package de.adorsys.xs2a.adapter.service;

import de.adorsys.xs2a.adapter.adapter.AbstractService;
import de.adorsys.xs2a.adapter.adapter.BaseOauth2Service;
import de.adorsys.xs2a.adapter.adapter.CertificateSubjectClientIdOauth2Service;
import de.adorsys.xs2a.adapter.adapter.PkceOauth2Service;
import de.adorsys.xs2a.adapter.http.HttpClient;
import de.adorsys.xs2a.adapter.http.StringUri;
import de.adorsys.xs2a.adapter.http.UriBuilder;
import de.adorsys.xs2a.adapter.service.Oauth2Service;
import de.adorsys.xs2a.adapter.service.model.Aspsp;
import de.adorsys.xs2a.adapter.service.model.TokenResponse;
import de.adorsys.xs2a.adapter.validation.ValidationError;
import java.io.IOException;
import java.net.URI;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:BOOT-INF/lib/comdirect-adapter-0.0.9.jar:de/adorsys/xs2a/adapter/service/ComdirectOauth2Service.class */
public class ComdirectOauth2Service extends AbstractService implements Oauth2Service, PkceOauth2Extension {
    private static final String SCA_OAUTH_LINK_MISSING_ERROR_MESSAGE = "SCA OAuth link is missing or has a wrong format: it has to be either provided as a request parameter or preconfigured for the current ASPSP";
    private final Oauth2Service oauth2Service;
    private final String baseUrl;
    private final Aspsp aspsp;

    private ComdirectOauth2Service(Oauth2Service oauth2Service, String str, Aspsp aspsp, HttpClient httpClient) {
        super(httpClient);
        this.oauth2Service = oauth2Service;
        this.baseUrl = str;
        this.aspsp = aspsp;
    }

    public static ComdirectOauth2Service create(Aspsp aspsp, HttpClient httpClient, Pkcs12KeyStore pkcs12KeyStore) {
        return new ComdirectOauth2Service(new PkceOauth2Service(new CertificateSubjectClientIdOauth2Service(new BaseOauth2Service(aspsp, httpClient), pkcs12KeyStore)), aspsp.getIdpUrl() != null ? aspsp.getIdpUrl() : aspsp.getUrl(), aspsp, httpClient);
    }

    @Override // de.adorsys.xs2a.adapter.service.Oauth2Service
    public URI getAuthorizationRequestUri(Map<String, String> map, Oauth2Service.Parameters parameters) throws IOException {
        requireValid(validateGetAuthorizationRequestUri(map, parameters));
        parameters.setAuthorizationEndpoint(parameters.removeScaOAuthLink());
        return UriBuilder.fromUri(this.oauth2Service.getAuthorizationRequestUri(map, parameters)).queryParam("scope", scope(parameters)).build();
    }

    @Override // de.adorsys.xs2a.adapter.validation.Oauth2ValidationService
    public List<ValidationError> validateGetAuthorizationRequestUri(Map<String, String> map, Oauth2Service.Parameters parameters) {
        ArrayList arrayList = new ArrayList(this.oauth2Service.validateGetAuthorizationRequestUri(map, parameters));
        if (StringUtils.isBlank(getScaOAuthUrl(parameters))) {
            arrayList.add(new ValidationError(ValidationError.Code.REQUIRED, Oauth2Service.Parameters.SCA_OAUTH_LINK, SCA_OAUTH_LINK_MISSING_ERROR_MESSAGE));
        }
        return Collections.unmodifiableList(arrayList);
    }

    private String scope(Oauth2Service.Parameters parameters) {
        if (parameters.getConsentId() != null) {
            return "AIS:" + parameters.getConsentId();
        }
        return null;
    }

    @Override // de.adorsys.xs2a.adapter.service.Oauth2Service
    public TokenResponse getToken(Map<String, String> map, Oauth2Service.Parameters parameters) throws IOException {
        parameters.removeScaOAuthLink();
        parameters.setTokenEndpoint(StringUri.fromElements(this.baseUrl, "/v1/token"));
        return this.oauth2Service.getToken(map, parameters);
    }

    private String getScaOAuthUrl(Oauth2Service.Parameters parameters) {
        String scaOAuthLink = parameters.getScaOAuthLink();
        if (StringUtils.isBlank(scaOAuthLink)) {
            scaOAuthLink = this.aspsp.getIdpUrl();
        }
        return scaOAuthLink;
    }
}
