package io.intino.amidas.accessor.alexandria.core;

import com.google.gson.Gson;
import io.intino.alexandria.logger.Logger;
import io.intino.alexandria.ui.services.AuthService;
import io.intino.alexandria.ui.services.auth.FederationInfo;
import io.intino.alexandria.ui.services.auth.Space;
import io.intino.alexandria.ui.services.auth.Token;
import io.intino.alexandria.ui.services.auth.UserInfo;
import io.intino.alexandria.ui.services.auth.Verifier;
import io.intino.alexandria.ui.services.auth.exceptions.CouldNotObtainAuthorizationUrl;
import io.intino.alexandria.ui.services.auth.exceptions.CouldNotObtainInfo;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URL;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.ssl.SSLContextBuilder;

/* loaded from: input_file:io/intino/amidas/accessor/alexandria/core/AmidasCasAccessor.class */
public class AmidasCasAccessor implements AuthService {
    private URL authServiceUrl;
    private Space space;
    private UserInfo userInfo;
    private static final String AuthorizationPath = "/login?service=%s";

    /* loaded from: input_file:io/intino/amidas/accessor/alexandria/core/AmidasCasAccessor$HttpClientFactory.class */
    public static class HttpClientFactory {
        public static CloseableHttpClient client() throws IOException {
            try {
                SSLContextBuilder sSLContextBuilder = new SSLContextBuilder();
                sSLContextBuilder.loadTrustMaterial((KeyStore) null, new TrustSelfSignedStrategy());
                SSLConnectionSocketFactory sSLConnectionSocketFactory = new SSLConnectionSocketFactory(sSLContextBuilder.build(), NoopHostnameVerifier.INSTANCE);
                PoolingHttpClientConnectionManager poolingHttpClientConnectionManager = new PoolingHttpClientConnectionManager(RegistryBuilder.create().register("http", new PlainConnectionSocketFactory()).register("https", sSLConnectionSocketFactory).build());
                poolingHttpClientConnectionManager.setMaxTotal(100);
                return HttpClients.custom().setSSLSocketFactory(sSLConnectionSocketFactory).setConnectionManager(poolingHttpClientConnectionManager).build();
            } catch (KeyManagementException | KeyStoreException | NoSuchAlgorithmException e) {
                throw new IOException("Error getting client");
            }
        }
    }

    public AmidasCasAccessor(Space space, URL url) {
        this.space = space;
        this.authServiceUrl = url;
    }

    public URL url() {
        return this.authServiceUrl;
    }

    public Space space() {
        return this.space;
    }

    public AuthService.Authentication authenticate() {
        return new AuthService.Authentication() { // from class: io.intino.amidas.accessor.alexandria.core.AmidasCasAccessor.1
            private Token requestToken;
            private Token accessToken;

            public Token requestToken() {
                this.requestToken = new Token() { // from class: io.intino.amidas.accessor.alexandria.core.AmidasCasAccessor.1.1
                    public String id() {
                        return UUID.randomUUID().toString();
                    }

                    public String secret() {
                        return "";
                    }
                };
                this.accessToken = null;
                return this.requestToken;
            }

            public URL authenticationUrl(Token token) throws CouldNotObtainAuthorizationUrl {
                if (this.requestToken != token) {
                    return null;
                }
                return AmidasCasAccessor.this.authorizationUrl(this.requestToken.id());
            }

            public Token accessToken() {
                return this.accessToken;
            }

            public Token accessToken(final Verifier verifier) {
                this.accessToken = (verifier == null || this.accessToken != null) ? null : new Token() { // from class: io.intino.amidas.accessor.alexandria.core.AmidasCasAccessor.1.2
                    public String id() {
                        return verifier.value();
                    }

                    public String secret() {
                        return "1234";
                    }
                };
                return this.accessToken;
            }

            public void invalidate() {
                AmidasCasAccessor.this.logout(this.accessToken);
            }

            public AuthService.Authentication.Version version() {
                return AuthService.Authentication.Version.OAuth2;
            }
        };
    }

    public boolean valid(Token token) {
        if (token == null) {
            return false;
        }
        try {
            if (token.id() == null) {
                return false;
            }
            return me(token) != null;
        } catch (CouldNotObtainInfo e) {
            return false;
        }
    }

    public FederationInfo info(Token token) throws CouldNotObtainInfo {
        return new FederationInfo() { // from class: io.intino.amidas.accessor.alexandria.core.AmidasCasAccessor.2
            public String name() {
                return "CAS";
            }

            public String title() {
                return "CAS federation";
            }

            public String subtitle() {
                return null;
            }

            public URL logo() {
                return null;
            }

            public URI pushServerUri() {
                return null;
            }
        };
    }

    public UserInfo me(Token token) throws CouldNotObtainInfo {
        if (token.id() == null) {
            return null;
        }
        if (this.userInfo != null) {
            return this.userInfo;
        }
        try {
            CloseableHttpResponse execute = HttpClientFactory.client().execute(new HttpGet(url() + "/serviceValidate?ticket=" + token.id() + "&service=" + callbackUrl(this.space) + "&format=JSON"));
            if (execute.getStatusLine().getStatusCode() != 200) {
                throw new CouldNotObtainInfo(new Exception("Status!=200"));
            }
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(execute.getEntity().getContent()));
            StringBuilder sb = new StringBuilder();
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                sb.append(readLine);
            }
            Map map = (Map) new Gson().fromJson(sb.toString(), Map.class);
            if (!map.containsKey("serviceResponse")) {
                return null;
            }
            Map map2 = (Map) map.get("serviceResponse");
            if (!map2.containsKey("authenticationSuccess")) {
                return null;
            }
            this.userInfo = userInfo((Map) map2.get("authenticationSuccess"));
            return this.userInfo;
        } catch (IOException e) {
            throw new CouldNotObtainInfo(e);
        }
    }

    public void logout(Token token) {
        this.userInfo = null;
    }

    public String logoutUrl() {
        return url() + "/logout?service=" + callbackUrl(this.space);
    }

    public void addPushListener(Token token, AuthService.FederationNotificationListener federationNotificationListener) throws CouldNotObtainInfo {
    }

    private Space createSpace(URL url) {
        if (url == null) {
            return null;
        }
        Space space = new Space(url());
        space.setBaseUrl(url.toString());
        return space;
    }

    private URL urlOf(String str) {
        try {
            return new URL(str);
        } catch (MalformedURLException e) {
            Logger.error(e);
            return null;
        }
    }

    private URL authorizationUrl(String str) {
        return urlOf(this.authServiceUrl + String.format(AuthorizationPath, callbackUrl(this.space)));
    }

    private String callbackUrl(Space space) {
        return encode(space().url().toString() + "/authenticate-callback");
    }

    public static String encode(String str) {
        if (str == null) {
            return null;
        }
        return URLEncoder.encode(str, StandardCharsets.UTF_8);
    }

    private UserInfo userInfo(final Map<String, Object> map) {
        return new UserInfo() { // from class: io.intino.amidas.accessor.alexandria.core.AmidasCasAccessor.3
            public String username() {
                return map.get("user").toString();
            }

            public String fullName() {
                return map.get("user").toString();
            }

            public URL photo() {
                return null;
            }

            public String email() {
                return "";
            }

            public String language() {
                return "es";
            }

            public List<String> roleList() {
                return Collections.emptyList();
            }
        };
    }

    public UserInfo userInfo() {
        return this.userInfo;
    }
}
