package com.ibm.team.jfs.app.oauth;

import com.ibm.team.http.client.IHttpClientService;
import com.ibm.team.jfs.app.RequestParams;
import com.ibm.team.jfs.app.discovery.utils.RootServicesUtil;
import com.ibm.team.jfs.app.friendsconfig.FriendsConfig;
import com.ibm.team.jfs.app.friendsconfig.IFriend;
import com.ibm.team.jfs.app.http.JfsHttpException;
import com.ibm.team.jfs.app.http.util.HostUtil;
import com.ibm.team.jfs.app.oauth.OAuthClientException;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.StringTokenizer;
import net.oauth.OAuth;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.EncoderException;
import org.apache.commons.codec.net.URLCodec;
import org.apache.http.HttpException;
import org.apache.http.HttpRequest;
import org.apache.http.HttpResponse;
import org.apache.http.cookie.Cookie;
import org.apache.http.protocol.HttpDateGenerator;

/* loaded from: input_file:com.ibm.team.jfs.app.oauth.jar:com/ibm/team/jfs/app/oauth/OAuthPassthruClient.class */
public class OAuthPassthruClient {
    static final URLCodec CODEC = new URLCodec();
    static final String COOKIE_ACCESS_PREFIX = "jfs-oauth-access";
    static final String COOKIE_ACCESS_SECRET = "jfs-oauth-access_token-secret";
    static final String COOKIE_ACCESS_TOKEN = "jfs-oauth-access-token";
    static final String COOKIE_REALM_MAPPING = "jfs-oauth-realm-mapping";
    static final String HEADER_SET_COOKIE = "Set-Cookie";
    static final String HEADER_WEB_AUTH_MSG = "X-com-ibm-team-repository-web-auth-msg";
    static final String HEADER_WEB_OAUTH_URL = "X-jazz-web-oauth-url";
    static final String THE_PAST;
    IHttpClientService httpClient;
    HttpRequest originalRequest;
    HttpResponse originalResponse;
    private static /* synthetic */ int[] $SWITCH_TABLE$com$ibm$team$jfs$app$oauth$OAuthClientException$Type;
    Map<IFriend, OAuthProperties> map = new HashMap();
    Map<String, Cookie> accessCookies = new HashMap();
    Map<IFriend, OAuthAccessToken> accessTokens = new HashMap();
    Map<String, String> realmIndices = new HashMap();

    static {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss zzz", Locale.US);
        simpleDateFormat.setTimeZone(HttpDateGenerator.GMT);
        THE_PAST = simpleDateFormat.format(new Date(0L));
    }

    static HttpException wrapped(Exception exc) {
        return new HttpException(exc.getMessage(), exc);
    }

    public OAuthPassthruClient(HttpRequest httpRequest, HttpResponse httpResponse, IHttpClientService iHttpClientService) {
        this.originalRequest = httpRequest;
        this.originalResponse = httpResponse;
        this.httpClient = iHttpClientService;
        initFromCookies(RequestParams.getCookies(httpRequest.getParams()));
    }

    void authorizeRequest(IFriend iFriend, HttpRequest httpRequest) throws IOException {
        OAuthProperties oAuthProperties;
        OAuthAccessToken oAuthAccessToken;
        if (iFriend == null || (oAuthAccessToken = getOAuthAccessToken(iFriend, (oAuthProperties = getOAuthProperties(iFriend)))) == null) {
            return;
        }
        try {
            OAuthHelper.addAuthorizationHeader(httpRequest, oAuthProperties.getOauthConsumerProperties(), oAuthAccessToken);
        } catch (IOException e) {
            OAuthClientException.throwNoAccess(iFriend, oAuthProperties, this.originalRequest, e);
        } catch (URISyntaxException e2) {
            OAuthClientException.throwNoAccess(iFriend, oAuthProperties, this.originalRequest, e2);
        }
    }

    void checkResponse(IFriend iFriend, HttpResponse httpResponse, HttpRequest httpRequest) throws OAuthClientException {
        if (httpResponse.getHeaders(HEADER_WEB_AUTH_MSG).length == 1) {
            throw new OAuthClientException(iFriend, httpRequest, null, OAuthClientException.Type.NO_ACCESS);
        }
        try {
            OAuthHelper.checkUnauthorizedResponse(httpResponse);
        } catch (OAuthInvalidConsumerKeyException e) {
            throw new OAuthClientException(null, httpRequest, e, OAuthClientException.Type.BAD_CONSUMER_KEY);
        } catch (OAuthInvalidOrExpiredTokenException e2) {
            throw new OAuthClientException(iFriend, httpRequest, e2, OAuthClientException.Type.INVALID_OR_EXPIRED);
        } catch (OAuthInvalidSignatureException e3) {
            e3.printStackTrace();
        } catch (OAuthTokenRequestFailedException e4) {
            e4.printStackTrace();
        }
    }

