package com.atlassian.oauth2.client.rest.resource;

import com.atlassian.annotations.PublicApi;
import com.atlassian.applinks.internal.rest.model.auth.compatibility.RestAuthenticationProvider;
import com.atlassian.oauth2.client.RedirectUriSuffixGenerator;
import com.atlassian.oauth2.client.api.lib.flow.FlowRequestService;
import com.atlassian.oauth2.client.api.lib.flow.FlowResult;
import com.atlassian.oauth2.client.api.storage.config.ClientConfigStorageService;
import com.atlassian.oauth2.client.api.storage.config.ClientConfigurationEntity;
import com.atlassian.oauth2.client.api.storage.token.exception.ConfigurationNotFoundException;
import com.atlassian.oauth2.client.lib.web.AuthorizationCodeFlowUrlsProvider;
import com.atlassian.oauth2.client.rest.api.RestClientConfiguration;
import com.atlassian.oauth2.client.rest.api.RestFlowRequest;
import com.atlassian.oauth2.client.rest.api.RestFlowResult;
import com.atlassian.oauth2.client.rest.resource.validator.ClientConfigurationValidator;
import com.atlassian.oauth2.client.rest.resource.validator.DefaultClientConfigurationValidator;
import com.atlassian.oauth2.client.rest.resource.validator.ValidationException;
import com.atlassian.oauth2.client.util.ClientHttpsValidator;
import com.atlassian.oauth2.common.rest.validator.ErrorCollection;
import com.atlassian.sal.api.message.I18nResolver;
import com.atlassian.sal.api.permission.PermissionEnforcer;
import com.google.common.collect.ImmutableMap;
import com.sun.jersey.spi.resource.Singleton;
import java.util.List;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
@Path(RestAuthenticationProvider.CONFIG)
@Consumes({"application/json"})
@Produces({"application/json"})
/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/oauth2-client-plugin-3.0.11.jar:com/atlassian/oauth2/client/rest/resource/ClientConfigurationResource.class */
public class ClientConfigurationResource {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) ClientConfigurationResource.class);
    private final ClientConfigStorageService clientConfigStorageService;
    private final FlowRequestService flowRequestService;
    private final ClientConfigurationValidator clientConfigurationValidator;
    private final PermissionEnforcer permissionEnforcer;
    private final AuthorizationCodeFlowUrlsProvider authorizationCodeFlowUrlsProvider;
    private final RedirectUriSuffixGenerator redirectUriSuffixGenerator;
    private final I18nResolver i18nResolver;
    private final ClientHttpsValidator clientHttpsValidator;

    public ClientConfigurationResource(ClientConfigStorageService clientConfigStorageService, FlowRequestService flowRequestService, ClientConfigurationValidator clientConfigurationValidator, PermissionEnforcer permissionEnforcer, AuthorizationCodeFlowUrlsProvider authorizationCodeFlowUrlsProvider, RedirectUriSuffixGenerator redirectUriSuffixGenerator, I18nResolver i18nResolver, ClientHttpsValidator clientHttpsValidator) {
        this.clientConfigStorageService = clientConfigStorageService;
        this.flowRequestService = flowRequestService;
        this.clientConfigurationValidator = clientConfigurationValidator;
        this.permissionEnforcer = permissionEnforcer;
        this.authorizationCodeFlowUrlsProvider = authorizationCodeFlowUrlsProvider;
        this.redirectUriSuffixGenerator = redirectUriSuffixGenerator;
        this.i18nResolver = i18nResolver;
        this.clientHttpsValidator = clientHttpsValidator;
    }

    @GET
    @PublicApi
    public Response getAllClientConfigurations() throws ValidationException {
        this.permissionEnforcer.enforceSystemAdmin();
        enforceHttps();
        logger.debug("Getting all client configurations");
        return Response.ok((List) this.clientConfigStorageService.list().stream().map(this::valueOf).collect(Collectors.toList())).build();
    }

    @POST
    @PublicApi
    public Response createClientConfiguration(RestClientConfiguration restClientConfiguration) throws ConfigurationNotFoundException, ValidationException {
        this.permissionEnforcer.enforceSystemAdmin();
        enforceHttps();
        logger.debug("Creating client configuration: [{}]", restClientConfiguration);
        restClientConfiguration.setId(null);
        return Response.ok(valueOf(this.clientConfigStorageService.save(this.clientConfigurationValidator.validateCreate(restClientConfiguration)))).build();
    }

    @GET
    @PublicApi
    @Path("/{id}")
    public Response getClientConfiguration(@PathParam("id") String str) throws ConfigurationNotFoundException, ValidationException {
        this.permissionEnforcer.enforceSystemAdmin();
        enforceHttps();
        logger.debug("Getting client configuration with id: [{}]", str);
        return Response.ok(valueOf(this.clientConfigStorageService.getByIdOrFail(str))).build();
    }

