package org.osiam.client.oauth;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.message.BasicHeader;
import org.apache.http.message.BasicNameValuePair;
import org.codehaus.jackson.map.ObjectMapper;
import org.osiam.client.exception.ConnectionInitializationException;
import org.osiam.client.exception.UnauthorizedException;

/* loaded from: input_file:org/osiam/client/oauth/AuthService.class */
public final class AuthService {
    private static final Charset CHARSET = Charset.forName("UTF-8");
    private final HttpPost post;
    private final String clientId;
    private final String endpoint;

    /* loaded from: input_file:org/osiam/client/oauth/AuthService$Builder.class */
    public static class Builder {
        private String clientId;
        private String clientSecret;
        private GrantType grantType;
        private Header[] headers;
        private static final String DEFAULT_SCOPE = "GET POST PUT PATCH DELETE";
        private Map<String, String> requestParameters = new HashMap();
        private String endpoint;
        private HttpEntity body;

        public Builder(String str) {
            this.requestParameters.put("scope", DEFAULT_SCOPE);
            this.endpoint = str + "/oauth/token";
        }

        public Builder setGrantType(GrantType grantType) {
            if (!grantType.equals(GrantType.PASSWORD)) {
                throw new UnsupportedOperationException(grantType.getUrlParam() + " grant type not supported at this time");
            }
            this.grantType = grantType;
            return this;
        }

        public Builder setClientId(String str) {
            this.clientId = str;
            return this;
        }

        public Builder setClientSecret(String str) {
            this.clientSecret = str;
            return this;
        }

        public Builder setUsername(String str) {
            this.requestParameters.put("username", str);
            return this;
        }

        public Builder setPassword(String str) {
            this.requestParameters.put("password", str);
            return this;
        }

        public AuthService build() {
            if (this.clientId == null || this.clientSecret == null) {
                throw new ConnectionInitializationException("The provided client credentials are incomplete.");
            }
            if (this.grantType == null) {
                throw new ConnectionInitializationException("The grant type is not set.");
            }
            if (this.grantType.equals(GrantType.PASSWORD) && (!this.requestParameters.containsKey("username") || !this.requestParameters.containsKey("password"))) {
                throw new ConnectionInitializationException("The grant type 'password' requires username and password");
            }
            this.requestParameters.put("grant_type", this.grantType.getUrlParam());
            this.body = buildBody();
            this.headers = buildHead();
            return new AuthService(this);
        }

        private String encodeClientCredentials(String str, String str2) {
            return new String(Base64.encodeBase64((str + ":" + str2).getBytes(AuthService.CHARSET)), AuthService.CHARSET);
        }

        private Header[] buildHead() {
            return new Header[]{new BasicHeader("Authorization", "Basic " + encodeClientCredentials(this.clientId, this.clientSecret))};
        }

        private HttpEntity buildBody() {
            ArrayList arrayList = new ArrayList();
            for (String str : this.requestParameters.keySet()) {
                arrayList.add(new BasicNameValuePair(str, this.requestParameters.get(str)));
            }
            try {
                return new UrlEncodedFormEntity(arrayList);
            } catch (UnsupportedEncodingException e) {
                throw new ConnectionInitializationException("Unable to Build Request in this encoding.", e);
            }
        }
    }

    private AuthService(Builder builder) {
        this.post = new HttpPost(builder.endpoint);
        this.post.setHeaders(builder.headers);
        this.post.setEntity(builder.body);
        this.clientId = builder.clientId;
        this.endpoint = builder.endpoint;
    }

    private HttpResponse performRequest() {
        try {
            return new DefaultHttpClient().execute(this.post);
        } catch (IOException e) {
            throw new ConnectionInitializationException("Unable to perform Request ", e);
        }
    }

    public AccessToken retrieveAccessToken() {
        HttpResponse performRequest = performRequest();
        int statusCode = performRequest.getStatusLine().getStatusCode();
        if (statusCode == 200) {
            try {
                return (AccessToken) new ObjectMapper().readValue(performRequest.getEntity().getContent(), AccessToken.class);
            } catch (IOException e) {
                throw new ConnectionInitializationException("Unable to retrieve access token: IOException", e);
            }
        }
        switch (statusCode) {
            case 400:
                throw new ConnectionInitializationException("Unable to create Connection. Please make sure that you have the correct grants.");
            case 401:
                StringBuilder sb = new StringBuilder("You are not authorized to directly retrieve a access token.");
                if (performRequest.toString().contains(this.clientId + " not found")) {
                    sb.append(" Unknown client-id");
                } else {
                    sb.append(" Invalid client secret");
                }
                throw new UnauthorizedException(sb.toString());
            case 402:
            case 403:
            default:
                throw new ConnectionInitializationException(String.format("Unable to setup connection (HTTP Status Code: %d)", Integer.valueOf(statusCode)));
            case 404:
                throw new ConnectionInitializationException("Unable to find the given OSIAM service (" + this.endpoint + ")");
        }
    }
}
