package org.cloudfoundry.identity.uaa.message;

import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import org.apache.http.conn.ssl.SSLContextBuilder;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.HttpClients;
import org.apache.xerces.impl.xs.SchemaSymbols;
import org.cloudfoundry.identity.uaa.constants.OriginKeys;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.client.OAuth2ClientContext;
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
import org.springframework.security.oauth2.client.resource.UserRedirectRequiredException;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-3.3.0.3.jar:org/cloudfoundry/identity/uaa/message/LocalUaaRestTemplate.class */
public class LocalUaaRestTemplate extends OAuth2RestTemplate implements InitializingBean {
    protected AuthorizationServerTokenServices tokenServices;
    protected String clientId;
    protected ClientDetailsService clientDetailsService;
    protected boolean verifySsl;

    public LocalUaaRestTemplate(OAuth2ProtectedResourceDetails oAuth2ProtectedResourceDetails) {
        super(oAuth2ProtectedResourceDetails);
        this.verifySsl = true;
    }

    public LocalUaaRestTemplate(OAuth2ProtectedResourceDetails oAuth2ProtectedResourceDetails, OAuth2ClientContext oAuth2ClientContext) {
        super(oAuth2ProtectedResourceDetails, oAuth2ClientContext);
        this.verifySsl = true;
    }

    @Override // org.springframework.security.oauth2.client.OAuth2RestTemplate
    public OAuth2AccessToken acquireAccessToken(OAuth2ClientContext oAuth2ClientContext) throws UserRedirectRequiredException {
        ClientDetails loadClientByClientId = this.clientDetailsService.loadClientByClientId(getClientId());
        HashSet hashSet = new HashSet();
        Iterator<GrantedAuthority> it = loadClientByClientId.getAuthorities().iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().getAuthority());
        }
        HashSet hashSet2 = new HashSet();
        hashSet2.add(OriginKeys.UAA);
        HashSet hashSet3 = new HashSet();
        hashSet3.add(SchemaSymbols.ATTVAL_TOKEN);
        HashMap hashMap = new HashMap();
        hashMap.put("client_id", "login");
        hashMap.put("grant_type", "client_credentials");
        OAuth2AccessToken createAccessToken = this.tokenServices.createAccessToken(new OAuth2Authentication(new OAuth2Request(hashMap, "login", Collections.EMPTY_SET, true, hashSet, hashSet2, null, hashSet3, Collections.EMPTY_MAP), null));
        oAuth2ClientContext.setAccessToken(createAccessToken);
        return createAccessToken;
    }

    public AuthorizationServerTokenServices getTokenServices() {
        return this.tokenServices;
    }

    public void setTokenServices(AuthorizationServerTokenServices authorizationServerTokenServices) {
        this.tokenServices = authorizationServerTokenServices;
    }

    public String getClientId() {
        return this.clientId;
    }

    public void setClientId(String str) {
        this.clientId = str;
    }

    public ClientDetailsService getClientDetailsService() {
        return this.clientDetailsService;
    }

    public void setClientDetailsService(ClientDetailsService clientDetailsService) {
        this.clientDetailsService = clientDetailsService;
    }

    public boolean isVerifySsl() {
        return this.verifySsl;
    }

    public void setVerifySsl(boolean z) {
        this.verifySsl = z;
    }

    protected void skipSslValidation() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
        setRequestFactory(new HttpComponentsClientHttpRequestFactory(HttpClients.custom().setSslcontext(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build()).build()));
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        if (this.tokenServices == null) {
            throw new NullPointerException("tokenServices property is null!");
        }
        if (this.clientId == null) {
            throw new NullPointerException("clientId property is null!");
        }
        if (this.clientDetailsService == null) {
            throw new NullPointerException("clientDetailsService property is null!");
        }
        if (isVerifySsl()) {
            return;
        }
        skipSslValidation();
    }
}
