package com.appiancorp.connectedsystems.http.oauth;

import com.appian.connectedsystems.templateframework.sdk.oauth.OAuthConfigurationData;
import com.appiancorp.common.monitoring.ProductMetricsAggregatedDataCollector;
import com.appiancorp.connectedsystems.ConnectedSystemExternalSystemService;
import com.appiancorp.connectedsystems.contracts.CstOAuthTokenService;
import com.appiancorp.connectedsystems.contracts.CstOAuthTokenServiceException;
import com.appiancorp.connectedsystems.contracts.HttpOAuthTokenService;
import com.appiancorp.connectedsystems.data.GSAConfigurationData;
import com.appiancorp.connectedsystems.http.audit.ServiceAccountProductMetricsLogger;
import com.appiancorp.connectedsystems.http.functions.ConnectedSystemOAuthServiceAccountAuthorizationFunction;
import com.appiancorp.core.expr.portable.string.Strings;
import com.appiancorp.exceptions.ObjectNotFoundException;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Optional;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/appiancorp/connectedsystems/http/oauth/CstOAuthTokenServiceImpl.class */
public class CstOAuthTokenServiceImpl implements CstOAuthTokenService {
    private static final Logger LOG = Logger.getLogger(HttpOAuthTokenService.class);
    private final OAuthTokenRetriever oAuthTokenRetriever;
    private final ConnectedSystemExternalSystemService connectedSystemExternalSystemService;

    public CstOAuthTokenServiceImpl(OAuthTokenRetriever oAuthTokenRetriever, ConnectedSystemExternalSystemService connectedSystemExternalSystemService) {
        this.oAuthTokenRetriever = oAuthTokenRetriever;
        this.connectedSystemExternalSystemService = connectedSystemExternalSystemService;
    }

    public String getAccessToken(String str) throws CstOAuthTokenServiceException {
        Optional oAuthAccessToken = this.connectedSystemExternalSystemService.getOAuthAccessToken(str);
        if (oAuthAccessToken.isPresent()) {
            return (String) oAuthAccessToken.get();
        }
        throw CstOAuthTokenServiceException.AccessTokenNotFound();
    }

    public String getSystemAccessToken(String str, OAuthConfigurationData oAuthConfigurationData, boolean z) throws CstOAuthTokenServiceException {
        OAuthTokenResponse retrieveSystemToken;
        Optional empty = Optional.empty();
        if (z) {
            empty = this.connectedSystemExternalSystemService.getOAuthSystemAccessToken(str);
        }
        if (empty.isPresent()) {
            LOG.debug("There was a system access token stored in the database for the connected system.");
            return (String) empty.get();
        }
        LOG.debug("There was no system access token stored in the database for the connected system.");
        String str2 = null;
        try {
            retrieveSystemToken = this.oAuthTokenRetriever.retrieveSystemToken(OAuthConfigurationMapper.dataToConfiguration(oAuthConfigurationData));
            str2 = retrieveSystemToken.getAccessToken();
        } catch (ObjectNotFoundException e) {
            LOG.error(e);
        } catch (UnsupportedEncodingException e2) {
            throw CstOAuthTokenServiceException.AccessTokenNotFound();
        }
        if (str2 == null || !retrieveSystemToken.isSuccess()) {
            throw CstOAuthTokenServiceException.AccessTokenNotFound();
        }
        this.connectedSystemExternalSystemService.persistSystemToken(str, str2);
        return str2;
    }

