package com.atlassian.applinks.oauth.auth;

import com.atlassian.applinks.api.ApplicationId;
import com.atlassian.applinks.api.ApplicationLink;
import com.atlassian.applinks.api.ApplicationLinkService;
import com.atlassian.applinks.api.TypeNotInstalledException;
import com.atlassian.applinks.api.auth.types.OAuthAuthenticationProvider;
import com.atlassian.applinks.core.auth.InternalOrphanedTrustDetector;
import com.atlassian.applinks.core.auth.OrphanedTrustCertificate;
import com.atlassian.applinks.oauth.auth.servlets.consumer.AddServiceProviderManuallyServlet;
import com.atlassian.applinks.spi.auth.AuthenticationConfigurationManager;
import com.atlassian.oauth.Consumer;
import com.atlassian.oauth.consumer.ConsumerService;
import com.atlassian.oauth.serviceprovider.ServiceProviderConsumerStore;
import com.google.common.collect.ImmutableMap;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/applinks-oauth-plugin-5.0.0.jar:com/atlassian/applinks/oauth/auth/OAuthOrphanedTrustDetector.class */
public class OAuthOrphanedTrustDetector implements InternalOrphanedTrustDetector {
    private final ApplicationLinkService applicationLinkService;
    private final ServiceProviderConsumerStore serviceProviderConsumerStore;
    private final ServiceProviderStoreService serviceProviderStoreService;
    private final ConsumerService consumerService;
    private final AuthenticationConfigurationManager authenticationConfigurationManager;
    private static final Logger log = LoggerFactory.getLogger((Class<?>) OAuthOrphanedTrustDetector.class);

    public OAuthOrphanedTrustDetector(ApplicationLinkService applicationLinkService, ServiceProviderConsumerStore serviceProviderConsumerStore, ServiceProviderStoreService serviceProviderStoreService, ConsumerService consumerService, AuthenticationConfigurationManager authenticationConfigurationManager) {
        this.applicationLinkService = applicationLinkService;
        this.serviceProviderConsumerStore = serviceProviderConsumerStore;
        this.serviceProviderStoreService = serviceProviderStoreService;
        this.consumerService = consumerService;
        this.authenticationConfigurationManager = authenticationConfigurationManager;
    }

    @Override // com.atlassian.applinks.core.auth.OrphanedTrustDetector
    public List<OrphanedTrustCertificate> findOrphanedTrustCertificates() {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(findOrphanedOAuthConsumers());
        arrayList.addAll(findOrphanedOAuthServiceProviders());
        return arrayList;
    }

    private List<OrphanedTrustCertificate> findOrphanedOAuthServiceProviders() {
        ArrayList arrayList = new ArrayList();
        List<String> findRegisteredServiceProviders = findRegisteredServiceProviders();
        for (Consumer consumer : this.consumerService.getAllServiceProviders()) {
            if (!findRegisteredServiceProviders.contains(consumer.getKey())) {
                log.debug("Found orphaned Service Provider with consumer key '" + consumer.getKey() + "' and name '" + consumer.getName() + "'");
                arrayList.add(new OrphanedTrustCertificate(consumer.getKey(), consumer.getDescription(), OrphanedTrustCertificate.Type.OAUTH_SERVICE_PROVIDER));
            }
        }
        return arrayList;
    }

    private List<String> findRegisteredServiceProviders() {
        ArrayList arrayList = new ArrayList();
        for (ApplicationLink applicationLink : this.applicationLinkService.getApplicationLinks()) {
            if (this.authenticationConfigurationManager.isConfigured(applicationLink.getId(), OAuthAuthenticationProvider.class)) {
                arrayList.add((String) this.authenticationConfigurationManager.getConfiguration(applicationLink.getId(), OAuthAuthenticationProvider.class).get(AddServiceProviderManuallyServlet.CONSUMER_KEY_OUTBOUND));
            }
        }
        return arrayList;
    }

    private List<OrphanedTrustCertificate> findOrphanedOAuthConsumers() {
        ArrayList arrayList = new ArrayList();
        HashSet hashSet = new HashSet();
        Iterator it = this.applicationLinkService.getApplicationLinks().iterator();
        while (it.hasNext()) {
            Consumer consumer = this.serviceProviderStoreService.getConsumer((ApplicationLink) it.next());
            if (consumer != null) {
                hashSet.add(consumer.getKey());
            }
        }
        for (Consumer consumer2 : this.serviceProviderConsumerStore.getAll()) {
            if (!hashSet.contains(consumer2.getKey())) {
                arrayList.add(new OrphanedTrustCertificate(consumer2.getKey(), consumer2.getDescription(), OrphanedTrustCertificate.Type.OAUTH));
            }
        }
        return arrayList;
    }

