package io.gravitee.management.service.impl.configuration.application.registration;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import io.gravitee.common.utils.IdGenerator;
import io.gravitee.common.utils.UUID;
import io.gravitee.management.model.NewApplicationEntity;
import io.gravitee.management.model.UpdateApplicationEntity;
import io.gravitee.management.model.configuration.application.registration.ClientRegistrationProviderEntity;
import io.gravitee.management.model.configuration.application.registration.InitialAccessTokenType;
import io.gravitee.management.model.configuration.application.registration.NewClientRegistrationProviderEntity;
import io.gravitee.management.model.configuration.application.registration.UpdateClientRegistrationProviderEntity;
import io.gravitee.management.service.AuditService;
import io.gravitee.management.service.configuration.application.ClientRegistrationService;
import io.gravitee.management.service.exceptions.TechnicalManagementException;
import io.gravitee.management.service.impl.AbstractService;
import io.gravitee.management.service.impl.configuration.application.registration.client.DiscoveryBasedDynamicClientRegistrationProviderClient;
import io.gravitee.management.service.impl.configuration.application.registration.client.DynamicClientRegistrationProviderClient;
import io.gravitee.management.service.impl.configuration.application.registration.client.register.ClientRegistrationRequest;
import io.gravitee.management.service.impl.configuration.application.registration.client.register.ClientRegistrationResponse;
import io.gravitee.management.service.impl.configuration.application.registration.client.token.ClientCredentialsInitialAccessTokenProvider;
import io.gravitee.management.service.impl.configuration.application.registration.client.token.InitialAccessTokenProvider;
import io.gravitee.management.service.impl.configuration.application.registration.client.token.PlainInitialAccessTokenProvider;
import io.gravitee.repository.exceptions.TechnicalException;
import io.gravitee.repository.management.api.ClientRegistrationProviderRepository;
import io.gravitee.repository.management.model.Audit;
import io.gravitee.repository.management.model.ClientRegistrationProvider;
import java.util.Collections;
import java.util.Date;
import java.util.Optional;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:io/gravitee/management/service/impl/configuration/application/registration/ClientRegistrationServiceImpl.class */
public class ClientRegistrationServiceImpl extends AbstractService implements ClientRegistrationService {

    @Autowired
    private ClientRegistrationProviderRepository clientRegistrationProviderRepository;

    @Autowired
    private AuditService auditService;
    private final Logger LOGGER = LoggerFactory.getLogger(ClientRegistrationServiceImpl.class);
    private final ObjectMapper mapper = new ObjectMapper();
    private final Cache<String, DynamicClientRegistrationProviderClient> clients = CacheBuilder.newBuilder().expireAfterWrite(5, TimeUnit.MINUTES).build();

    @Override // io.gravitee.management.service.configuration.application.ClientRegistrationService
    public Set<ClientRegistrationProviderEntity> findAll() {
        try {
            return (Set) this.clientRegistrationProviderRepository.findAll().stream().map(this::convert).collect(Collectors.toSet());
        } catch (TechnicalException e) {
            this.LOGGER.error("An error occurs while trying to retrieve client registration providers", e);
            throw new TechnicalManagementException("An error occurs while trying to retrieve client registration providers", e);
        }
    }

