package com.intuit.oauth2.config;

import com.intuit.oauth2.client.DiscoveryAPIClient;
import com.intuit.oauth2.data.DiscoveryAPIResponse;
import com.intuit.oauth2.exception.ConnectionException;
import com.intuit.oauth2.exception.InvalidRequestException;
import com.intuit.oauth2.utils.LoggerImpl;
import com.intuit.oauth2.utils.PropertiesConfig;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;

/* loaded from: input_file:com/intuit/oauth2/config/OAuth2Config.class */
public class OAuth2Config {
    private String clientId;
    private String clientSecret;
    private String intuitIdTokenIssuer;
    private String intuitAuthorizationEndpoint;
    private String intuitBearerTokenEndpoint;
    private String intuitRevokeTokenEndpoint;
    private String intuitJwksURI;
    private String userProfileEndpoint;
    private ProxyConfig proxyConfig;
    private static final Logger logger = LoggerImpl.getInstance();

    /* loaded from: input_file:com/intuit/oauth2/config/OAuth2Config$OAuth2ConfigBuilder.class */
    public static class OAuth2ConfigBuilder {
        private String clientId;
        private String clientSecret;
        private String intuitIdTokenIssuer;
        private String intuitAuthorizationEndpoint;
        private String intuitBearerTokenEndpoint;
        private String intuitRevokeTokenEndpoint;
        private String intuitJwksURI;
        private String userProfileEndpoint;
        private ProxyConfig proxyConfig;

        public OAuth2ConfigBuilder(String str, String str2) {
            this.clientId = str;
            this.clientSecret = str2;
        }

        public OAuth2ConfigBuilder callDiscoveryAPI(Environment environment) {
            try {
                DiscoveryAPIResponse callDiscoveryAPI = new DiscoveryAPIClient(this.proxyConfig).callDiscoveryAPI(environment);
                if (callDiscoveryAPI != null) {
                    this.intuitIdTokenIssuer = callDiscoveryAPI.getIssuer();
                    this.intuitAuthorizationEndpoint = callDiscoveryAPI.getAuthorizationEndpoint();
                    this.intuitBearerTokenEndpoint = callDiscoveryAPI.getTokenEndpoint();
                    this.intuitRevokeTokenEndpoint = callDiscoveryAPI.getRevocationEndpoint();
                    this.intuitJwksURI = callDiscoveryAPI.getJwksUri();
                    this.userProfileEndpoint = callDiscoveryAPI.getUserinfoEndpoint();
                }
            } catch (ConnectionException e) {
                OAuth2Config.logger.error("Exception while preparing url for redirect ", e);
            }
            return this;
        }

        public OAuth2ConfigBuilder proxyConfig(ProxyConfig proxyConfig) {
            this.proxyConfig = proxyConfig;
            return this;
        }

        public OAuth2Config buildConfig() {
            return new OAuth2Config(this);
        }
    }

    private OAuth2Config(OAuth2ConfigBuilder oAuth2ConfigBuilder) {
        this.clientId = oAuth2ConfigBuilder.clientId;
        this.clientSecret = oAuth2ConfigBuilder.clientSecret;
        this.intuitIdTokenIssuer = oAuth2ConfigBuilder.intuitIdTokenIssuer;
        this.intuitAuthorizationEndpoint = oAuth2ConfigBuilder.intuitAuthorizationEndpoint;
        this.intuitBearerTokenEndpoint = oAuth2ConfigBuilder.intuitBearerTokenEndpoint;
        this.intuitRevokeTokenEndpoint = oAuth2ConfigBuilder.intuitRevokeTokenEndpoint;
        this.intuitJwksURI = oAuth2ConfigBuilder.intuitJwksURI;
        this.userProfileEndpoint = oAuth2ConfigBuilder.userProfileEndpoint;
        this.proxyConfig = oAuth2ConfigBuilder.proxyConfig;
    }

    public String getIntuitIdTokenIssuer() {
        return this.intuitIdTokenIssuer;
    }

    public String getIntuitAuthorizationEndpoint() {
        return this.intuitAuthorizationEndpoint;
    }

    public String getIntuitBearerTokenEndpoint() {
        return this.intuitBearerTokenEndpoint;
    }

    public String getIntuitRevokeTokenEndpoint() {
        return this.intuitRevokeTokenEndpoint;
    }

    public String getIntuitJwksURI() {
        return this.intuitJwksURI;
    }

    public String getUserProfileEndpoint() {
        return this.userProfileEndpoint;
    }

    public String getClientId() {
        return this.clientId;
    }

    public String getClientSecret() {
        return this.clientSecret;
    }

    public ProxyConfig getProxyConfig() {
        return this.proxyConfig;
    }

    public String getScopeValue(Scope scope) {
        logger.debug("Enter OAuth2config::getDefaultScope");
        return PropertiesConfig.getInstance().getProperty(scope.value());
    }

    public String generateCSRFToken() {
        logger.debug("Enter OAuth2config::generateCSRFToken");
        return UUID.randomUUID().toString();
    }

    public String prepareUrl(List<Scope> list, String str, String str2) throws InvalidRequestException {
        logger.debug("Enter OAuth2config::prepareUrl");
        if (list == null || list.isEmpty() || str.isEmpty() || str2.isEmpty()) {
            logger.error("Invalid request for prepareUrl ");
            throw new InvalidRequestException("Invalid request for prepareUrl");
        }
        try {
            return this.intuitAuthorizationEndpoint + "?client_id=" + this.clientId + "&response_type=code&scope=" + URLEncoder.encode(buildScopeString(list), "UTF-8") + "&redirect_uri=" + URLEncoder.encode(str, "UTF-8") + "&state=" + str2;
        } catch (UnsupportedEncodingException e) {
            logger.error("Exception while preparing url for redirect ", e);
            throw new InvalidRequestException(e.getMessage(), e);
        }
    }

    private String buildScopeString(List<Scope> list) {
        StringBuilder sb = new StringBuilder();
        Iterator<Scope> it = list.iterator();
        while (it.hasNext()) {
            sb.append(getScopeValue(it.next()) + " ");
        }
        return StringUtils.stripEnd(sb.toString(), " ");
    }

    public String prepareUrl(List<Scope> list, String str) throws InvalidRequestException {
        logger.debug("Enter OAuth2config::prepareUrl");
        if (list == null || list.isEmpty() || str.isEmpty()) {
            logger.error("Invalid request for prepareUrl ");
            throw new InvalidRequestException("Invalid request for prepareUrl");
        }
        try {
            return this.intuitAuthorizationEndpoint + "?client_id=" + this.clientId + "&response_type=code&scope=" + URLEncoder.encode(buildScopeString(list), "UTF-8") + "&redirect_uri=" + URLEncoder.encode(str, "UTF-8") + "&state=" + generateCSRFToken();
        } catch (UnsupportedEncodingException e) {
            logger.error("Exception while preparing url for redirect ", e);
            throw new InvalidRequestException(e.getMessage(), e);
        }
    }
}