    OAuthProperties createOAuthProperties(IFriend iFriend) throws IOException {
        RootServicesUtil instance = RootServicesUtil.instance(iFriend.getRootServicesLocation().toString());
        try {
            return new OAuthProperties(HostUtil.uriToHost(iFriend.getRootServicesLocation().toString()), new OAuthConsumerProperties(iFriend.getOauthConsumerKey(), iFriend.getOauthConsumerSecret()), new OAuthProviderProperties(instance.getOauthRequestTokenUrl(), instance.getOauthUserAuthorizationUrl(), instance.getOauthAccessTokenUrl()));
        } catch (URISyntaxException e) {
            throw new RuntimeException(e);
        }
    }

    OAuthAccessToken getOAuthAccessToken(IFriend iFriend, OAuthProperties oAuthProperties) {
        if (this.accessTokens.containsKey(iFriend)) {
            return this.accessTokens.get(iFriend);
        }
        OAuthAccessToken oAuthAccessToken = null;
        String uri = oAuthProperties.getHost().toURI();
        String str = this.realmIndices.get(uri);
        if (str == null) {
            str = Integer.toString(this.realmIndices.size());
            this.realmIndices.put(uri, str);
            setCookie(COOKIE_REALM_MAPPING, realmMapCookieValue());
        } else {
            oAuthAccessToken = OAuthHelper.getAccessTokenFromRequest(this.originalRequest, "jfs-oauth-access-token" + str, "jfs-oauth-access_token-secret" + str);
        }
        if (oAuthAccessToken == null) {
            try {
                OAuthRequestToken authorizedRequestTokenFromRequest = OAuthHelper.getAuthorizedRequestTokenFromRequest(this.originalRequest);
                if (authorizedRequestTokenFromRequest != null) {
                    if (OAuth.decodeForm(new URI(this.originalRequest.getRequestLine().getUri()).getRawQuery()).size() == 2) {
                        String uri2 = this.originalRequest.getRequestLine().getUri();
                        this.originalResponse.addHeader("Content-Location", uri2.substring(0, uri2.indexOf(63)));
                    }
                    oAuthAccessToken = OAuthHelper.exchangeRequestTokenForAccessToken(oAuthProperties.getOauthProviderProperties(), oAuthProperties.getOauthConsumerProperties(), authorizedRequestTokenFromRequest);
                    setCookie("jfs-oauth-access-token" + str, oAuthAccessToken.token);
                    setCookie("jfs-oauth-access_token-secret" + str, oAuthAccessToken.secret);
                }
            } catch (JfsHttpException e) {
                OAuthClientException.throwNoAccess(iFriend, oAuthProperties, this.originalRequest, e);
            } catch (IOException e2) {
                OAuthClientException.throwNoAccess(iFriend, oAuthProperties, this.originalRequest, e2);
            } catch (URISyntaxException e3) {
                OAuthClientException.throwNoAccess(iFriend, oAuthProperties, this.originalRequest, e3);
            }
        }
        this.accessTokens.put(iFriend, oAuthAccessToken);
        return oAuthAccessToken;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.util.Map<com.ibm.team.jfs.app.friendsconfig.IFriend, com.ibm.team.jfs.app.oauth.OAuthProperties>] */
    /* JADX WARN: Type inference failed for: r0v2, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v8, types: [com.ibm.team.jfs.app.oauth.OAuthProperties] */
    OAuthProperties getOAuthProperties(IFriend iFriend) throws IOException {
        ?? r0 = this.map;
        synchronized (r0) {
            OAuthProperties oAuthProperties = this.map.get(iFriend);
            if (oAuthProperties == null) {
                Map<IFriend, OAuthProperties> map = this.map;
                OAuthProperties createOAuthProperties = createOAuthProperties(iFriend);
                oAuthProperties = createOAuthProperties;
                map.put(iFriend, createOAuthProperties);
            }
            r0 = oAuthProperties;
        }
        return r0;
    }