    @GET
    @PublicApi
    @Path("/name/{name}")
    public Response getClientConfigurationByName(@PathParam("name") String str) throws ValidationException {
        this.permissionEnforcer.enforceSystemAdmin();
        enforceHttps();
        logger.debug("Getting client configuration with name: [{}]", str);
        return (Response) this.clientConfigStorageService.getByName(str).map(clientConfigurationEntity -> {
            return Response.ok(valueOf(clientConfigurationEntity)).build();
        }).orElseGet(() -> {
            return Response.status(Response.Status.NOT_FOUND).build();
        });
    }

    @PublicApi
    @Path("/{id}")
    @DELETE
    public Response deleteClientConfiguration(@PathParam("id") String str) throws ConfigurationNotFoundException, ValidationException {
        this.permissionEnforcer.enforceSystemAdmin();
        enforceHttps();
        logger.debug("Deleting client configuration with id: [{}]", str);
        this.clientConfigStorageService.delete(str);
        return Response.status(Response.Status.NO_CONTENT).build();
    }

    @PublicApi
    @Path("/{id}")
    @PUT
    public Response updateClientConfiguration(@PathParam("id") String str, RestClientConfiguration restClientConfiguration) throws ConfigurationNotFoundException, ValidationException {
        this.permissionEnforcer.enforceSystemAdmin();
        enforceHttps();
        logger.debug("Updating client configuration with id: [{}]", str);
        restClientConfiguration.setId(str);
        this.clientConfigStorageService.save(ClientConfigurationEntity.builder(this.clientConfigurationValidator.validateUpdate(restClientConfiguration, this.clientConfigStorageService.getByIdOrFail(str))).id(str).build());
        return Response.status(Response.Status.NO_CONTENT).build();
    }

    @GET
    @PublicApi
    @Path("/get-redirect-uri")
    public Response generateRedirectUriSuffix(@QueryParam("authorizationEndpoint") String str) throws ValidationException {
        this.permissionEnforcer.enforceSystemAdmin();
        enforceHttps();
        logger.debug("Generating redirect uri");
        String generateRedirectUriSuffix = this.redirectUriSuffixGenerator.generateRedirectUriSuffix(str);
        return Response.ok(ImmutableMap.of("redirectUri", this.authorizationCodeFlowUrlsProvider.getRedirectUri(generateRedirectUriSuffix).toString(), DefaultClientConfigurationValidator.Field.REDIRECT_URI_SUFFIX, generateRedirectUriSuffix)).build();
    }

    @GET
    @PublicApi
    @Path("/is-name-unique")
    public Response isNameUnique(@QueryParam("id") String str, @QueryParam("name") String str2) throws ValidationException {
        this.permissionEnforcer.enforceSystemAdmin();
        enforceHttps();
        logger.debug("Checking if name is unique");
        return Response.ok(Boolean.valueOf(this.clientConfigStorageService.isNameUnique(str, str2))).build();
    }

    @POST
    @PublicApi
    @Path("/flow")
    public Response createFlow(@Context HttpServletRequest httpServletRequest, @QueryParam("id") String str, @QueryParam("callbackUrl") String str2) throws ConfigurationNotFoundException, ValidationException {
        this.permissionEnforcer.enforceSystemAdmin();
        enforceHttps();
        logger.debug("Testing connection for configId {}", str);
        try {
            return Response.ok(RestFlowRequest.valueOf(this.flowRequestService.createFlowRequest(httpServletRequest.getSession(false), this.clientConfigStorageService.getByIdOrFail(str), str3 -> {
                return str2 + "/" + str3;
            }))).build();
        } catch (IllegalArgumentException | IllegalStateException e) {
            throw new ValidationException(ErrorCollection.forMessage(this.i18nResolver.getText("oauth2.rest.error.flow.create.error")));
        }
    }

    @GET
    @PublicApi
    @Path("/flow/{flowRequestId}")
    public Response getFlowResult(@Context HttpServletRequest httpServletRequest, @PathParam("flowRequestId") String str) throws ValidationException {
        this.permissionEnforcer.enforceSystemAdmin();
        enforceHttps();
        try {
            FlowResult flowResult = this.flowRequestService.getFlowResult(httpServletRequest.getSession(false), str);
            if (flowResult.indicatesSuccess()) {
                return Response.ok(new RestFlowResult(true, "")).build();
            }
            String message = flowResult.toErrorResult().getMessage();
            logger.error("Error occurred while authorizing an integration. The error message is: {}", message);
            return Response.ok(new RestFlowResult(false, message)).build();
        } catch (IllegalArgumentException e) {
            throw new ValidationException(ErrorCollection.forMessage(this.i18nResolver.getText("oauth2.rest.error.flow.not.found", str)));
        }
    }

    private RestClientConfiguration valueOf(ClientConfigurationEntity clientConfigurationEntity) {
        return RestClientConfiguration.valueOf(clientConfigurationEntity, this.redirectUriSuffixGenerator.generateRedirectUriSuffix(clientConfigurationEntity.getAuthorizationEndpoint()));
    }

    private void enforceHttps() throws ValidationException {
        if (this.clientHttpsValidator.isBaseUrlHttpsRequired() && !this.clientHttpsValidator.isBaseUrlHttps()) {
            throw new ValidationException(ErrorCollection.forMessage(this.i18nResolver.getText("oauth2.integrations.insecure.base.url.error.message")));
        }
    }
}
