package com.github.twitch4j.shaded.p0001_15_0.com.github.philippheuer.credentialmanager.identityprovider;

import com.github.twitch4j.shaded.p0001_15_0.com.fasterxml.jackson.core.type.TypeReference;
import com.github.twitch4j.shaded.p0001_15_0.com.fasterxml.jackson.databind.ObjectMapper;
import com.github.twitch4j.shaded.p0001_15_0.com.github.philippheuer.credentialmanager.domain.Credential;
import com.github.twitch4j.shaded.p0001_15_0.com.github.philippheuer.credentialmanager.domain.IdentityProvider;
import com.github.twitch4j.shaded.p0001_15_0.com.github.philippheuer.credentialmanager.domain.OAuth2Credential;
import com.github.twitch4j.shaded.p0001_15_0.com.github.philippheuer.credentialmanager.util.ProxyHelper;
import com.github.twitch4j.shaded.p0001_15_0.com.github.twitch4j.helix.interceptor.TwitchHelixClientIdInterceptor;
import com.github.twitch4j.shaded.p0001_15_0.okhttp3.FormBody;
import com.github.twitch4j.shaded.p0001_15_0.okhttp3.Headers;
import com.github.twitch4j.shaded.p0001_15_0.okhttp3.HttpUrl;
import com.github.twitch4j.shaded.p0001_15_0.okhttp3.MediaType;
import com.github.twitch4j.shaded.p0001_15_0.okhttp3.OkHttpClient;
import com.github.twitch4j.shaded.p0001_15_0.okhttp3.Request;
import com.github.twitch4j.shaded.p0001_15_0.okhttp3.RequestBody;
import com.github.twitch4j.shaded.p0001_15_0.okhttp3.Response;
import com.github.twitch4j.shaded.p0001_15_0.okhttp3.logging.HttpLoggingInterceptor;
import com.github.twitch4j.shaded.p0001_15_0.org.apache.commons.lang3.StringUtils;
import com.github.twitch4j.shaded.p0001_15_0.org.apache.commons.lang3.exception.ContextedRuntimeException;
import com.github.twitch4j.shaded.p0001_15_0.org.slf4j.Logger;
import com.github.twitch4j.shaded.p0001_15_0.org.slf4j.LoggerFactory;
import java.net.Proxy;
import java.net.URLEncoder;
import java.time.Instant;
import java.util.Base64;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.UUID;
import java.util.stream.Collectors;

/* loaded from: input_file:com/github/twitch4j/shaded/1_15_0/com/github/philippheuer/credentialmanager/identityprovider/OAuth2IdentityProvider.class */
public abstract class OAuth2IdentityProvider extends IdentityProvider {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) OAuth2IdentityProvider.class);
    protected static final ObjectMapper OBJECTMAPPER = new ObjectMapper();
    protected OkHttpClient httpClient;
    protected String clientId;
    protected String clientSecret;
    protected String authUrl;
    protected String tokenUrl;
    protected String redirectUrl;
    protected String scopeSeperator;
    protected String responseType;
    protected String tokenEndpointPostType;

    public OAuth2IdentityProvider(String str, String str2, String str3, String str4, String str5, String str6, String str7) {
        this(str, str2, str3, str4, str5, str6, str7, ProxyHelper.selectProxy());
    }

    public OAuth2IdentityProvider(String str, String str2, String str3, String str4, String str5, String str6, String str7, Proxy proxy) {
        this.httpClient = new OkHttpClient();
        this.scopeSeperator = StringUtils.SPACE;
        this.responseType = "code";
        this.tokenEndpointPostType = "QUERY";
        this.providerName = str;
        this.providerType = str2;
        this.clientId = str3 == null ? "" : str3;
        this.clientSecret = str4 == null ? "" : str4;
        this.authUrl = str5;
        this.tokenUrl = str6;
        this.redirectUrl = str7;
        if (proxy != null) {
            this.httpClient = this.httpClient.newBuilder().proxy(proxy).build();
        }
    }

    public void enableLoggingInterceptor() {
        HttpLoggingInterceptor httpLoggingInterceptor = new HttpLoggingInterceptor();
        httpLoggingInterceptor.setLevel(HttpLoggingInterceptor.Level.BODY);
        this.httpClient = this.httpClient.newBuilder().addInterceptor(httpLoggingInterceptor).build();
    }

    public String getAuthenticationUrl(List<Object> list, String str) {
        return getAuthenticationUrl(this.redirectUrl, list, str);
    }

