package org.nuxeo.ecm.platform.oauth2.providers;

import com.fasterxml.jackson.core.JsonGenerator;
import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator;
import org.nuxeo.ecm.core.api.DocumentModel;
import org.nuxeo.ecm.core.api.DocumentModelList;
import org.nuxeo.ecm.core.api.NuxeoException;
import org.nuxeo.ecm.core.api.NuxeoPrincipal;
import org.nuxeo.ecm.core.io.marshallers.json.ExtensibleEntityJsonWriter;
import org.nuxeo.ecm.core.io.registry.reflect.Instantiations;
import org.nuxeo.ecm.core.io.registry.reflect.Setup;
import org.nuxeo.ecm.platform.oauth2.tokens.NuxeoOAuth2Token;
import org.nuxeo.ecm.platform.usermanager.UserManager;
import org.nuxeo.runtime.api.Framework;

@Setup(mode = Instantiations.SINGLETON, priority = 2000)
/* loaded from: input_file:org/nuxeo/ecm/platform/oauth2/providers/NuxeoOAuth2ServiceProviderWriter.class */
public class NuxeoOAuth2ServiceProviderWriter extends ExtensibleEntityJsonWriter<NuxeoOAuth2ServiceProvider> {
    public static final String ENTITY_TYPE = "nuxeoOAuth2ServiceProvider";

    public NuxeoOAuth2ServiceProviderWriter() {
        super(ENTITY_TYPE, NuxeoOAuth2ServiceProvider.class);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void writeEntityBody(NuxeoOAuth2ServiceProvider nuxeoOAuth2ServiceProvider, JsonGenerator jsonGenerator) throws IOException {
        UserManager userManager = (UserManager) Framework.getService(UserManager.class);
        String name = this.ctx.getSession((DocumentModel) null).getSession().getPrincipal().getName();
        NuxeoPrincipal principal = userManager.getPrincipal(name);
        jsonGenerator.writeStringField("serviceName", nuxeoOAuth2ServiceProvider.getServiceName());
        jsonGenerator.writeStringField("description", nuxeoOAuth2ServiceProvider.getDescription());
        jsonGenerator.writeStringField("clientId", nuxeoOAuth2ServiceProvider.getClientId());
        jsonGenerator.writeStringField("clientSecret", principal.isAdministrator() ? nuxeoOAuth2ServiceProvider.getClientSecret() : null);
        jsonGenerator.writeStringField("authorizationServerURL", nuxeoOAuth2ServiceProvider.getAuthorizationServerURL());
        jsonGenerator.writeStringField("tokenServerURL", nuxeoOAuth2ServiceProvider.getTokenServerURL());
        jsonGenerator.writeStringField("userAuthorizationURL", nuxeoOAuth2ServiceProvider.getUserAuthorizationURL());
        jsonGenerator.writeArrayFieldStart("scopes");
        Iterator<String> it = nuxeoOAuth2ServiceProvider.getScopes().iterator();
        while (it.hasNext()) {
            jsonGenerator.writeString(it.next());
        }
        jsonGenerator.writeEndArray();
        jsonGenerator.writeBooleanField("isEnabled", nuxeoOAuth2ServiceProvider.isEnabled());
        jsonGenerator.writeBooleanField("isAvailable", nuxeoOAuth2ServiceProvider.isProviderAvailable());
        String str = null;
        if (nuxeoOAuth2ServiceProvider.getClientId() != null) {
            try {
                str = nuxeoOAuth2ServiceProvider.getAuthorizationUrl(this.ctx.getBaseUrl());
            } catch (IllegalArgumentException e) {
                str = null;
            }
        }
        jsonGenerator.writeStringField("authorizationURL", str);
        NuxeoOAuth2Token token = getToken(nuxeoOAuth2ServiceProvider, name);
        boolean z = token != null;
        jsonGenerator.writeBooleanField("isAuthorized", z);
        jsonGenerator.writeStringField("userId", z ? token.getServiceLogin() : null);
    }

    private NuxeoOAuth2Token getToken(NuxeoOAuth2ServiceProvider nuxeoOAuth2ServiceProvider, String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("serviceName", nuxeoOAuth2ServiceProvider.getId());
        hashMap.put(NuxeoOAuth2Token.KEY_NUXEO_LOGIN, str);
        return (NuxeoOAuth2Token) Framework.doPrivileged(() -> {
            DocumentModelList query = nuxeoOAuth2ServiceProvider.getCredentialDataStore().query(hashMap);
            if (query == null) {
                return null;
            }
            if (query.size() > 1) {
                throw new NuxeoException("Found multiple " + nuxeoOAuth2ServiceProvider.getId() + " accounts for " + str);
            }
            if (query.size() == 1) {
                return new NuxeoOAuth2Token((DocumentModel) query.get(0));
            }
            return null;
        });
    }
}