    @Override // io.gravitee.management.service.configuration.application.ClientRegistrationService
    public ClientRegistrationProviderEntity create(NewClientRegistrationProviderEntity newClientRegistrationProviderEntity) {
        try {
            this.LOGGER.debug("Create client registration provider {}", newClientRegistrationProviderEntity);
            Set<ClientRegistrationProviderEntity> findAll = findAll();
            if (findAll.size() == 1) {
                throw new IllegalStateException("Until now, supports only a single client registration provider. Please update the existing one: " + findAll.iterator().next().getName());
            }
            if (this.clientRegistrationProviderRepository.findById(IdGenerator.generate(newClientRegistrationProviderEntity.getName())).isPresent()) {
                throw new ClientRegistrationProviderAlreadyExistsException(newClientRegistrationProviderEntity.getName());
            }
            if (newClientRegistrationProviderEntity.getInitialAccessTokenType() == InitialAccessTokenType.INITIAL_ACCESS_TOKEN && (newClientRegistrationProviderEntity.getInitialAccessToken() == null || newClientRegistrationProviderEntity.getInitialAccessToken().isEmpty())) {
                throw new EmptyInitialAccessTokenException();
            }
            ClientRegistrationProvider convert = convert(newClientRegistrationProviderEntity);
            convert.setId(UUID.toString(UUID.random()));
            DynamicClientRegistrationProviderClient dCRClient = getDCRClient(true, convert(convert));
            dCRClient.getInitialAccessToken();
            this.LOGGER.debug("Found a DCR Client for provider: {}", convert.getName(), dCRClient);
            convert.setCreatedAt(new Date());
            convert.setUpdatedAt(convert.getCreatedAt());
            ClientRegistrationProvider clientRegistrationProvider = (ClientRegistrationProvider) this.clientRegistrationProviderRepository.create(convert);
            this.auditService.createPortalAuditLog(Collections.singletonMap(Audit.AuditProperties.CLIENT_REGISTRATION_PROVIDER, clientRegistrationProvider.getId()), ClientRegistrationProvider.AuditEvent.CLIENT_REGISTRATION_PROVIDER_CREATED, clientRegistrationProvider.getUpdatedAt(), null, clientRegistrationProvider);
            return convert(clientRegistrationProvider);
        } catch (TechnicalException e) {
            this.LOGGER.error("An error occurs while trying to create client registration provider {}", newClientRegistrationProviderEntity, e);
            throw new TechnicalManagementException("An error occurs while trying to create " + newClientRegistrationProviderEntity, e);
        }
    }

    @Override // io.gravitee.management.service.configuration.application.ClientRegistrationService
    public ClientRegistrationProviderEntity update(String str, UpdateClientRegistrationProviderEntity updateClientRegistrationProviderEntity) {
        try {
            this.LOGGER.debug("Update client registration provider {}", updateClientRegistrationProviderEntity);
            Optional findById = this.clientRegistrationProviderRepository.findById(str);
            if (!findById.isPresent()) {
                throw new ClientRegistrationProviderNotFoundException(updateClientRegistrationProviderEntity.getName());
            }
            if (updateClientRegistrationProviderEntity.getInitialAccessTokenType() == InitialAccessTokenType.INITIAL_ACCESS_TOKEN && (updateClientRegistrationProviderEntity.getInitialAccessToken() == null || updateClientRegistrationProviderEntity.getInitialAccessToken().isEmpty())) {
                throw new EmptyInitialAccessTokenException();
            }
            ClientRegistrationProvider convert = convert(updateClientRegistrationProviderEntity);
            convert.setId(str);
            DynamicClientRegistrationProviderClient dCRClient = getDCRClient(true, convert(convert));
            dCRClient.getInitialAccessToken();
            this.LOGGER.debug("Found a DCR Client for provider: {}", convert.getName(), dCRClient);
            ClientRegistrationProvider clientRegistrationProvider = (ClientRegistrationProvider) findById.get();
            convert.setId(str);
            convert.setCreatedAt(clientRegistrationProvider.getCreatedAt());
            convert.setUpdatedAt(new Date());
            ClientRegistrationProvider clientRegistrationProvider2 = (ClientRegistrationProvider) this.clientRegistrationProviderRepository.update(convert);
            this.auditService.createPortalAuditLog(Collections.singletonMap(Audit.AuditProperties.CLIENT_REGISTRATION_PROVIDER, str), ClientRegistrationProvider.AuditEvent.CLIENT_REGISTRATION_PROVIDER_CREATED, convert.getUpdatedAt(), clientRegistrationProvider, clientRegistrationProvider2);
            return convert(clientRegistrationProvider2);
        } catch (TechnicalException e) {
            this.LOGGER.error("An error occurs while trying to update client registration provider {}", updateClientRegistrationProviderEntity, e);
            throw new TechnicalManagementException("An error occurs while trying to update " + updateClientRegistrationProviderEntity, e);
        }
    }