    public String getAuthenticationUrl(String str, List<Object> list, String str2) {
        if (str2 == null) {
            str2 = this.providerName + "|" + UUID.randomUUID();
        }
        return String.format("%s?response_type=%s&client_id=%s&redirect_uri=%s&scope=%s&state=%s", this.authUrl, URLEncoder.encode(this.responseType, "UTF-8"), URLEncoder.encode(this.clientId, "UTF-8"), URLEncoder.encode(str, "UTF-8"), String.join(this.scopeSeperator, (Iterable<? extends CharSequence>) list.stream().map(obj -> {
            return obj.toString();
        }).collect(Collectors.toList())), URLEncoder.encode(str2, "UTF-8"));
    }

    public OAuth2Credential getCredentialByCode(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("client_id", this.clientId);
        hashMap.put("client_secret", this.clientSecret);
        hashMap.put("grant_type", "authorization_code");
        hashMap.put("code", str);
        hashMap.put("redirect_uri", this.redirectUrl);
        try {
            Request tokenRequest = getTokenRequest(hashMap, Collections.emptyMap());
            Response execute = this.httpClient.newCall(tokenRequest).execute();
            String string = execute.body().string();
            if (!execute.isSuccessful()) {
                throw new ContextedRuntimeException("getCredentialByCode request failed!").addContextValue("requestUrl", (Object) tokenRequest.url()).addContextValue("requestHeaders", (Object) tokenRequest.headers()).addContextValue("requestBody", (Object) tokenRequest.body()).addContextValue("responseCode", (Object) Integer.valueOf(execute.code())).addContextValue("responseBody", (Object) string);
            }
            Map map = (Map) OBJECTMAPPER.readValue(string, new TypeReference<HashMap<String, Object>>() { // from class: com.github.twitch4j.shaded.1_15_0.com.github.philippheuer.credentialmanager.identityprovider.OAuth2IdentityProvider.1
            });
            return new OAuth2Credential(this.providerName, (String) map.get("access_token"), (String) map.get("refresh_token"), null, null, (Integer) map.get("expires_in"), null);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public OAuth2Credential getCredentialByUsernameAndPassword(String str, String str2) {
        return getScopedCredentialByUsernameAndPassword(str, str2, null);
    }

    public OAuth2Credential getScopedCredentialByUsernameAndPassword(String str, String str2, String str3) {
        HashMap hashMap = new HashMap();
        hashMap.put("grant_type", "password");
        hashMap.put("username", str);
        hashMap.put("password", str2);
        if (StringUtils.isNotBlank(str3)) {
            hashMap.put("scope", str3);
        }
        HashMap hashMap2 = new HashMap();
        hashMap2.put(TwitchHelixClientIdInterceptor.AUTH_HEADER, "Basic " + Base64.getEncoder().encodeToString((this.clientId + ":" + this.clientSecret).getBytes()));
        try {
            Request tokenRequest = getTokenRequest(hashMap, hashMap2);
            Response execute = this.httpClient.newCall(tokenRequest).execute();
            try {
                String string = execute.body().string();
                if (!execute.isSuccessful()) {
                    throw new ContextedRuntimeException("get credential request failed!").addContextValue("requestUrl", (Object) tokenRequest.url()).addContextValue("requestHeaders", (Object) tokenRequest.headers()).addContextValue("requestBody", (Object) tokenRequest.body()).addContextValue("responseCode", (Object) Integer.valueOf(execute.code())).addContextValue("responseBody", (Object) string);
                }
                Map map = (Map) OBJECTMAPPER.readValue(string, new TypeReference<HashMap<String, Object>>() { // from class: com.github.twitch4j.shaded.1_15_0.com.github.philippheuer.credentialmanager.identityprovider.OAuth2IdentityProvider.2
                });
                OAuth2Credential oAuth2Credential = new OAuth2Credential(this.providerName, (String) map.get("access_token"), (String) map.get("refresh_token"), null, null, (Integer) map.get("expires_in"), null);
                if (execute != null) {
                    execute.close();
                }
                return oAuth2Credential;
            } finally {
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public Optional<OAuth2Credential> refreshCredential(OAuth2Credential oAuth2Credential) {
        HashMap hashMap = new HashMap();
        hashMap.put("client_id", this.clientId);
        hashMap.put("client_secret", this.clientSecret);
        hashMap.put("grant_type", "refresh_token");
        hashMap.put("refresh_token", oAuth2Credential.getRefreshToken());
        try {
            if (oAuth2Credential.getRefreshToken() == null) {
                throw new UnsupportedOperationException("Attempting to refresh a credential that has no refresh token.");
            }
            Response execute = this.httpClient.newCall(getTokenRequest(hashMap, Collections.emptyMap())).execute();
            try {
                String string = execute.body().string();
                if (!execute.isSuccessful()) {
                    throw new RuntimeException("refreshCredential request failed! " + execute.code() + ": " + string);
                }
                Map map = (Map) OBJECTMAPPER.readValue(string, new TypeReference<HashMap<String, Object>>() { // from class: com.github.twitch4j.shaded.1_15_0.com.github.philippheuer.credentialmanager.identityprovider.OAuth2IdentityProvider.3
                });
                Optional<OAuth2Credential> of = Optional.of(new OAuth2Credential(this.providerName, (String) map.get("access_token"), (String) map.get("refresh_token"), null, null, (Integer) map.get("expires_in"), null));
                if (execute != null) {
                    execute.close();
                }
                return of;
            } finally {
            }
        } catch (Exception e) {
            return Optional.empty();
        }
    }

