package org.ow2.contrail.common.oauth.client;

import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.net.URI;
import java.security.KeyStore;
import java.security.Security;
import java.util.ArrayList;
import java.util.Date;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.auth.Credentials;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
import org.apache.http.message.BasicNameValuePair;
import org.apache.log4j.Logger;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.json.JSONException;
import org.json.JSONObject;
import org.ow2.contrail.common.oauth.client.exceptions.UnauthorizedException;

/* loaded from: input_file:WEB-INF/lib/oauth-java-client-0.1-SNAPSHOT.jar:org/ow2/contrail/common/oauth/client/CCFlowClient.class */
public class CCFlowClient {
    private static Logger log = Logger.getLogger(CCFlowClient.class);
    private URI tokenEndpointUri;
    private String keystoreFile;
    private String keystorePass;
    private String truststoreFile;
    private String truststorePass;
    private String clientId;
    private String clientSecret;

    public CCFlowClient(URI uri) throws Exception {
        if (uri.getScheme().equals("https")) {
            throw new Exception("Keystore and truststore are required for https connection.");
        }
        this.tokenEndpointUri = uri;
    }

    public CCFlowClient(URI uri, String str, String str2, String str3, String str4) {
        this.tokenEndpointUri = uri;
        this.keystoreFile = str;
        this.keystorePass = str2;
        this.truststoreFile = str3;
        this.truststorePass = str4;
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }

    public void setClientId(String str) {
        this.clientId = str;
    }

    public void setClientSecret(String str) {
        this.clientSecret = str;
    }

    public AccessToken requestAccessToken(String str, String str2) throws Exception {
        DefaultHttpClient defaultHttpClient;
        HttpPost httpPost = new HttpPost(this.tokenEndpointUri);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair("grant_type", "client_credentials"));
        if (str != null) {
            arrayList.add(new BasicNameValuePair("resource_owner", str));
        }
        if (str2 != null) {
            arrayList.add(new BasicNameValuePair("scope", str2));
        }
        httpPost.setEntity(new UrlEncodedFormEntity(arrayList, "UTF-8"));
        httpPost.addHeader(BasicScheme.authenticate((Credentials) new UsernamePasswordCredentials(this.clientId, this.clientSecret), "UTF-8", false));
        if (this.tokenEndpointUri.getScheme().equals("https")) {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(new FileInputStream(this.keystoreFile), this.keystorePass.toCharArray());
            KeyStore keyStore2 = KeyStore.getInstance("JKS");
            keyStore2.load(new FileInputStream(this.truststoreFile), this.truststorePass.toCharArray());
            SSLSocketFactory sSLSocketFactory = new SSLSocketFactory(SSLSocketFactory.TLS, keyStore, this.keystorePass, keyStore2, null, null, SSLSocketFactory.STRICT_HOSTNAME_VERIFIER);
            SchemeRegistry schemeRegistry = new SchemeRegistry();
            schemeRegistry.register(new Scheme("https", this.tokenEndpointUri.getPort(), sSLSocketFactory));
            defaultHttpClient = new DefaultHttpClient(new ThreadSafeClientConnManager(schemeRegistry));
        } else {
            defaultHttpClient = new DefaultHttpClient();
        }
        HttpResponse execute = defaultHttpClient.execute(httpPost);
        HttpEntity entity = execute.getEntity();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        entity.writeTo(byteArrayOutputStream);
        String byteArrayOutputStream2 = byteArrayOutputStream.toString();
        if (execute.getStatusLine().getStatusCode() == 200) {
            try {
                JSONObject jSONObject = new JSONObject(byteArrayOutputStream2);
                AccessToken accessToken = new AccessToken();
                accessToken.setValue(jSONObject.getString("access_token"));
                Date date = new Date();
                int i = jSONObject.getInt("expires_in");
                Date date2 = new Date(date.getTime() + (i * 1000));
                accessToken.setExpiresIn(i);
                accessToken.setExpireTime(date2);
                log.debug("Access token has been obtained successfully: " + accessToken.toJson());
                return accessToken;
            } catch (JSONException e) {
                String format = String.format("Invalid response received from the Authorization Server: %s", e.getMessage());
                log.error(format + ": " + byteArrayOutputStream2, e);
                throw new Exception(format);
            }
        }
        if (execute.getStatusLine().getStatusCode() != 400) {
            if (execute.getStatusLine().getStatusCode() == 403) {
                String str3 = "The request for access token has been refused" + (byteArrayOutputStream2 != null ? ": " + byteArrayOutputStream2 : ".");
                log.debug(str3);
                throw new UnauthorizedException(str3);
            }
            String str4 = "Unexpected response from the Authorization server: " + execute.getStatusLine();
            log.debug(str4 + ": " + byteArrayOutputStream2);
            throw new Exception(str4);
        }
        try {
            JSONObject jSONObject2 = new JSONObject(byteArrayOutputStream2);
            String str5 = "Error response received from the Authorization Server: " + jSONObject2.getString("error");
            if (jSONObject2.has("error_description")) {
                str5 = str5 + ": " + jSONObject2.getString("error_description");
            }
            log.debug(str5);
            throw new UnauthorizedException(str5);
        } catch (JSONException e2) {
            String format2 = String.format("Invalid response received from the Authorization Server: %s", e2.getMessage());
            log.error(format2 + ": " + byteArrayOutputStream2, e2);
            throw new Exception(format2);
        }
    }
}
