package edu.internet2.middleware.grouper.app.azure;

import com.fasterxml.jackson.databind.JsonNode;
import edu.internet2.middleware.grouper.app.externalSystem.GrouperExternalSystem;
import edu.internet2.middleware.grouper.app.loader.GrouperLoaderConfig;
import edu.internet2.middleware.grouper.cfg.dbConfig.ConfigFileName;
import edu.internet2.middleware.grouper.util.GrouperHttpClient;
import edu.internet2.middleware.grouper.util.GrouperHttpMethod;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.grouperClient.collections.MultiKey;
import edu.internet2.middleware.grouperClient.util.ExpirableCache;
import edu.internet2.middleware.morphString.Morph;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.osgi.framework.AdminPermission;

/* loaded from: input_file:WEB-INF/lib/grouper-4.10.3.jar:edu/internet2/middleware/grouper/app/azure/AzureGrouperExternalSystem.class */
public class AzureGrouperExternalSystem extends GrouperExternalSystem {
    private static ExpirableCache<String, MultiKey> configKeyToExpiresOnAndBearerToken = new ExpirableCache<>(60);
    private static ExpirableCache<String, GrouperAzureApiCommands> apiConnectionCache = new ExpirableCache<>(5);

    public static void clearCache() {
        configKeyToExpiresOnAndBearerToken.clear();
    }

    @Override // edu.internet2.middleware.grouper.app.config.GrouperConfigurationModuleBase
    public ConfigFileName getConfigFileName() {
        return ConfigFileName.GROUPER_LOADER_PROPERTIES;
    }

    @Override // edu.internet2.middleware.grouper.app.config.GrouperConfigurationModuleBase
    public String getConfigItemPrefix() {
        if (StringUtils.isBlank(getConfigId())) {
            throw new RuntimeException("Must have configId!");
        }
        return "grouper.azureConnector." + getConfigId() + ".";
    }

    @Override // edu.internet2.middleware.grouper.app.config.GrouperConfigurationModuleBase
    public String getConfigIdRegex() {
        return "^(grouper\\.azureConnector)\\.([^.]+)\\.(.*)$";
    }

    @Override // edu.internet2.middleware.grouper.app.config.GrouperConfigurationModuleBase
    public String getConfigIdThatIdentifiesThisConfig() {
        return "myAzure";
    }

    @Override // edu.internet2.middleware.grouper.app.externalSystem.GrouperExternalSystem
    public List<String> test() throws UnsupportedOperationException {
        ArrayList arrayList = new ArrayList();
        GrouperLoaderConfig retrieveConfig = GrouperLoaderConfig.retrieveConfig();
        String str = "grouper.azureConnector." + getConfigId() + ".";
        String str2 = str + "loginEndpoint";
        if (GrouperUtil.isBlank(retrieveConfig.propertyValueString(str2))) {
            arrayList.add("Undefined or blank property: " + str2);
        }
        String str3 = str + "resourceEndpoint";
        if (GrouperUtil.isBlank(retrieveConfig.propertyValueString(str3))) {
            arrayList.add("Undefined or blank property: " + str3);
        }
        String str4 = str + "clientId";
        if (GrouperUtil.isBlank(retrieveConfig.propertyValueString(str4))) {
            arrayList.add("Undefined or blank property: " + str4);
        }
        String str5 = str + "clientSecret";
        if (GrouperUtil.isBlank(retrieveConfig.propertyValueString(str5))) {
            arrayList.add("Undefined or blank property: " + str5);
        }
        String str6 = str + "tenantId";
        if (GrouperUtil.isBlank(retrieveConfig.propertyValueString(str6))) {
            arrayList.add("Undefined or blank property: " + str6);
        }
        retrieveConfig.propertyValueString(str + "scope");
        try {
            retrieveBearerTokenForAzureConfigId(new HashMap(), getConfigId());
        } catch (Exception e) {
            arrayList.add("Unable to retrieve Azure authentication token: " + GrouperUtil.escapeHtml(e.getMessage(), true));
        }
        return arrayList;
    }