    @Override // io.gravitee.management.service.configuration.application.ClientRegistrationService
    public ClientRegistrationProviderEntity findById(String str) {
        try {
            this.LOGGER.debug("Find client registration provider by ID: {}", str);
            Optional findById = this.clientRegistrationProviderRepository.findById(str);
            if (findById.isPresent()) {
                return convert((ClientRegistrationProvider) findById.get());
            }
            throw new ClientRegistrationProviderNotFoundException(str);
        } catch (TechnicalException e) {
            this.LOGGER.error("An error occurs while trying to find a client registration provider using its ID {}", str, e);
            throw new TechnicalManagementException("An error occurs while trying to delete a client registration provider using its ID " + str, e);
        }
    }

    @Override // io.gravitee.management.service.configuration.application.ClientRegistrationService
    public void delete(String str) {
        try {
            this.LOGGER.debug("Delete client registration provider: {}", str);
            Optional findById = this.clientRegistrationProviderRepository.findById(str);
            if (!findById.isPresent()) {
                throw new ClientRegistrationProviderNotFoundException(str);
            }
            this.clientRegistrationProviderRepository.delete(str);
            this.auditService.createPortalAuditLog(Collections.singletonMap(Audit.AuditProperties.CLIENT_REGISTRATION_PROVIDER, str), ClientRegistrationProvider.AuditEvent.CLIENT_REGISTRATION_PROVIDER_DELETED, new Date(), findById.get(), null);
        } catch (TechnicalException e) {
            this.LOGGER.error("An error occurs while trying to delete a client registration provider using its ID {}", str, e);
            throw new TechnicalManagementException("An error occurs while trying to delete a client registration provider using its ID " + str, e);
        }
    }

    @Override // io.gravitee.management.service.configuration.application.ClientRegistrationService
    public ClientRegistrationResponse register(NewApplicationEntity newApplicationEntity) {
        Set<ClientRegistrationProviderEntity> findAll = findAll();
        if (findAll == null || findAll.isEmpty()) {
            throw new MissingDynamicClientRegistrationProviderException();
        }
        return getDCRClient(false, findAll.iterator().next()).register(convert(newApplicationEntity));
    }

    private DynamicClientRegistrationProviderClient getDCRClient(boolean z, ClientRegistrationProviderEntity clientRegistrationProviderEntity) {
        try {
            InitialAccessTokenProvider clientCredentialsInitialAccessTokenProvider = clientRegistrationProviderEntity.getInitialAccessTokenType() == InitialAccessTokenType.CLIENT_CREDENTIALS ? new ClientCredentialsInitialAccessTokenProvider(clientRegistrationProviderEntity.getClientId(), clientRegistrationProviderEntity.getClientSecret(), clientRegistrationProviderEntity.getScopes()) : new PlainInitialAccessTokenProvider(clientRegistrationProviderEntity.getInitialAccessToken());
            if (!z) {
                InitialAccessTokenProvider initialAccessTokenProvider = clientCredentialsInitialAccessTokenProvider;
                return (DynamicClientRegistrationProviderClient) this.clients.get(clientRegistrationProviderEntity.getId(), () -> {
                    return new DiscoveryBasedDynamicClientRegistrationProviderClient(clientRegistrationProviderEntity.getDiscoveryEndpoint(), initialAccessTokenProvider);
                });
            }
            DiscoveryBasedDynamicClientRegistrationProviderClient discoveryBasedDynamicClientRegistrationProviderClient = new DiscoveryBasedDynamicClientRegistrationProviderClient(clientRegistrationProviderEntity.getDiscoveryEndpoint(), clientCredentialsInitialAccessTokenProvider);
            if (clientRegistrationProviderEntity.getId() != null) {
                this.clients.put(clientRegistrationProviderEntity.getId(), discoveryBasedDynamicClientRegistrationProviderClient);
            }
            return discoveryBasedDynamicClientRegistrationProviderClient;
        } catch (Exception e) {
            this.LOGGER.error("Unexpected error while getting a dynamic client registration client", e);
            throw new InvalidClientRegistrationProviderException();
        }
    }