    @Override // com.atlassian.applinks.core.auth.OrphanedTrustDetector
    public void deleteTrustCertificate(String str, OrphanedTrustCertificate.Type type) {
        checkCertificateType(type);
        if (type == OrphanedTrustCertificate.Type.OAUTH) {
            this.serviceProviderConsumerStore.remove(str);
        } else if (type == OrphanedTrustCertificate.Type.OAUTH_SERVICE_PROVIDER) {
            this.consumerService.removeConsumerByKey(str);
        }
    }

    private void checkCertificateType(OrphanedTrustCertificate.Type type) {
        if (!canHandleCertificateType(type)) {
            throw new IllegalArgumentException("Unsupported type: " + type);
        }
    }

    @Override // com.atlassian.applinks.core.auth.OrphanedTrustDetector
    public boolean canHandleCertificateType(OrphanedTrustCertificate.Type type) {
        return type == OrphanedTrustCertificate.Type.OAUTH || type == OrphanedTrustCertificate.Type.OAUTH_SERVICE_PROVIDER;
    }

    @Override // com.atlassian.applinks.core.auth.OrphanedTrustDetector
    public void addOrphanedTrustToApplicationLink(String str, OrphanedTrustCertificate.Type type, ApplicationId applicationId) {
        checkCertificateType(type);
        try {
            ApplicationLink applicationLink = this.applicationLinkService.getApplicationLink(applicationId);
            if (applicationLink == null) {
                throw new RuntimeException("No Application Link with id '" + applicationId + "' found.");
            }
            if (type == OrphanedTrustCertificate.Type.OAUTH) {
                registerOAuthConsumer(str, applicationLink);
            } else if (type == OrphanedTrustCertificate.Type.OAUTH_SERVICE_PROVIDER) {
                registerOAuthServiceProvider(str, applicationLink);
            }
        } catch (TypeNotInstalledException e) {
            throw new IllegalStateException("An application of the type " + e.getType() + " is not installed!", e);
        }
    }

    private void registerOAuthServiceProvider(String str, ApplicationLink applicationLink) {
        Consumer consumerByKey = this.consumerService.getConsumerByKey(str);
        this.authenticationConfigurationManager.registerProvider(applicationLink.getId(), OAuthAuthenticationProvider.class, ImmutableMap.of(AddServiceProviderManuallyServlet.CONSUMER_KEY_OUTBOUND, consumerByKey.getKey(), AddServiceProviderManuallyServlet.SERVICE_PROVIDER_REQUEST_TOKEN_URL, applicationLink.getRpcUrl() + "/request/token", AddServiceProviderManuallyServlet.SERVICE_PROVIDER_ACCESS_TOKEN_URL, applicationLink.getRpcUrl() + "/access/token", AddServiceProviderManuallyServlet.SERVICE_PROVIDER_AUTHORIZE_URL, applicationLink.getDisplayUrl() + "/authorize/token"));
        log.debug("Associated OAuth ServiceProvider with consumer key '" + consumerByKey.getKey() + "' with Application Link id='" + applicationLink.getId() + "' and name='" + applicationLink.getName() + "'");
    }

    private void registerOAuthConsumer(String str, ApplicationLink applicationLink) {
        Consumer consumer = this.serviceProviderConsumerStore.get(str);
        if (consumer == null) {
            throw new RuntimeException("No consumer with key '" + consumer.getKey() + "' registered!");
        }
        this.serviceProviderStoreService.addConsumer(consumer, applicationLink);
        log.debug("Associated OAuth Consumer with key '" + consumer.getKey() + "' with Application Link id='" + applicationLink.getId() + "' and name='" + applicationLink.getName() + "'");
    }
}
