package com.atlassian.plugin.connect.plugin.auth.oauth2;

import com.atlassian.oauth.consumer.ConsumerService;
import com.atlassian.plugin.connect.modules.beans.OAuthClient;
import com.atlassian.plugin.connect.plugin.ConnectAddonInformationProvider;
import com.atlassian.plugin.connect.plugin.auth.SharedSecretService;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
import com.google.gson.Gson;
import com.google.gson.JsonSyntaxException;
import java.nio.ByteBuffer;
import java.nio.charset.Charset;
import java.util.Base64;
import java.util.Optional;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-connect-server-plugin-2.0.0-39bf8e4.jar:com/atlassian/plugin/connect/plugin/auth/oauth2/OAuthClientManagerImpl.class */
public class OAuthClientManagerImpl implements OAuthClientManager {
    private final ConsumerService consumerService;
    private final SharedSecretService secretService;
    private final ConnectAddonInformationProvider connectAddonInfoProvider;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-connect-server-plugin-2.0.0-39bf8e4.jar:com/atlassian/plugin/connect/plugin/auth/oauth2/OAuthClientManagerImpl$DerivedClientId.class */
    public static class DerivedClientId {
        private static final Charset UTF8 = Charset.forName("UTF-8");
        String hostKey;
        String addonKey;

        private DerivedClientId() {
        }

        static String toBase64ClientIdJsonString(String str, String str2) {
            return Base64.getEncoder().encodeToString(toClientIdJsonString(str, str2).getBytes(UTF8));
        }

        static DerivedClientId fromBase64ClientIdString(String str) {
            return fromClientIdString(UTF8.decode(ByteBuffer.wrap(Base64.getDecoder().decode(str))).toString());
        }

        private static String toClientIdJsonString(String str, String str2) {
            DerivedClientId derivedClientId = new DerivedClientId();
            derivedClientId.addonKey = str2;
            derivedClientId.hostKey = str;
            return new Gson().toJson(derivedClientId);
        }

        private static DerivedClientId fromClientIdString(String str) {
            try {
                return (DerivedClientId) new Gson().fromJson(str, DerivedClientId.class);
            } catch (JsonSyntaxException e) {
                throw new IllegalArgumentException("Invalid clientId: " + str, e);
            }
        }
    }

    @Autowired
    public OAuthClientManagerImpl(ConsumerService consumerService, SharedSecretService sharedSecretService, ConnectAddonInformationProvider connectAddonInformationProvider) {
        this.consumerService = consumerService;
        this.secretService = sharedSecretService;
        this.connectAddonInfoProvider = connectAddonInformationProvider;
    }

    @Override // com.atlassian.plugin.connect.plugin.auth.oauth2.OAuthClientManager
    public OAuthClient createNewClient(String str) {
        Preconditions.checkArgument(StringUtils.isNotEmpty(str), "Invalid addonKey: " + str);
        return new OAuthClient(createOAuthClientId(str), this.secretService.next());
    }

    @Override // com.atlassian.plugin.connect.plugin.auth.oauth2.OAuthClientManager
    public OAuthClient updateSecret(OAuthClient oAuthClient) {
        return oAuthClient.withNewSecret(this.secretService.next());
    }

    @Override // com.atlassian.plugin.connect.plugin.auth.oauth2.OAuthClientManager
    public Optional<OAuthClient> findByClientId(String str) {
        try {
            return this.connectAddonInfoProvider.getSharedSecret(DerivedClientId.fromBase64ClientIdString(str).addonKey).map(str2 -> {
                return new OAuthClient(str, str2);
            });
        } catch (IllegalArgumentException e) {
            return Optional.empty();
        }
    }

    @Override // com.atlassian.plugin.connect.plugin.auth.oauth2.OAuthClientManager
    public Optional<String> findAddonKeyByClientId(String str) {
        try {
            return Optional.of(DerivedClientId.fromBase64ClientIdString(str).addonKey);
        } catch (IllegalArgumentException e) {
            return Optional.empty();
        }
    }

    @Override // com.atlassian.plugin.connect.plugin.auth.oauth2.OAuthClientManager
    public OAuthClient createNewClientWithExistingSecret(String str, String str2) {
        return new OAuthClient(createOAuthClientId(str), str2);
    }

    private String getHostClientKey() {
        return this.consumerService.getConsumer().getKey();
    }

    private String createOAuthClientId(String str) {
        return generateClientId(getHostClientKey(), str);
    }

    private String generateClientId(String str, String str2) {
        return DerivedClientId.toBase64ClientIdJsonString(str, str2);
    }

    @VisibleForTesting
    public static boolean parsesAndPassesSanityCheckForTestPurposesOnly(String str) {
        DerivedClientId fromBase64ClientIdString = DerivedClientId.fromBase64ClientIdString(str);
        return (Strings.isNullOrEmpty(fromBase64ClientIdString.addonKey) || Strings.isNullOrEmpty(fromBase64ClientIdString.hostKey)) ? false : true;
    }
}
