package com.appiancorp.connectedsystems.http.oauth;

import com.appiancorp.encryption.InternalEncryptionService;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import org.apache.log4j.Logger;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader;

/* loaded from: input_file:com/appiancorp/connectedsystems/http/oauth/HttpOAuthTokenRetriever.class */
public class HttpOAuthTokenRetriever implements OAuthTokenRetriever {
    private static final Logger LOG = Logger.getLogger(HttpOAuthTokenRetriever.class);
    private final InternalEncryptionService encryptionService;
    private final BaseOAuthTokenRetriever baseOAuthTokenRetriever;

    public HttpOAuthTokenRetriever(InternalEncryptionService internalEncryptionService, BaseOAuthTokenRetriever baseOAuthTokenRetriever) {
        this.encryptionService = internalEncryptionService;
        this.baseOAuthTokenRetriever = baseOAuthTokenRetriever;
    }

    @Override // com.appiancorp.connectedsystems.http.oauth.OAuthTokenRetriever
    public OAuthTokenResponse retrieveToken(OAuthConfiguration oAuthConfiguration, String str, String str2) throws UnsupportedEncodingException {
        return this.baseOAuthTokenRetriever.retrieveToken(decryptClientSecret(oAuthConfiguration), str, str2);
    }

    @Override // com.appiancorp.connectedsystems.http.oauth.OAuthTokenRetriever
    public OAuthTokenResponse retrieveSystemToken(OAuthConfiguration oAuthConfiguration) throws UnsupportedEncodingException {
        return this.baseOAuthTokenRetriever.retrieveSystemToken(decryptClientSecret(oAuthConfiguration));
    }

    @Override // com.appiancorp.connectedsystems.http.oauth.OAuthTokenRetriever
    public OAuthTokenResponse retrieveGsaToken(GSAConfiguration gSAConfiguration) {
        generatePrivateKey(gSAConfiguration);
        return this.baseOAuthTokenRetriever.retrieveGsaToken(gSAConfiguration);
    }

    private void generatePrivateKey(GSAConfiguration gSAConfiguration) {
        PemObject readPemObject;
        PrivateKey privateKey = null;
        try {
            readPemObject = new PemReader(new InputStreamReader(new ByteArrayInputStream(decrypt(gSAConfiguration.getGsaPrivateKeyString()).replace("\\n", "\n").getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8)).readPemObject();
        } catch (IOException | NoSuchAlgorithmException | InvalidKeySpecException e) {
            LOG.debug("Could not generate the private key");
        }
        if (readPemObject == null) {
            throw new IOException("Error reading private key");
        }
        privateKey = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(readPemObject.getContent()));
        gSAConfiguration.setGsaPrivateKey(privateKey);
    }

    @Override // com.appiancorp.connectedsystems.http.oauth.OAuthTokenRetriever
    public OAuthTokenResponse refreshToken(OAuthConfiguration oAuthConfiguration, String str) throws UnsupportedEncodingException {
        return this.baseOAuthTokenRetriever.refreshToken(decryptClientSecret(oAuthConfiguration), str);
    }

    @Override // com.appiancorp.connectedsystems.http.oauth.OAuthTokenRetriever
    public OAuthTokenResponse refreshSAMLToken(OAuthConfiguration oAuthConfiguration, String str) throws UnsupportedEncodingException {
        return this.baseOAuthTokenRetriever.refreshSAMLToken(decryptClientSecret(oAuthConfiguration), str);
    }

    @Override // com.appiancorp.connectedsystems.http.oauth.OAuthTokenRetriever
    public OAuthTokenResponse retrieveSAMLToken(OAuthConfiguration oAuthConfiguration, String str) throws UnsupportedEncodingException {
        return this.baseOAuthTokenRetriever.retrieveSAMLToken(decryptClientSecret(oAuthConfiguration), str);
    }

    private OAuthConfiguration decryptClientSecret(OAuthConfiguration oAuthConfiguration) {
        return oAuthConfiguration.setClientSecret(decrypt(oAuthConfiguration.getClientSecret()));
    }

    private String decrypt(String str) {
        String decryptFromString;
        return (str == null || (decryptFromString = this.encryptionService.decryptFromString(str)) == null) ? "" : decryptFromString;
    }
}
