package com.atlassian.plugin.connect.crowd.permissions;

import com.atlassian.applinks.api.ApplicationLinkRequest;
import com.atlassian.applinks.api.ApplicationLinkService;
import com.atlassian.applinks.api.CredentialsRequiredException;
import com.atlassian.applinks.api.ReadOnlyApplicationLink;
import com.atlassian.applinks.api.application.crowd.CrowdApplicationType;
import com.atlassian.crowd.exception.ApplicationAccessDeniedException;
import com.atlassian.crowd.exception.ApplicationPermissionException;
import com.atlassian.crowd.exception.InactiveAccountException;
import com.atlassian.crowd.exception.InvalidAuthenticationException;
import com.atlassian.crowd.exception.OperationFailedException;
import com.atlassian.crowd.model.authentication.UserAuthenticationContext;
import com.atlassian.crowd.model.authentication.ValidationFactor;
import com.atlassian.plugin.connect.confluence.auth.ConfluenceApplinkServiceProvider;
import com.atlassian.plugin.connect.crowd.usermanagement.CrowdClientProvider;
import com.atlassian.plugin.spring.scanner.annotation.component.JiraComponent;
import com.atlassian.sal.api.net.Request;
import com.atlassian.sal.api.net.ResponseException;
import com.google.common.collect.Iterables;
import java.net.HttpCookie;
import java.util.Optional;
import org.springframework.beans.factory.annotation.Autowired;

@JiraComponent
/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-connect-plugin-1.1.100.jar:com/atlassian/plugin/connect/crowd/permissions/ConnectCrowdSysadminHttpClientImpl.class */
public class ConnectCrowdSysadminHttpClientImpl implements ConnectCrowdSysadminHttpClient {
    private final ApplicationLinkService applicationLinkService;
    private final CrowdClientProvider crowdClientProvider;

    @Autowired
    public ConnectCrowdSysadminHttpClientImpl(ApplicationLinkService applicationLinkService, CrowdClientProvider crowdClientProvider) {
        this.applicationLinkService = applicationLinkService;
        this.crowdClientProvider = crowdClientProvider;
    }

    @Override // com.atlassian.plugin.connect.crowd.permissions.ConnectCrowdSysadminHttpClient
    public void executeAsSysadmin(Request.MethodType methodType, String str, String str2) throws CredentialsRequiredException, ResponseException, ApplicationPermissionException, InactiveAccountException, ApplicationAccessDeniedException, OperationFailedException, InvalidAuthenticationException {
        Optional ofNullable = Optional.ofNullable(Iterables.getFirst(this.applicationLinkService.getApplicationLinks(CrowdApplicationType.class), null));
        if (!ofNullable.isPresent()) {
            throw new OperationFailedException("There was no Crowd application link. This is a problem");
        }
        ApplicationLinkRequest createRequest = ((ReadOnlyApplicationLink) ofNullable.get()).createAuthenticatedRequestFactory().createRequest(methodType, str);
        createRequest.addHeader("Cookie", generateSysadminCookie().toString());
        createRequest.addHeader("Content-Type", "application/json");
        createRequest.setEntity(str2);
        createRequest.execute();
    }

    private HttpCookie generateSysadminCookie() throws InactiveAccountException, OperationFailedException, ApplicationAccessDeniedException, ApplicationPermissionException, InvalidAuthenticationException {
        return new HttpCookie("studio.crowd.tokenkey", this.crowdClientProvider.getCrowdClient().authenticateSSOUserWithoutValidatingPassword(new UserAuthenticationContext(ConfluenceApplinkServiceProvider.SYSADMIN, null, new ValidationFactor[0], "jira")));
    }
}
