package com.cumulocity.microservice.security.token;

import com.cumulocity.microservice.context.credentials.UserCredentials;
import com.cumulocity.model.authentication.AuthenticationMethod;
import com.cumulocity.model.authentication.CumulocityOAuthCredentials;
import com.cumulocity.rest.representation.AbstractExtensibleRepresentation;
import com.cumulocity.rest.representation.user.CurrentUserRepresentation;
import com.cumulocity.rest.representation.user.UserMediaType;
import com.cumulocity.sdk.client.CumulocityAuthenticationFilter;
import com.cumulocity.sdk.client.rest.mediatypes.ErrorMessageRepresentationReader;
import com.cumulocity.sdk.client.rest.providers.CumulocityJSONMessageBodyReader;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.ClientRequestContext;
import javax.ws.rs.client.ClientRequestFilter;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.ext.Provider;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.glassfish.jersey.client.ClientConfig;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/cumulocity/microservice/security/token/CumulocityCoreAuthenticationClient.class */
public class CumulocityCoreAuthenticationClient {
    private static final int CONNECTION_TIMEOUT = 30000;

    /* JADX INFO: Access modifiers changed from: package-private */
    @Provider
    /* loaded from: input_file:com/cumulocity/microservice/security/token/CumulocityCoreAuthenticationClient$ForwardedHeaderOnRequestFilter.class */
    public static class ForwardedHeaderOnRequestFilter implements ClientRequestFilter {
        private static final String X_Forwarded_Host = "X-Forwarded-Host";
        private final HttpServletRequest request;

        public void filter(ClientRequestContext clientRequestContext) throws IOException {
            clientRequestContext.getHeaders().add(X_Forwarded_Host, this.request.getHeader(X_Forwarded_Host));
        }

        public ForwardedHeaderOnRequestFilter(HttpServletRequest httpServletRequest) {
            this.request = httpServletRequest;
        }
    }

    /* loaded from: input_file:com/cumulocity/microservice/security/token/CumulocityCoreAuthenticationClient$SimplifiedCurrentTenantRepresentation.class */
    public static class SimplifiedCurrentTenantRepresentation extends AbstractExtensibleRepresentation {
        private String name;

        public String getName() {
            return this.name;
        }

        public void setName(String str) {
            this.name = str;
        }
    }

    CumulocityCoreAuthenticationClient() {
    }

    public static JwtTokenAuthentication authenticateUserAndUpdateToken(String str, JwtTokenAuthentication jwtTokenAuthentication) {
        Client createClient = createClient(jwtTokenAuthentication);
        try {
            CurrentUserRepresentation currentUser = getCurrentUser(createClient, str);
            String tenantName = getTenantName(createClient, str);
            jwtTokenAuthentication.setCurrentUserRepresentation(currentUser);
            JwtTokenAuthentication updateUserCredentials = updateUserCredentials(tenantName, jwtTokenAuthentication);
            createClient.close();
            return updateUserCredentials;
        } catch (Throwable th) {
            createClient.close();
            throw th;
        }
    }

    public static Client createClient(JwtTokenAuthentication jwtTokenAuthentication) {
        HttpServletRequest request;
        ClientBuilder withConfig = ClientBuilder.newBuilder().withConfig(createClientConfig());
        if (jwtTokenAuthentication != null) {
            withConfig.register(createClientWithAuthenticationFilter(jwtTokenAuthentication));
        }
        ServletRequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        if ((requestAttributes instanceof ServletRequestAttributes) && (request = requestAttributes.getRequest()) != null) {
            withConfig.register(new ForwardedHeaderOnRequestFilter(request));
        }
        return withConfig.build();
    }

    private static CumulocityAuthenticationFilter createClientWithAuthenticationFilter(JwtTokenAuthentication jwtTokenAuthentication) {
        JwtCredentials m7getCredentials = jwtTokenAuthentication.m7getCredentials();
        if (!(m7getCredentials instanceof JwtAndXsrfTokenCredentials)) {
            return new CumulocityAuthenticationFilter(CumulocityOAuthCredentials.builder().authenticationMethod(AuthenticationMethod.HEADER).oAuthAccessToken(m7getCredentials.getJwt().serialize()).build());
        }
        JwtAndXsrfTokenCredentials jwtAndXsrfTokenCredentials = (JwtAndXsrfTokenCredentials) m7getCredentials;
        return new CumulocityAuthenticationFilter(CumulocityOAuthCredentials.builder().authenticationMethod(AuthenticationMethod.COOKIE).oAuthAccessToken(jwtAndXsrfTokenCredentials.getJwt().serialize()).xsrfToken(jwtAndXsrfTokenCredentials.getXsrfToken()).build());
    }

    private static ClientConfig createClientConfig() {
        ClientConfig clientConfig = new ClientConfig();
        clientConfig.register(CumulocityJSONMessageBodyReader.class);
        clientConfig.register(ErrorMessageRepresentationReader.class);
        clientConfig.property("jersey.config.apache.client.connectionManager", new PoolingHttpClientConnectionManager());
        clientConfig.property("jersey.config.client.connectTimeout", Integer.valueOf(CONNECTION_TIMEOUT));
        return clientConfig;
    }

    private static CurrentUserRepresentation getCurrentUser(Client client, String str) {
        return (CurrentUserRepresentation) client.target(str + "/user/currentUser").request(new MediaType[]{UserMediaType.CURRENT_USER}).get(CurrentUserRepresentation.class);
    }

    private static String getTenantName(Client client, String str) {
        return ((SimplifiedCurrentTenantRepresentation) client.target(str + "/tenant/currentTenant").request(new MediaType[]{UserMediaType.CURRENT_TENANT}).get(SimplifiedCurrentTenantRepresentation.class)).name;
    }

    static JwtTokenAuthentication updateUserCredentials(String str, JwtTokenAuthentication jwtTokenAuthentication) {
        jwtTokenAuthentication.setUserCredentials(buildUserCredentials(str, jwtTokenAuthentication));
        return jwtTokenAuthentication;
    }

    private static UserCredentials buildUserCredentials(String str, JwtTokenAuthentication jwtTokenAuthentication) {
        return jwtTokenAuthentication.m7getCredentials().toUserCredentials(str, jwtTokenAuthentication);
    }
}