    @Override // io.gravitee.management.service.configuration.application.ClientRegistrationService
    public ClientRegistrationResponse update(String str, UpdateApplicationEntity updateApplicationEntity) {
        try {
            ClientRegistrationResponse clientRegistrationResponse = (ClientRegistrationResponse) this.mapper.readValue(str, ClientRegistrationResponse.class);
            if (clientRegistrationResponse.getRegistrationAccessToken() == null || clientRegistrationResponse.getRegistrationAccessToken().isEmpty() || clientRegistrationResponse.getRegistrationClientUri() == null || clientRegistrationResponse.getRegistrationClientUri().isEmpty()) {
                throw new RegisteredClientNotUpdatableException();
            }
            Set<ClientRegistrationProviderEntity> findAll = findAll();
            if (findAll == null || findAll.isEmpty()) {
                throw new MissingDynamicClientRegistrationProviderException();
            }
            return getDCRClient(false, findAll.iterator().next()).update(clientRegistrationResponse.getRegistrationAccessToken(), clientRegistrationResponse.getRegistrationClientUri(), convert((ClientRegistrationRequest) this.mapper.readValue(str, ClientRegistrationRequest.class), updateApplicationEntity));
        } catch (Exception e) {
            this.LOGGER.error("Unexpected error while updating a client", e);
            return null;
        }
    }

    private ClientRegistrationRequest convert(ClientRegistrationRequest clientRegistrationRequest, UpdateApplicationEntity updateApplicationEntity) {
        clientRegistrationRequest.setClientName(updateApplicationEntity.getName());
        clientRegistrationRequest.setApplicationType(updateApplicationEntity.getSettings().getoAuthClient().getApplicationType());
        clientRegistrationRequest.setClientUri(updateApplicationEntity.getSettings().getoAuthClient().getClientUri());
        clientRegistrationRequest.setGrantTypes(updateApplicationEntity.getSettings().getoAuthClient().getGrantTypes());
        clientRegistrationRequest.setLogoUri(updateApplicationEntity.getSettings().getoAuthClient().getLogoUri());
        clientRegistrationRequest.setRedirectUris(updateApplicationEntity.getSettings().getoAuthClient().getRedirectUris());
        clientRegistrationRequest.setResponseTypes(updateApplicationEntity.getSettings().getoAuthClient().getResponseTypes());
        return clientRegistrationRequest;
    }

    private ClientRegistrationRequest convert(NewApplicationEntity newApplicationEntity) {
        ClientRegistrationRequest clientRegistrationRequest = new ClientRegistrationRequest();
        clientRegistrationRequest.setClientName(newApplicationEntity.getName());
        clientRegistrationRequest.setApplicationType(newApplicationEntity.getSettings().getoAuthClient().getApplicationType());
        clientRegistrationRequest.setClientUri(newApplicationEntity.getSettings().getoAuthClient().getClientUri());
        clientRegistrationRequest.setGrantTypes(newApplicationEntity.getSettings().getoAuthClient().getGrantTypes());
        clientRegistrationRequest.setLogoUri(newApplicationEntity.getSettings().getoAuthClient().getLogoUri());
        clientRegistrationRequest.setRedirectUris(newApplicationEntity.getSettings().getoAuthClient().getRedirectUris());
        clientRegistrationRequest.setResponseTypes(newApplicationEntity.getSettings().getoAuthClient().getResponseTypes());
        return clientRegistrationRequest;
    }

