package com.liferay.scim.configuration.web.internal.portlet.action;

import com.liferay.oauth.client.LocalOAuthClient;
import com.liferay.oauth2.provider.model.OAuth2Application;
import com.liferay.oauth2.provider.model.OAuth2Authorization;
import com.liferay.oauth2.provider.service.OAuth2ApplicationLocalService;
import com.liferay.oauth2.provider.service.OAuth2AuthorizationLocalService;
import com.liferay.oauth2.provider.service.OAuth2AuthorizationService;
import com.liferay.petra.string.StringBundler;
import com.liferay.portal.kernel.json.JSONFactory;
import com.liferay.portal.kernel.portlet.bridges.mvc.BaseMVCActionCommand;
import com.liferay.portal.kernel.portlet.bridges.mvc.MVCActionCommand;
import com.liferay.portal.kernel.security.auth.PrincipalException;
import com.liferay.portal.kernel.servlet.SessionErrors;
import com.liferay.portal.kernel.theme.ThemeDisplay;
import com.liferay.portal.kernel.util.DateUtil;
import com.liferay.portal.kernel.util.HashMapDictionaryBuilder;
import com.liferay.portal.kernel.util.OrderByComparator;
import com.liferay.portal.kernel.util.ParamUtil;
import com.liferay.scim.configuration.web.internal.constants.ScimWebKeys;
import com.liferay.scim.rest.util.ScimClientUtil;
import java.util.Date;
import java.util.Dictionary;
import java.util.Objects;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
import org.osgi.service.cm.Configuration;
import org.osgi.service.cm.ConfigurationAdmin;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;

@Component(property = {"javax.portlet.name=com_liferay_configuration_admin_web_portlet_InstanceSettingsPortlet", "mvc.command.name=/scim_configuration/save_scim_configuration"}, service = {MVCActionCommand.class})
/* loaded from: input_file:com/liferay/scim/configuration/web/internal/portlet/action/SaveScimConfigurationMVCActionCommand.class */
public class SaveScimConfigurationMVCActionCommand extends BaseMVCActionCommand {

    @Reference
    private ConfigurationAdmin _configurationAdmin;

    @Reference
    private JSONFactory _jsonFactory;

    @Reference
    private LocalOAuthClient _localOAuthClient;

    @Reference
    private OAuth2ApplicationLocalService _oAuth2ApplicationLocalService;

    @Reference
    private OAuth2AuthorizationLocalService _oAuth2AuthorizationLocalService;

    @Reference
    private OAuth2AuthorizationService _oAuth2AuthorizationService;

    protected void doProcessAction(ActionRequest actionRequest, ActionResponse actionResponse) throws Exception {
        ThemeDisplay themeDisplay = (ThemeDisplay) actionRequest.getAttribute("LIFERAY_SHARED_THEME_DISPLAY");
        if (!themeDisplay.getPermissionChecker().isCompanyAdmin(themeDisplay.getCompanyId())) {
            SessionErrors.add(actionRequest, PrincipalException.class);
            actionResponse.setRenderParameter("mvcPath", "/error.jsp");
            return;
        }
        String string = ParamUtil.getString(actionRequest, "cmd");
        String generateScimClientId = ScimClientUtil.generateScimClientId(ParamUtil.getString(actionRequest, "oAuth2ApplicationName"));
        if (!Objects.equals(string, "generate")) {
            if (Objects.equals(string, "revoke")) {
                this._oAuth2AuthorizationService.revokeAllOAuth2Authorizations(this._oAuth2ApplicationLocalService.getOAuth2Application(themeDisplay.getCompanyId(), generateScimClientId).getOAuth2ApplicationId());
                return;
            }
            Configuration[] listConfigurations = this._configurationAdmin.listConfigurations(StringBundler.concat(new Object[]{"(&(", "service.factoryPid", "=com.liferay.scim.rest.internal.configuration.", "ScimClientOAuth2ApplicationConfiguration)(companyId=", Long.valueOf(themeDisplay.getCompanyId()), "))"}));
            if (listConfigurations == null) {
                this._configurationAdmin.createFactoryConfiguration("com.liferay.scim.rest.internal.configuration.ScimClientOAuth2ApplicationConfiguration", "?").update(HashMapDictionaryBuilder.put("companyId", Long.valueOf(themeDisplay.getCompanyId())).put("matcherField", ParamUtil.getString(actionRequest, "matcherField")).put("oAuth2ApplicationName", ParamUtil.getString(actionRequest, "oAuth2ApplicationName")).build());
                return;
            }
            Configuration configuration = listConfigurations[0];
            Dictionary properties = configuration.getProperties();
            properties.put("matcherField", ParamUtil.getString(actionRequest, "matcherField"));
            properties.put("oAuth2ApplicationName", ParamUtil.getString(actionRequest, "oAuth2ApplicationName"));
            configuration.update(properties);
            return;
        }
        OAuth2Application oAuth2Application = this._oAuth2ApplicationLocalService.getOAuth2Application(themeDisplay.getCompanyId(), generateScimClientId);
        String string2 = this._jsonFactory.createJSONObject(this._localOAuthClient.requestTokens(oAuth2Application, oAuth2Application.getUserId())).getString("access_token");
        for (OAuth2Authorization oAuth2Authorization : this._oAuth2AuthorizationLocalService.getOAuth2Authorizations(oAuth2Application.getOAuth2ApplicationId(), -1, -1, (OrderByComparator) null)) {
            if (!Objects.equals(string2, oAuth2Authorization.getAccessTokenContent())) {
                Date accessTokenExpirationDate = oAuth2Authorization.getAccessTokenExpirationDate();
                int daysBetween = DateUtil.getDaysBetween(accessTokenExpirationDate, new Date());
                Date refreshTokenExpirationDate = oAuth2Authorization.getRefreshTokenExpirationDate();
                if (daysBetween > 10 || refreshTokenExpirationDate != null) {
                    oAuth2Authorization.setAccessTokenExpirationDate(new Date(Math.min(accessTokenExpirationDate.getTime(), System.currentTimeMillis() + 864000000)));
                    oAuth2Authorization.setRefreshTokenContent((String) null);
                    oAuth2Authorization.setRefreshTokenCreateDate((Date) null);
                    oAuth2Authorization.setRefreshTokenExpirationDate((Date) null);
                    this._oAuth2AuthorizationLocalService.updateOAuth2Authorization(oAuth2Authorization);
                }
            }
        }
        actionRequest.setAttribute(ScimWebKeys.SCIM_OAUTH2_ACCESS_TOKEN, string2);
    }
}