    public String getGsaAccessToken(String str, GSAConfigurationData gSAConfigurationData, boolean z) throws CstOAuthTokenServiceException {
        OAuthTokenResponse retrieveGsaToken;
        Optional empty = Optional.empty();
        Optional empty2 = Optional.empty();
        if (z) {
            empty = this.connectedSystemExternalSystemService.getOAuthSystemAccessToken(str);
            empty2 = this.connectedSystemExternalSystemService.getOAuthSystemAccessTokenExpiration(str);
        }
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("EEE MMM dd HH:mm:ss z yyyy");
        boolean z2 = false;
        if (empty2.isPresent()) {
            try {
                z2 = simpleDateFormat.parse((String) empty2.get()).getTime() < System.currentTimeMillis();
            } catch (ParseException e) {
                LOG.error(e);
                throw new RuntimeException(e);
            }
        }
        if (empty.isPresent() && !z2) {
            LOG.debug("There was an unexpired GSA access token stored in the database for the connected system.");
            return (String) empty.get();
        }
        LOG.debug("Access token is stored in the database: " + empty.isPresent());
        if (empty2.isPresent()) {
            LOG.debug("Access token is expired: " + z2);
        }
        GSAConfiguration dataToGsaConfiguration = OAuthConfigurationMapper.dataToGsaConfiguration(gSAConfigurationData);
        String str2 = null;
        String gsaUserEmail = dataToGsaConfiguration.getGsaUserEmail();
        try {
            retrieveGsaToken = this.oAuthTokenRetriever.retrieveGsaToken(dataToGsaConfiguration);
            str2 = retrieveGsaToken.getAccessToken();
        } catch (ObjectNotFoundException e2) {
            LOG.error(e2);
        } catch (IOException | NoSuchAlgorithmException | InvalidKeySpecException e3) {
            LOG.error(e3);
            throw CstOAuthTokenServiceException.AccessTokenNotFound();
        }
        if (Strings.isNullOrEmpty(str2) || !retrieveGsaToken.isSuccess()) {
            LOG.error("Failed to retrieve access token");
            throw CstOAuthTokenServiceException.AccessTokenNotFound();
        }
        if (z2) {
            ServiceAccountProductMetricsLogger.logGsaRefresh((gsaUserEmail == null || gsaUserEmail.isEmpty()) ? ".success" : ConnectedSystemOAuthServiceAccountAuthorizationFunction.SUCCESS_WITH_DWD_SUFFIX);
        }
        String expiresIn = retrieveGsaToken.getExpiresIn();
        this.connectedSystemExternalSystemService.persistSystemToken(str, str2);
        this.connectedSystemExternalSystemService.persistSystemExpiration(str, expiresIn);
        return str2;
    }

    public String refreshAccessToken(String str, OAuthConfigurationData oAuthConfigurationData) throws CstOAuthTokenServiceException {
        OAuthConfiguration dataToConfiguration = OAuthConfigurationMapper.dataToConfiguration(oAuthConfigurationData);
        Optional oAuthRefreshToken = this.connectedSystemExternalSystemService.getOAuthRefreshToken(str);
        if (!oAuthRefreshToken.isPresent()) {
            throw CstOAuthTokenServiceException.RefreshTokenNotFound();
        }
        try {
            OAuthTokenResponse refreshToken = this.oAuthTokenRetriever.refreshToken(dataToConfiguration, (String) oAuthRefreshToken.get());
            if (refreshToken.isSuccess()) {
                return persistToken(str, refreshToken);
            }
            ProductMetricsAggregatedDataCollector.recordData("connectedSystems.oauth.refresh.failure");
            if (LOG.isDebugEnabled()) {
                LOG.error("Refresh was unsuccessful. Printing refresh response: " + refreshToken.toString());
            }
            throw CstOAuthTokenServiceException.UnableToRefreshToken();
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    public String refreshSamlAccessToken(String str, OAuthConfiguration oAuthConfiguration) throws CstOAuthTokenServiceException {
        Optional oAuthRefreshToken = this.connectedSystemExternalSystemService.getOAuthRefreshToken(str);
        try {
            if (!oAuthRefreshToken.isPresent()) {
                LOG.debug("No refresh token existed for connected system: " + str);
                throw CstOAuthTokenServiceException.RefreshTokenNotFound();
            }
            OAuthTokenResponse refreshSAMLToken = this.oAuthTokenRetriever.refreshSAMLToken(oAuthConfiguration, (String) oAuthRefreshToken.get());
            if (refreshSAMLToken.isSuccess()) {
                LOG.trace("Successful SAML access token refresh. Printing refresh response: " + refreshSAMLToken);
                return persistToken(str, refreshSAMLToken);
            }
            LOG.debug("Error while trying to refresh saml access token. Printing refresh response: " + refreshSAMLToken);
            throw CstOAuthTokenServiceException.UnableToRefreshToken();
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    private String persistToken(String str, OAuthTokenResponse oAuthTokenResponse) {
        ProductMetricsAggregatedDataCollector.recordData("connectedSystems.oauth.refresh.success");
        LOG.debug("Refresh token received, attempting to store new token and retry request");
        String accessToken = oAuthTokenResponse.getAccessToken();
        try {
            this.connectedSystemExternalSystemService.persistToken(str, accessToken, oAuthTokenResponse.getExpiresIn(), oAuthTokenResponse.getRefreshToken());
            if (LOG.isDebugEnabled()) {
                LOG.debug("Using the new access token. Printing refresh response: " + oAuthTokenResponse.toString());
            }
        } catch (ObjectNotFoundException e) {
            LOG.error("Error persisting refreshed OAuth access token: " + e);
        }
        return accessToken;
    }
}
