package com.appiancorp.connectedsystems.http.execution.strategies;

import com.appiancorp.aws4auth.model.AWSSigV4AuthConfig;
import com.appiancorp.connectedsystems.ConnectedSystem;
import com.appiancorp.connectedsystems.contracts.HttpOAuthTokenService;
import com.appiancorp.connectedsystems.http.apikey.APIConfiguration;
import com.appiancorp.connectedsystems.http.aws4auth.AwsSignatureV4ServiceWrapper;
import com.appiancorp.connectedsystems.http.converter.HttpRequestParameterConverter;
import com.appiancorp.connectedsystems.http.execution.DiagnosticBuilder;
import com.appiancorp.connectedsystems.http.execution.HttpRequest;
import com.appiancorp.connectedsystems.http.oauth.GSAConfiguration;
import com.appiancorp.connectedsystems.http.oauth.OAuthConfiguration;
import com.appiancorp.connectedsystems.utils.ConnectedSystemAuthUtil;
import com.appiancorp.core.Constants;
import com.appiancorp.core.data.Dictionary;
import com.appiancorp.core.data.Record;
import com.appiancorp.core.data.Variant;
import com.appiancorp.core.expr.portable.Type;
import com.appiancorp.core.expr.portable.Value;
import com.appiancorp.core.expr.portable.cdt.OutboundIntegrationAuthBasicConstants;
import com.appiancorp.core.expr.portable.string.Strings;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.Lists;
import java.util.Optional;

/* loaded from: input_file:com/appiancorp/connectedsystems/http/execution/strategies/ExecutionStrategyProvider.class */
public class ExecutionStrategyProvider {
    public static final String API_KEY_VALUE = "apiKeyValue";
    public static final String API_KEY_NAME = "apiKeyName";
    public static final String SEND_AS_HEADER = "sendAsHeader";
    private final HttpOAuthTokenService httpOAuthTokenService;
    private final HttpRequestParameterConverter parameterConverter;
    private final AwsSignatureV4ServiceWrapper aws4Signer;

    public ExecutionStrategyProvider(HttpOAuthTokenService httpOAuthTokenService, HttpRequestParameterConverter httpRequestParameterConverter, AwsSignatureV4ServiceWrapper awsSignatureV4ServiceWrapper) {
        this.httpOAuthTokenService = httpOAuthTokenService;
        this.parameterConverter = httpRequestParameterConverter;
        this.aws4Signer = awsSignatureV4ServiceWrapper;
    }

    public HttpExecutionStrategy createStrategy(HttpRequest httpRequest, Dictionary dictionary, Optional<ConnectedSystem> optional, DiagnosticBuilder diagnosticBuilder) {
        if (optional.isPresent()) {
            ConnectedSystem connectedSystem = optional.get();
            return ConnectedSystemAuthUtil.isOAuth(connectedSystem) ? createOauthExecutionStrategy(connectedSystem, httpRequest) : ConnectedSystemAuthUtil.isApiKey(connectedSystem) ? createApiExecutionStrategy(connectedSystem, diagnosticBuilder) : ConnectedSystemAuthUtil.isOAuthClientCredential(connectedSystem) ? createOauthClientExecutionStrategy(connectedSystem, httpRequest, diagnosticBuilder) : ConnectedSystemAuthUtil.isOAuthSamlBearerAssertionAsAuthzGrant(connectedSystem) ? createOAuthSamlGrantExecutionStrategy(connectedSystem, httpRequest, diagnosticBuilder) : ConnectedSystemAuthUtil.isGoogleServiceAccount(connectedSystem) ? createOauthServiceAccountExecutionStrategy(connectedSystem, httpRequest, diagnosticBuilder) : ConnectedSystemAuthUtil.isBasic(connectedSystem) ? createBasicAuthExecutionStrategy(ConnectedSystemAuthUtil.getAuthDetailsFromCS(connectedSystem)) : ConnectedSystemAuthUtil.isAws4Auth(connectedSystem) ? createAws4AuthExecutionStrategy(connectedSystem, diagnosticBuilder) : HttpExecutionStrategy.DEFAULT_EXECUTION_STRATEGY;
        }
        if ("None".equals(dictionary.getAtKey("authType"))) {
            return HttpExecutionStrategy.DEFAULT_EXECUTION_STRATEGY;
        }
        Optional optionalAuthDetailsFromDictionary = ConnectedSystemAuthUtil.getOptionalAuthDetailsFromDictionary(dictionary);
        return optionalAuthDetailsFromDictionary.isPresent() ? createBasicAuthExecutionStrategy((Value) optionalAuthDetailsFromDictionary.get()) : HttpExecutionStrategy.DEFAULT_EXECUTION_STRATEGY;
    }