    public OAuth2Credential getAppAccessToken() {
        return getAppAccessToken(null);
    }

    public OAuth2Credential getAppAccessToken(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("client_id", this.clientId);
        hashMap.put("client_secret", this.clientSecret);
        hashMap.put("grant_type", "client_credentials");
        if (StringUtils.isNotBlank(str)) {
            hashMap.put("scope", str);
        }
        try {
            Response execute = this.httpClient.newCall(getTokenRequest(hashMap, Collections.emptyMap())).execute();
            try {
                String string = execute.body().string();
                if (!execute.isSuccessful()) {
                    throw new RuntimeException("getCredentialByClientCredentials request failed! " + execute.code() + ": " + string);
                }
                Map map = (Map) OBJECTMAPPER.readValue(string, new TypeReference<HashMap<String, Object>>() { // from class: com.github.twitch4j.shaded.1_15_0.com.github.philippheuer.credentialmanager.identityprovider.OAuth2IdentityProvider.4
                });
                OAuth2Credential oAuth2Credential = new OAuth2Credential(this.providerName, (String) map.get("access_token"), (String) map.get("refresh_token"), null, null, (Integer) map.get("expires_in"), null);
                if (execute != null) {
                    execute.close();
                }
                return oAuth2Credential;
            } finally {
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public abstract Optional<OAuth2Credential> getAdditionalCredentialInformation(OAuth2Credential oAuth2Credential);

    private Request getTokenRequest(Map<String, String> map, Map<String, String> map2) {
        Request build;
        String upperCase = this.tokenEndpointPostType.toUpperCase();
        boolean z = -1;
        switch (upperCase.hashCode()) {
            case 2044322:
                if (upperCase.equals("BODY")) {
                    z = true;
                    break;
                }
                break;
            case 77406376:
                if (upperCase.equals("QUERY")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                HttpUrl.Builder newBuilder = HttpUrl.parse(this.tokenUrl).newBuilder();
                Objects.requireNonNull(newBuilder);
                map.forEach(newBuilder::addQueryParameter);
                build = new Request.Builder().url(newBuilder.build().toString()).post(RequestBody.create(new byte[0], (MediaType) null)).headers(Headers.of(map2)).build();
                break;
            case true:
                FormBody.Builder builder = new FormBody.Builder();
                Objects.requireNonNull(builder);
                map.forEach(builder::add);
                build = new Request.Builder().url(this.tokenUrl).post(builder.build()).headers(Headers.of(map2)).build();
                break;
            default:
                throw new UnsupportedOperationException("Unknown tokenEndpointPostType: " + this.tokenEndpointPostType);
        }
        return build;
    }

    @Override // com.github.twitch4j.shaded.p0001_15_0.com.github.philippheuer.credentialmanager.domain.IdentityProvider
    public boolean isValid(Credential credential) {
        if (!(credential instanceof OAuth2Credential)) {
            return false;
        }
        OAuth2Credential oAuth2Credential = (OAuth2Credential) credential;
        return (oAuth2Credential.getReceivedAt() == null || oAuth2Credential.getExpiresIn() == null || oAuth2Credential.getReceivedAt().plusSeconds((long) oAuth2Credential.getExpiresIn().intValue()).compareTo(Instant.now()) <= 0) ? false : true;
    }

    @Override // com.github.twitch4j.shaded.p0001_15_0.com.github.philippheuer.credentialmanager.domain.IdentityProvider
    public boolean renew(Credential credential) {
        if (!(credential instanceof OAuth2Credential)) {
            return false;
        }
        OAuth2Credential oAuth2Credential = (OAuth2Credential) credential;
        Optional<OAuth2Credential> refreshCredential = refreshCredential(oAuth2Credential);
        if (!refreshCredential.isPresent()) {
            return false;
        }
        oAuth2Credential.updateCredential(refreshCredential.get());
        return true;
    }
}