    private ClientRegistrationProviderEntity convert(ClientRegistrationProvider clientRegistrationProvider) {
        ClientRegistrationProviderEntity clientRegistrationProviderEntity = new ClientRegistrationProviderEntity();
        clientRegistrationProviderEntity.setId(clientRegistrationProvider.getId());
        clientRegistrationProviderEntity.setName(clientRegistrationProvider.getName());
        clientRegistrationProviderEntity.setDescription(clientRegistrationProvider.getDescription());
        clientRegistrationProviderEntity.setDiscoveryEndpoint(clientRegistrationProvider.getDiscoveryEndpoint());
        if (clientRegistrationProvider.getInitialAccessTokenType() == null || clientRegistrationProvider.getInitialAccessTokenType() == ClientRegistrationProvider.InitialAccessTokenType.CLIENT_CREDENTIALS) {
            clientRegistrationProviderEntity.setInitialAccessTokenType(InitialAccessTokenType.CLIENT_CREDENTIALS);
            clientRegistrationProviderEntity.setClientId(clientRegistrationProvider.getClientId());
            clientRegistrationProviderEntity.setClientSecret(clientRegistrationProvider.getClientSecret());
            clientRegistrationProviderEntity.setScopes(clientRegistrationProvider.getScopes());
        } else {
            clientRegistrationProviderEntity.setInitialAccessTokenType(InitialAccessTokenType.INITIAL_ACCESS_TOKEN);
            clientRegistrationProviderEntity.setInitialAccessToken(clientRegistrationProvider.getInitialAccessToken());
        }
        clientRegistrationProviderEntity.setCreatedAt(clientRegistrationProvider.getCreatedAt());
        clientRegistrationProviderEntity.setUpdatedAt(clientRegistrationProvider.getUpdatedAt());
        return clientRegistrationProviderEntity;
    }

    private ClientRegistrationProvider convert(NewClientRegistrationProviderEntity newClientRegistrationProviderEntity) {
        ClientRegistrationProvider clientRegistrationProvider = new ClientRegistrationProvider();
        clientRegistrationProvider.setName(newClientRegistrationProviderEntity.getName());
        clientRegistrationProvider.setDescription(newClientRegistrationProviderEntity.getDescription());
        clientRegistrationProvider.setDiscoveryEndpoint(newClientRegistrationProviderEntity.getDiscoveryEndpoint());
        if (newClientRegistrationProviderEntity.getInitialAccessTokenType() == InitialAccessTokenType.CLIENT_CREDENTIALS) {
            clientRegistrationProvider.setInitialAccessTokenType(ClientRegistrationProvider.InitialAccessTokenType.CLIENT_CREDENTIALS);
            clientRegistrationProvider.setClientId(newClientRegistrationProviderEntity.getClientId());
            clientRegistrationProvider.setClientSecret(newClientRegistrationProviderEntity.getClientSecret());
            clientRegistrationProvider.setScopes(newClientRegistrationProviderEntity.getScopes());
        } else {
            clientRegistrationProvider.setInitialAccessTokenType(ClientRegistrationProvider.InitialAccessTokenType.INITIAL_ACCESS_TOKEN);
            clientRegistrationProvider.setInitialAccessToken(newClientRegistrationProviderEntity.getInitialAccessToken());
        }
        return clientRegistrationProvider;
    }

    private ClientRegistrationProvider convert(UpdateClientRegistrationProviderEntity updateClientRegistrationProviderEntity) {
        ClientRegistrationProvider clientRegistrationProvider = new ClientRegistrationProvider();
        clientRegistrationProvider.setName(updateClientRegistrationProviderEntity.getName());
        clientRegistrationProvider.setDescription(updateClientRegistrationProviderEntity.getDescription());
        clientRegistrationProvider.setDiscoveryEndpoint(updateClientRegistrationProviderEntity.getDiscoveryEndpoint());
        if (updateClientRegistrationProviderEntity.getInitialAccessTokenType() == InitialAccessTokenType.CLIENT_CREDENTIALS) {
            clientRegistrationProvider.setInitialAccessTokenType(ClientRegistrationProvider.InitialAccessTokenType.CLIENT_CREDENTIALS);
            clientRegistrationProvider.setClientId(updateClientRegistrationProviderEntity.getClientId());
            clientRegistrationProvider.setClientSecret(updateClientRegistrationProviderEntity.getClientSecret());
            clientRegistrationProvider.setScopes(updateClientRegistrationProviderEntity.getScopes());
        } else {
            clientRegistrationProvider.setInitialAccessTokenType(ClientRegistrationProvider.InitialAccessTokenType.INITIAL_ACCESS_TOKEN);
            clientRegistrationProvider.setInitialAccessToken(updateClientRegistrationProviderEntity.getInitialAccessToken());
        }
        return clientRegistrationProvider;
    }
}
