package de.samply.share.common.utils.oauth2;

import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientResponse;
import de.samply.auth.client.jwt.JwtAccessToken;
import de.samply.auth.client.jwt.JwtException;
import de.samply.auth.client.jwt.KeyLoader;
import de.samply.auth.rest.AccessTokenDto;
import de.samply.auth.rest.AccessTokenRequestDto;
import de.samply.auth.rest.KeyIdentificationDto;
import de.samply.auth.rest.SignRequestDto;
import de.samply.share.common.utils.ProjectInfo;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import org.apache.commons.codec.binary.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/samply/share/common/utils/oauth2/OAuthUtils.class */
public class OAuthUtils {
    private static final Logger logger = LoggerFactory.getLogger(OAuthUtils.class);

    public static AccessTokenDto getAccessToken(Client client, String str, String str2, String str3) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        KeyIdentificationDto keyIdentificationDto = new KeyIdentificationDto();
        if (str2 == null || "".equalsIgnoreCase(str2)) {
            logger.warn("keyId empty or null, returning null");
            return null;
        }
        keyIdentificationDto.setKeyId(Integer.parseInt(str2));
        ClientResponse clientResponse = (ClientResponse) client.resource(str + "/oauth2/signRequest").accept(new String[]{"application/json"}).type("application/json").post(ClientResponse.class, keyIdentificationDto);
        if (clientResponse.getStatus() != 200) {
            logger.error("Auth.getAccessToken returned " + clientResponse.getStatus() + " on signRequest bailing out!");
            return null;
        }
        SignRequestDto signRequestDto = (SignRequestDto) clientResponse.getEntity(SignRequestDto.class);
        Signature signature = Signature.getInstance(signRequestDto.getAlgorithm());
        signature.initSign(KeyLoader.loadPrivateKey(str3));
        signature.update(signRequestDto.getCode().getBytes());
        String encodeBase64String = Base64.encodeBase64String(signature.sign());
        AccessTokenRequestDto accessTokenRequestDto = new AccessTokenRequestDto();
        accessTokenRequestDto.setCode(signRequestDto.getCode());
        accessTokenRequestDto.setSignature(encodeBase64String);
        ClientResponse clientResponse2 = (ClientResponse) client.resource(str + "/oauth2/access_token").accept(new String[]{"application/json"}).type("application/json").post(ClientResponse.class, accessTokenRequestDto);
        if (clientResponse2.getStatus() != 200) {
            logger.error("Auth.getAccessToken returned " + clientResponse2.getStatus() + " bailing out!");
            return null;
        }
        AccessTokenDto accessTokenDto = (AccessTokenDto) clientResponse2.getEntity(AccessTokenDto.class);
        logger.trace("Access token: " + accessTokenDto.getAccessToken());
        return accessTokenDto;
    }

    public static JwtAccessToken getJwtAccessToken(String str) {
        JwtAccessToken jwtAccessToken = null;
        if (str != null) {
            try {
                jwtAccessToken = new JwtAccessToken(OAuthConfig.getOAuth2Client(ProjectInfo.INSTANCE.getProjectName(), new String[0]), str.replace("Bearer ", ""));
            } catch (JwtException e) {
                logger.debug("Problems reading the access token: " + e);
            }
        }
        return jwtAccessToken;
    }

    public static String getUserAuthId(String str) {
        String str2 = "";
        logger.debug("Getting user auth ID... ");
        JwtAccessToken jwtAccessToken = getJwtAccessToken(str);
        if (jwtAccessToken != null && jwtAccessToken.isValid()) {
            str2 = jwtAccessToken.getSubject();
        }
        logger.debug("User auth ID: " + str2);
        return str2;
    }
}