    private HttpExecutionStrategy createOauthExecutionStrategy(ConnectedSystem connectedSystem, HttpRequest httpRequest) {
        return new OAuthExecutionStrategy(httpRequest, this.httpOAuthTokenService, getOAuthConfigurationFromCS(connectedSystem));
    }

    private HttpExecutionStrategy createOauthServiceAccountExecutionStrategy(ConnectedSystem connectedSystem, HttpRequest httpRequest, DiagnosticBuilder diagnosticBuilder) {
        GSAConfiguration serviceAccountGsaConfigurationFromCS = getServiceAccountGsaConfigurationFromCS(connectedSystem);
        diagnosticBuilder.setIsGsaAuthorization(true);
        return new ServiceAccountExecutionStrategy(httpRequest, this.httpOAuthTokenService, serviceAccountGsaConfigurationFromCS);
    }

    private HttpExecutionStrategy createOauthClientExecutionStrategy(ConnectedSystem connectedSystem, HttpRequest httpRequest, DiagnosticBuilder diagnosticBuilder) {
        OAuthConfiguration oAuthConfigurationFromCS = getOAuthConfigurationFromCS(connectedSystem);
        diagnosticBuilder.setIsClientCredentialAuthorization(true);
        return new OAuthClientExecutionStrategy(httpRequest, this.httpOAuthTokenService, oAuthConfigurationFromCS);
    }

    private HttpExecutionStrategy createOAuthSamlGrantExecutionStrategy(ConnectedSystem connectedSystem, HttpRequest httpRequest, DiagnosticBuilder diagnosticBuilder) {
        OAuthConfiguration oAuthConfigurationFromCS = getOAuthConfigurationFromCS(connectedSystem);
        diagnosticBuilder.setIsOAuthSamlGrantAuthorization(true);
        return new OAuthSamlGrantExecutionStrategy(httpRequest, this.httpOAuthTokenService, oAuthConfigurationFromCS);
    }

    private HttpExecutionStrategy createApiExecutionStrategy(ConnectedSystem connectedSystem, DiagnosticBuilder diagnosticBuilder) {
        APIConfiguration apiKeyAuthFromCs = getApiKeyAuthFromCs(connectedSystem);
        diagnosticBuilder.setAPIConfiguration(apiKeyAuthFromCs);
        return getAPIAuthExecutionStrategy(apiKeyAuthFromCs);
    }

    private HttpExecutionStrategy createBasicAuthExecutionStrategy(Value value) {
        Record retrieveBasicAuthDetailsRecord = retrieveBasicAuthDetailsRecord(value.getValue());
        return new CompositeHttpExecutionStrategy(new BasicAuthStrategy(this.parameterConverter.retrieveUsername(retrieveBasicAuthDetailsRecord), this.parameterConverter.retrievePassword(retrieveBasicAuthDetailsRecord), this.parameterConverter.retrieveIsPreemptive(retrieveBasicAuthDetailsRecord)));
    }

    private HttpExecutionStrategy createAws4AuthExecutionStrategy(ConnectedSystem connectedSystem, DiagnosticBuilder diagnosticBuilder) {
        AWSSigV4AuthConfig aws4AuthenticationConfigFromCS = getAws4AuthenticationConfigFromCS(connectedSystem);
        diagnosticBuilder.setIsAwsSignatureV4Authorization(true);
        return new CompositeHttpExecutionStrategy(new AWS4AuthenticationStrategy(aws4AuthenticationConfigFromCS, this.aws4Signer));
    }

    @VisibleForTesting
    Record retrieveBasicAuthDetailsRecord(Object obj) {
        if (!(obj instanceof Dictionary)) {
            return (Record) obj;
        }
        Dictionary dictionary = (Dictionary) obj;
        return new Record(Type.getType(OutboundIntegrationAuthBasicConstants.QNAME), new Object[]{new Variant(Type.ENCRYPTED_TEXT.valueOf(dictionary.getAtKey("username"))), new Variant(Type.ENCRYPTED_TEXT.valueOf(dictionary.getAtKey("password"))), Type.BOOLEAN.valueOf(dictionary.getAtKey("isPreemptive"))});
    }

