403) {
                        throw new RuntimeException("Could not retrieve access token for client: " + oAuth2Details.getClientId());
                    }
                }
                str = handleResponse(execute).get(OAuthConstants.ACCESS_TOKEN);
                if (createClient != null) {
                    createClient.close();
                }
            } finally {
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return str;
    }

    public static String getAccessTokenClient(OAuth2Details oAuth2Details) {
        CloseableHttpClient createClient;
        CloseableHttpResponse execute;
        int statusCode;
        HttpPost httpPost = new HttpPost(oAuth2Details.getAuthenticationServerUrl());
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair(OAuthConstants.GRANT_TYPE, oAuth2Details.getGrantType()));
        arrayList.add(new BasicNameValuePair(OAuthConstants.CLIENT_ID, oAuth2Details.getClientId()));
        arrayList.add(new BasicNameValuePair(OAuthConstants.CLIENT_SECRET, oAuth2Details.getClientSecret()));
        String str = null;
        try {
            createClient = createClient(oAuth2Details.getCertificate(), oAuth2Details.getCertificatePasswordAsCharArray(), "SSL");
            try {
                httpPost.setEntity(new UrlEncodedFormEntity(arrayList, StandardCharsets.UTF_8));
                httpPost.addHeader("Content-Type", OAuthConstants.URL_ENCODED_CONTENT);
                execute = createClient.execute(httpPost);
                statusCode = execute.getStatusLine().getStatusCode();
            } finally {
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (statusCode == 401 || statusCode == 403) {
            throw new RuntimeException("Could not retrieve access token for client: " + oAuth2Details.getClientId());
        }
        str = handleResponse(execute).get(OAuthConstants.ACCESS_TOKEN);
        if (createClient != null) {
            createClient.close();
        }
        return str;
    }

    public static Map<String, String> handleResponse(HttpResponse httpResponse) {
        String str = OAuthConstants.JSON_CONTENT;
        if (httpResponse.getEntity().getContentType() != null) {
            str = httpResponse.getEntity().getContentType().getValue();
        }
        if (str.contains(OAuthConstants.JSON_CONTENT)) {
            return handleJsonResponse(httpResponse);
        }
        if (str.contains(OAuthConstants.URL_ENCODED_CONTENT)) {
            return handleURLEncodedResponse(httpResponse);
        }
        if (str.contains(OAuthConstants.XML_CONTENT)) {
            return handleXMLResponse(httpResponse);
        }
        throw new RuntimeException("Cannot handle " + str + " content type. Supported content types include JSON, XML and URLEncoded");
    }

    public static Map<String, String> handleJsonResponse(HttpResponse httpResponse) {
        try {
            return (Map) new JSONParser().parse(EntityUtils.toString(httpResponse.getEntity()));
        } catch (ParseException | org.json.simple.parser.ParseException | IOException e) {
            e.printStackTrace();
            throw new RuntimeException();
        }
    }

    public static Map<String, String> handleURLEncodedResponse(HttpResponse httpResponse) {
        HashMap hashMap = new HashMap();
        try {
            for (NameValuePair nameValuePair : URLEncodedUtils.parse(EntityUtils.toString(httpResponse.getEntity()), StandardCharsets.UTF_8)) {
                hashMap.put(nameValuePair.getName(), nameValuePair.getValue());
            }
            return hashMap;
        } catch (IOException e) {
            e.printStackTrace();
            throw new RuntimeException("Could not parse URLEncoded Response");
        }
    }

    public static Map<String, String> handleXMLResponse(HttpResponse httpResponse) {
        HashMap hashMap = new HashMap();
        try {
            String entityUtils = EntityUtils.toString(httpResponse.getEntity());
            DocumentBuilder newDocumentBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
            InputSource inputSource = new InputSource();
            inputSource.setCharacterStream(new StringReader(entityUtils));
            parseXMLDoc(null, newDocumentBuilder.parse(inputSource), hashMap);
            return hashMap;
        } catch (Exception e) {
            e.printStackTrace();
            throw new RuntimeException("Exception occurred while parsing XML response");
        }
    }

    public static void parseXMLDoc(Element element, Document document, Map<String, String> map) {
        NodeList childNodes = element == null ? document.getChildNodes() : element.getChildNodes();
        for (int i = 0; i < childNodes.getLength(); i++) {
            if (childNodes.item(i).getNodeType() == 1) {
                Element element2 = (Element) childNodes.item(i);
                if (element2.hasChildNodes()) {
                    map.put(element2.getTagName(), element2.getTextContent());
                    parseXMLDoc(element2, null, map);
                }
            }
        }
    }

    public static String getAuthorizationHeaderForAccessToken(String str) {
        return "Bearer " + str;
    }

    public static String getBasicAuthorizationHeader(String str, String str2) {
        return "Basic " + encodeCredentials(str, str2);
    }

    public static String encodeCredentials(String str, String str2) {
        return new String(Base64.encodeBase64((str + ":" + str2).getBytes()));
    }

    public static boolean isValidInput(OAuth2Details oAuth2Details) {
        if (oAuth2Details == null) {
            return false;
        }
        String grantType = oAuth2Details.getGrantType();
        if (!isValid(grantType) || !isValid(oAuth2Details.getAuthenticationServerUrl())) {
            return false;
        }
        if (grantType.equals(OAuthConstants.GRANT_TYPE_PASSWORD) && (!isValid(oAuth2Details.getUsername()) || !isValid(oAuth2Details.getPassword()))) {
            return false;
        }
        if (grantType.equals("client_credentials")) {
            return isValid(oAuth2Details.getClientId());
        }
        return true;
    }

    public static boolean isValid(String str) {
        return str != null && str.trim().length() > 0;
    }

    private static SSLConnectionSocketFactory createClientTrusting() throws Exception {
        return new SSLConnectionSocketFactory(SSLContextBuilder.create().loadTrustMaterial(new TrustSelfSignedStrategy()).setProtocol("TLSv1.2").build(), new ClientTrustingHostVerifier());
    }

    private static KeyStore readStore(byte[] bArr, char[] cArr) throws Exception {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(byteArrayInputStream, cArr);
            byteArrayInputStream.close();
            return keyStore;
        } catch (Throwable th) {
            try {
                byteArrayInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private static CloseableHttpClient createClient(byte[] bArr, char[] cArr, String str) throws Exception {
        RequestConfig build = RequestConfig.custom().setConnectTimeout(5 * 1000).setConnectionRequestTimeout(5 * 1000).setSocketTimeout(5 * 1000).build();
        if (bArr == null) {
            return HttpClientBuilder.create().setSSLSocketFactory(createClientTrusting()).setDefaultRequestConfig(build).build();
        }
        SSLContext sSLContext = SSLContext.getInstance(str);
        KeyStore readStore = readStore(bArr, cArr);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(readStore, cArr);
        sSLContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[]{new ClientTrustManager()}, new SecureRandom());
        return HttpClients.custom().setDefaultRequestConfig(build).setSSLContext(sSLContext).build();
    }
}