    void initFromCookies(Cookie[] cookieArr) {
        try {
            for (Cookie cookie : cookieArr) {
                String name = cookie.getName();
                if (COOKIE_REALM_MAPPING.equalsIgnoreCase(name)) {
                    StringTokenizer stringTokenizer = new StringTokenizer(CODEC.decode(cookie.getValue()), "&");
                    while (stringTokenizer.hasMoreTokens()) {
                        String nextToken = stringTokenizer.nextToken();
                        int indexOf = nextToken.indexOf(61);
                        this.realmIndices.put(nextToken.substring(0, indexOf), nextToken.substring(indexOf + 1));
                    }
                } else if (name.startsWith(COOKIE_ACCESS_PREFIX)) {
                    this.accessCookies.put(name, cookie);
                }
            }
        } catch (DecoderException e) {
            e.printStackTrace();
            this.accessCookies.clear();
        }
    }

    String realmMapCookieValue() {
        StringBuilder sb = new StringBuilder();
        for (String str : this.realmIndices.keySet()) {
            if (sb.length() != 0) {
                sb.append('&');
            }
            sb.append(str);
            sb.append('=');
            sb.append(this.realmIndices.get(str));
        }
        try {
            return CODEC.encode(sb.toString());
        } catch (EncoderException unused) {
            return new String();
        }
    }

    void removeCookie(String str) {
        this.originalResponse.addHeader("Set-Cookie", String.valueOf(str) + "=; expires=" + THE_PAST + "; path=" + RequestParams.getContextPath(this.originalRequest.getParams()));
    }

    public HttpResponse send(HttpRequest httpRequest) throws HttpException, IOException, OAuthClientException {
        try {
            String uri = httpRequest.getRequestLine().getUri();
            IFriend friendMatchForOauthDomain = FriendsConfig.getFriendsConfig().getFriendMatchForOauthDomain(uri);
            if (friendMatchForOauthDomain != null) {
                authorizeRequest(friendMatchForOauthDomain, httpRequest);
            }
            HttpResponse send = this.httpClient.send(HostUtil.uriToHost(uri), httpRequest);
            checkResponse(friendMatchForOauthDomain, send, httpRequest);
            return send;
        } catch (URISyntaxException e) {
            throw wrapped(e);
        }
    }

    void setCookie(String str, String str2) {
        this.originalResponse.addHeader("Set-Cookie", String.valueOf(str) + '=' + str2 + "; Path=" + RequestParams.getContextPath(this.originalRequest.getParams()));
    }

    public void updateResponseFor(OAuthClientException oAuthClientException) throws IOException, URISyntaxException, JfsHttpException {
        OAuthProperties oAuthProperties = getOAuthProperties(oAuthClientException.friend);
        switch ($SWITCH_TABLE$com$ibm$team$jfs$app$oauth$OAuthClientException$Type()[oAuthClientException.type.ordinal()]) {
            case 1:
                break;
            case 2:
                String str = this.realmIndices.get(oAuthProperties.getHost().toURI());
                removeCookie("jfs-oauth-access-token" + str);
                removeCookie("jfs-oauth-access_token-secret" + str);
                break;
            default:
                return;
        }
        OAuthProviderProperties oauthProviderProperties = oAuthProperties.getOauthProviderProperties();
        this.originalResponse.setHeader("X-jazz-web-oauth-url", OAuthHelper.buildAuthorizationRedirectURL(oauthProviderProperties, this.originalRequest.getRequestLine().getUri(), OAuthHelper.getNewRequestTokenFromProvider(oauthProviderProperties, oAuthProperties.getOauthConsumerProperties())));
        this.originalResponse.setStatusCode(401);
    }

    static /* synthetic */ int[] $SWITCH_TABLE$com$ibm$team$jfs$app$oauth$OAuthClientException$Type() {
        int[] iArr = $SWITCH_TABLE$com$ibm$team$jfs$app$oauth$OAuthClientException$Type;
        if (iArr != null) {
            return iArr;
        }
        int[] iArr2 = new int[OAuthClientException.Type.valuesCustom().length];
        try {
            iArr2[OAuthClientException.Type.BAD_CONSUMER_KEY.ordinal()] = 3;
        } catch (NoSuchFieldError unused) {
        }
        try {
            iArr2[OAuthClientException.Type.INVALID_OR_EXPIRED.ordinal()] = 2;
        } catch (NoSuchFieldError unused2) {
        }
        try {
            iArr2[OAuthClientException.Type.NO_ACCESS.ordinal()] = 1;
        } catch (NoSuchFieldError unused3) {
        }
        $SWITCH_TABLE$com$ibm$team$jfs$app$oauth$OAuthClientException$Type = iArr2;
        return iArr2;
    }
}