    private HttpExecutionStrategy getAPIAuthExecutionStrategy(APIConfiguration aPIConfiguration) {
        return new CompositeHttpExecutionStrategy(new APIKeyAuthenticationStrategy(aPIConfiguration, this.parameterConverter));
    }

    private APIConfiguration getApiKeyAuthFromCs(ConnectedSystem connectedSystem) {
        Dictionary dictionary = (Dictionary) ConnectedSystemAuthUtil.getAuthDetailsFromCS(connectedSystem).getValue();
        String retrieveAPIKey = this.parameterConverter.retrieveAPIKey(dictionary.get(API_KEY_VALUE).getRuntimeValue());
        String str = (String) dictionary.get(API_KEY_NAME).getValue();
        return APIConfiguration.builder().apiKeyValue(retrieveAPIKey).apiKeyName(str).sendAsHeader(Constants.BOOLEAN_TRUE.equals(dictionary.get(SEND_AS_HEADER).getValue())).build();
    }

    public static GSAConfiguration getServiceAccountGsaConfigurationFromCS(ConnectedSystem connectedSystem) {
        Dictionary dictionary = (Dictionary) ConnectedSystemAuthUtil.getAuthDetailsFromCS(connectedSystem).getValue();
        String str = (String) dictionary.getAtKey("privateKey");
        String str2 = (String) dictionary.getAtKey("privateKeyId");
        String str3 = (String) dictionary.getAtKey("clientEmail");
        String str4 = (String) dictionary.getAtKey("clientId");
        String str5 = (String) dictionary.getAtKey("tokenUri");
        String str6 = (String) dictionary.getAtKey("projectId");
        String str7 = (String) dictionary.getAtKey("userEmail");
        String str8 = (String) dictionary.getAtKey("scope");
        if (str8 != null) {
            str8 = str8.trim();
        }
        if (Strings.isNullOrEmpty(str8)) {
            str8 = "https://www.googleapis.com/auth/cloud-platform";
        }
        String[] split = str8.split("\\s+");
        GSAConfiguration gSAConfiguration = new GSAConfiguration();
        gSAConfiguration.setGsaPrivateKeyString(str);
        gSAConfiguration.setGsaProjectId(str6);
        gSAConfiguration.setGsaPrivateKeyId(str2);
        gSAConfiguration.setGsaClientEmail(str3);
        gSAConfiguration.setClientId(str4);
        gSAConfiguration.setTokenRequestUrl(str5);
        gSAConfiguration.setGsaScopes(Lists.newArrayList(split));
        gSAConfiguration.setCsUuid(connectedSystem.getUuid());
        gSAConfiguration.setGsaUserEmail(str7);
        return gSAConfiguration;
    }

    public AWSSigV4AuthConfig getAws4AuthenticationConfigFromCS(ConnectedSystem connectedSystem) {
        Dictionary dictionary = (Dictionary) ConnectedSystemAuthUtil.getAuthDetailsFromCS(connectedSystem).getValue();
        String decryptedString = this.parameterConverter.getDecryptedString(dictionary.getValue("secretKey"));
        String decryptedString2 = this.parameterConverter.getDecryptedString(dictionary.getValue("accessKeyId"));
        String decryptedString3 = this.parameterConverter.getDecryptedString(dictionary.getValue("securityToken"));
        String str = (String) dictionary.getAtKey("awsRegion");
        return AWSSigV4AuthConfig.builder().secretKey(decryptedString).accessKey(decryptedString2).securityToken(decryptedString3).region(str).serviceName((String) dictionary.getAtKey("awsService")).build();
    }

    public static OAuthConfiguration getOAuthConfigurationFromCS(ConnectedSystem connectedSystem) {
        Dictionary dictionary = (Dictionary) ConnectedSystemAuthUtil.getAuthDetailsFromCS(connectedSystem).getValue();
        String str = (String) dictionary.getAtKey("clientId");
        String str2 = (String) dictionary.getAtKey("clientSecret");
        String str3 = (String) dictionary.getAtKey("tokenUrl");
        String str4 = (String) dictionary.getAtKey("refreshTokenUrl");
        String str5 = (String) dictionary.getAtKey("authUrl");
        String str6 = (String) dictionary.getAtKey("scope");
        return new OAuthConfiguration().setCsUuid(connectedSystem.getUuid()).setClientId(str).setClientSecret(str2).setAuthorizationUrl(str5).setScope(str6).setTokenRequestUrl(str3).setRefreshTokenRequestUrl(str4).setHeaders(ConnectedSystemAuthUtil.extractCustomHeaders(dictionary)).setSaveToken(true);
    }
}