    public static String retrieveBearerTokenForAzureConfigId(Map<String, Object> map, String str) {
        long nanoTime = System.nanoTime();
        MultiKey multiKey = configKeyToExpiresOnAndBearerToken.get(str);
        if (multiKey != null) {
            long longValue = ((Long) multiKey.getKey(0)).longValue();
            String str2 = (String) multiKey.getKey(1);
            if (longValue * 1000 > System.currentTimeMillis()) {
                if (map != null) {
                    map.put("azureCachedAccessToken", true);
                }
                return Morph.decrypt(str2);
            }
        }
        try {
            try {
                GrouperHttpClient grouperHttpClient = new GrouperHttpClient();
                grouperHttpClient.assignDoNotLogHeaders(AzureMockServiceHandler.doNotLogHeaders).assignDoNotLogParameters(AzureMockServiceHandler.doNotLogParameters);
                if (!GrouperLoaderConfig.retrieveConfig().propertyValueBoolean("grouper.azureConnector." + str + ".logAuthenticationResponseBody", false)) {
                    grouperHttpClient.assignDoNotLogResponseBody(true);
                }
                String propertyValueStringRequired = GrouperLoaderConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".loginEndpoint");
                String str3 = propertyValueStringRequired + (propertyValueStringRequired.endsWith("/") ? "" : "/") + GrouperLoaderConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".tenantId") + "/oauth2/token";
                grouperHttpClient.assignGrouperHttpMethod(GrouperHttpMethod.post);
                grouperHttpClient.assignUrl(str3);
                String propertyValueString = GrouperLoaderConfig.retrieveConfig().propertyValueString("grouper.azureConnector." + str + ".proxyUrl");
                String propertyValueString2 = GrouperLoaderConfig.retrieveConfig().propertyValueString("grouper.azureConnector." + str + ".proxyType");
                grouperHttpClient.assignProxyUrl(propertyValueString);
                grouperHttpClient.assignProxyType(propertyValueString2);
                grouperHttpClient.addBodyParameter("client_id", GrouperLoaderConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".clientId"));
                grouperHttpClient.addBodyParameter("client_secret", Morph.decryptIfFile(GrouperLoaderConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".clientSecret")));
                grouperHttpClient.addBodyParameter("grant_type", "client_credentials");
                grouperHttpClient.addBodyParameter(AdminPermission.RESOURCE, GrouperLoaderConfig.retrieveConfig().propertyValueStringRequired("grouper.azureConnector." + str + ".resource"));
                try {
                    grouperHttpClient.executeRequest();
                    int responseCode = grouperHttpClient.getResponseCode();
                    String responseBody = grouperHttpClient.getResponseBody();
                    if (responseCode != 200) {
                        throw new RuntimeException("Cant get access token from '" + str3 + "' " + responseCode + ", " + responseBody);
                    }
                    JsonNode jsonJacksonNode = GrouperUtil.jsonJacksonNode(responseBody);
                    long longValue2 = GrouperUtil.jsonJacksonGetLong(jsonJacksonNode, "expires_on", -1L).longValue();
                    String jsonJacksonGetString = GrouperUtil.jsonJacksonGetString(jsonJacksonNode, "access_token");
                    configKeyToExpiresOnAndBearerToken.put(str, new MultiKey(Long.valueOf(longValue2), Morph.encrypt(jsonJacksonGetString)));
                    if (map != null) {
                        map.put("azureTokenTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
                    }
                    return jsonJacksonGetString;
                } catch (Exception e) {
                    throw new RuntimeException("Error connecting to '" + str3 + "'", e);
                }
            } catch (RuntimeException e2) {
                if (map != null) {
                    map.put("azureTokenError", GrouperUtil.getFullStackTrace(e2));
                }
                throw e2;
            }
        } catch (Throwable th) {
            if (map != null) {
                map.put("azureTokenTookMillis", Long.valueOf((System.nanoTime() - nanoTime) / 1000000));
            }
            throw th;
        }
    }
}
