package com.atlassian.mail.server.managers.jira;

import com.atlassian.annotations.VisibleForTesting;
import com.atlassian.jira.component.ComponentAccessor;
import com.atlassian.jira.service.services.mail.http.MailReader;
import com.atlassian.jira.service.services.mail.http.MailReaderFactory;
import com.atlassian.mail.MailProtocol;
import com.atlassian.mail.auth.JiraMailOAuth2Credentials;
import com.atlassian.mail.msgraph.service.ExternalMailPuller;
import com.atlassian.mail.msgraph.settings.dto.MailSettingsDTO;
import com.atlassian.mail.msgraph.settings.providers.MicrosoftOAuthMailConnectionSettingsProvider;
import com.atlassian.mail.server.MailServer;
import com.atlassian.mail.server.impl.MSGraphIncomingMailServerImpl;
import com.atlassian.oauth2.client.api.storage.TokenHandler;
import com.atlassian.oauth2.client.api.storage.token.ClientTokenStorageService;
import com.atlassian.oauth2.client.api.storage.token.exception.RecoverableTokenException;
import com.atlassian.oauth2.client.api.storage.token.exception.UnrecoverableTokenException;
import io.atlassian.fugue.Option;
import java.time.Duration;
import java.util.Optional;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/atlassian/mail/server/managers/jira/MailReaderFactoryImpl.class */
public class MailReaderFactoryImpl implements MailReaderFactory {
    private static final Logger LOGGER = LoggerFactory.getLogger(MailReaderFactoryImpl.class);
    private static final int OAUTH_REFRESH_DURATION_IN_MIN = 5;
    private ClientTokenStorageService clientTokenStorageService;
    private TokenHandler tokenHandler;

    @VisibleForTesting
    MailReaderFactoryImpl(ClientTokenStorageService clientTokenStorageService, TokenHandler tokenHandler) {
        this.tokenHandler = tokenHandler;
        this.clientTokenStorageService = clientTokenStorageService;
    }

    public MailReaderFactoryImpl() {
        init();
    }

    public Optional<MailReader> readerFor(MailServer mailServer, String str) {
        if (this.clientTokenStorageService == null || this.tokenHandler == null) {
            init();
        }
        MailSettingsDTO mailSettingsDTO = new MailSettingsDTO(mailServer.getId().longValue(), mailServer.getUsername(), 0L, mailServer.getTimeout(), str);
        if (!mailServer.getMailProtocol().equals(MailProtocol.MS_GRAPH)) {
            return Optional.empty();
        }
        JiraMailOAuth2Credentials credentials = ((MSGraphIncomingMailServerImpl) mailServer).getAuthenticationContext().getCredentials();
        return Optional.of(new MailReaderImpl((ExternalMailPuller) new MicrosoftOAuthMailConnectionSettingsProvider(mailSettingsDTO, () -> {
            return getOAuthToken(credentials.getTokenId());
        }).getHttpMailClient().get()));
    }

    private Option<String> getOAuthToken(String str) {
        if (!this.clientTokenStorageService.getById(str).isPresent()) {
            LOGGER.warn("Token with id {} cannot be found", str);
            return Option.none();
        }
        try {
            return Option.some(this.tokenHandler.getRefreshedToken(str, Duration.ofMinutes(5L)).getAccessToken());
        } catch (UnrecoverableTokenException e) {
            LOGGER.warn("OAuth token is unrecoverable - manual re-authorisation required", e);
            return Option.none();
        } catch (RecoverableTokenException e2) {
            LOGGER.warn("Recoverable exception fetching OAuth token", e2);
            return Option.none();
        }
    }

    private void init() {
        this.clientTokenStorageService = (ClientTokenStorageService) ComponentAccessor.getOSGiComponentInstanceOfType(ClientTokenStorageService.class);
        this.tokenHandler = (TokenHandler) ComponentAccessor.getOSGiComponentInstanceOfType(TokenHandler.class);
    }
}
