package com.checkmarx.sdk.service;

import com.checkmarx.sdk.config.CxGoProperties;
import com.checkmarx.sdk.dto.cx.CxGoAuthResponse;
import java.time.LocalDateTime;
import java.util.Optional;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.json.JSONException;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.CacheControl;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Service;
import org.springframework.web.client.HttpStatusCodeException;
import org.springframework.web.client.RestTemplate;

@Service
/* loaded from: input_file:com/checkmarx/sdk/service/CxGoAuthService.class */
public class CxGoAuthService {
    private static final Logger log = LoggerFactory.getLogger(CxGoAuthService.class);
    private final CxGoProperties cxGoProperties;
    private final RestTemplate restTemplate;
    private CxGoAuthResponse token = null;
    private LocalDateTime tokenExpires = null;
    private static final String GET_SESSION_TOKEN = "/v1/auth/login";
    private static final String GRANT_TYPE = "client_credentials";

    public CxGoAuthService(CxGoProperties cxGoProperties, @Qualifier("cxRestTemplate") RestTemplate restTemplate) {
        this.cxGoProperties = cxGoProperties;
        this.restTemplate = restTemplate;
    }

    private void getAuthToken(String str) {
        try {
            HttpHeaders httpHeaders = new HttpHeaders();
            httpHeaders.setContentType(MediaType.APPLICATION_JSON);
            httpHeaders.setCacheControl(CacheControl.noCache());
            this.token = (CxGoAuthResponse) this.restTemplate.postForObject(this.cxGoProperties.getUrl().concat(GET_SESSION_TOKEN), new HttpEntity(getJSONTokenReq(str), httpHeaders), CxGoAuthResponse.class, new Object[0]);
            LocalDateTime now = LocalDateTime.now();
            this.tokenExpires = (LocalDateTime) Optional.ofNullable(this.token).map(cxGoAuthResponse -> {
                return now.plusSeconds(cxGoAuthResponse.getExpiresIn().longValue() - 500);
            }).orElse(now);
        } catch (HttpStatusCodeException e) {
            log.error("Error occurred while getting AuthToken, http error {}", e.getStatusCode());
            log.error(ExceptionUtils.getStackTrace(e));
        }
    }

    public HttpHeaders createAuthHeaders() {
        return createAuthHeaders(null);
    }

    public HttpHeaders createAuthHeaders(String str) {
        if (this.token == null || isTokenExpired()) {
            getAuthToken(str);
        }
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        httpHeaders.setCacheControl(CacheControl.noCache());
        httpHeaders.set("Authorization", "Bearer ".concat(this.token.getIdToken()));
        return httpHeaders;
    }

    private boolean isTokenExpired() {
        if (this.tokenExpires == null) {
            return true;
        }
        return LocalDateTime.now().isAfter(this.tokenExpires);
    }

    private String getJSONTokenReq(String str) {
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("grant_type", GRANT_TYPE);
            jSONObject.put("token", getEffectiveClientSecret(str));
        } catch (JSONException e) {
            log.error("Error creating JSON Token Request object - JSON object will be empty", e);
        }
        return jSONObject.toString();
    }

    private String getEffectiveClientSecret(String str) {
        String clientSecret;
        if (StringUtils.isNotEmpty(str)) {
            log.info("Using client secret override.");
            clientSecret = str;
        } else {
            clientSecret = this.cxGoProperties.getClientSecret();
        }
        return clientSecret;
    }
}
