package com.apifest.oauth20;

import com.apifest.oauth20.api.ExceptionEventHandler;
import com.apifest.oauth20.api.LifecycleHandler;
import com.google.gson.Gson;
import com.google.gson.JsonObject;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.codehaus.jackson.JsonGenerationException;
import org.codehaus.jackson.map.JsonMappingException;
import org.codehaus.jackson.map.ObjectMapper;
import org.jboss.netty.channel.Channel;
import org.jboss.netty.channel.ChannelFuture;
import org.jboss.netty.channel.ChannelFutureListener;
import org.jboss.netty.channel.ChannelHandlerContext;
import org.jboss.netty.channel.MessageEvent;
import org.jboss.netty.channel.SimpleChannelUpstreamHandler;
import org.jboss.netty.handler.codec.http.HttpHeaders;
import org.jboss.netty.handler.codec.http.HttpMethod;
import org.jboss.netty.handler.codec.http.HttpRequest;
import org.jboss.netty.handler.codec.http.HttpResponse;
import org.jboss.netty.handler.codec.http.HttpResponseStatus;
import org.jboss.netty.handler.codec.http.QueryStringDecoder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/apifest/oauth20/HttpRequestHandler.class */
public class HttpRequestHandler extends SimpleChannelUpstreamHandler {
    protected static final String AUTH_CODE_URI = "/oauth20/auth-codes";
    protected static final String ACCESS_TOKEN_URI = "/oauth20/tokens";
    protected static final String ACCESS_TOKEN_VALIDATE_URI = "/oauth20/tokens/validate";
    protected static final String APPLICATION_URI = "/oauth20/applications";
    protected static final String ACCESS_TOKEN_REVOKE_URI = "/oauth20/tokens/revoke";
    protected static final String OAUTH_CLIENT_SCOPE_URI = "/oauth20/scopes";
    protected static final String CLIENT_CREDENTIALS_PATTERN_STRING = "[a-f[0-9]]+";
    protected Logger log = LoggerFactory.getLogger(HttpRequestHandler.class);
    protected AuthorizationServer auth = new AuthorizationServer();
    protected static final Pattern APPLICATION_PATTERN = Pattern.compile("/oauth20/applications/([a-f[0-9]]+)$");
    protected static final Pattern OAUTH_CLIENT_SCOPE_PATTERN = Pattern.compile("/oauth20/scopes/((\\p{Alnum}+-?_?)+$)");
    protected static Logger accessTokensLog = LoggerFactory.getLogger("accessTokens");

    @Override // org.jboss.netty.channel.SimpleChannelUpstreamHandler
    public void messageReceived(ChannelHandlerContext channelHandlerContext, MessageEvent messageEvent) {
        Channel channel = channelHandlerContext.getChannel();
        Object message = messageEvent.getMessage();
        if (!(message instanceof HttpRequest)) {
            this.log.info("write response here from the BE");
            return;
        }
        HttpRequest httpRequest = (HttpRequest) message;
        invokeRequestEventHandlers(httpRequest, null);
        HttpMethod method = httpRequest.getMethod();
        String uri = httpRequest.getUri();
        try {
            uri = new URI(uri).getRawPath();
        } catch (URISyntaxException e) {
            this.log.error("URI syntax exception {}", uri);
            invokeExceptionHandler(e, httpRequest);
        }
        HttpResponse handleRegister = (APPLICATION_URI.equals(uri) && method.equals(HttpMethod.POST)) ? handleRegister(httpRequest) : (AUTH_CODE_URI.equals(uri) && method.equals(HttpMethod.GET)) ? handleAuthorize(httpRequest) : (ACCESS_TOKEN_URI.equals(uri) && method.equals(HttpMethod.POST)) ? handleToken(httpRequest) : (ACCESS_TOKEN_VALIDATE_URI.equals(uri) && method.equals(HttpMethod.GET)) ? handleTokenValidate(httpRequest) : (APPLICATION_URI.equals(uri) && method.equals(HttpMethod.GET)) ? handleGetAllClientApplications(httpRequest) : (uri.startsWith(APPLICATION_URI) && method.equals(HttpMethod.GET)) ? handleGetClientApplication(httpRequest) : (ACCESS_TOKEN_REVOKE_URI.equals(uri) && method.equals(HttpMethod.POST)) ? handleTokenRevoke(httpRequest) : (OAUTH_CLIENT_SCOPE_URI.equals(uri) && method.equals(HttpMethod.GET)) ? handleGetAllScopes(httpRequest) : (OAUTH_CLIENT_SCOPE_URI.equals(uri) && method.equals(HttpMethod.POST)) ? handleRegisterScope(httpRequest) : (ACCESS_TOKEN_URI.equals(uri) && method.equals(HttpMethod.GET)) ? handleGetAccessTokens(httpRequest) : (uri.startsWith(OAUTH_CLIENT_SCOPE_URI) && method.equals(HttpMethod.PUT)) ? handleUpdateScope(httpRequest) : (uri.startsWith(OAUTH_CLIENT_SCOPE_URI) && method.equals(HttpMethod.GET)) ? handleGetScope(httpRequest) : (uri.startsWith(APPLICATION_URI) && method.equals(HttpMethod.PUT)) ? handleUpdateClientApplication(httpRequest) : (uri.startsWith(OAUTH_CLIENT_SCOPE_URI) && method.equals(HttpMethod.DELETE)) ? handleDeleteScope(httpRequest) : Response.createNotFoundResponse();
        invokeResponseEventHandlers(httpRequest, handleRegister);
        ChannelFuture write = channel.write(handleRegister);
        if (HttpHeaders.isKeepAlive(httpRequest)) {
            return;
        }
        write.addListener(ChannelFutureListener.CLOSE);
    }

    protected HttpResponse handleGetClientApplication(HttpRequest httpRequest) {
        HttpResponse httpResponse = null;
        Matcher matcher = APPLICATION_PATTERN.matcher(httpRequest.getUri());
        if (matcher.find()) {
            ApplicationInfo applicationInfo = this.auth.getApplicationInfo(matcher.group(1));
            if (applicationInfo != null) {
                try {
                    String writeValueAsString = new ObjectMapper().writeValueAsString(applicationInfo);
                    this.log.debug(writeValueAsString);
                    httpResponse = Response.createOkResponse(writeValueAsString);
                } catch (JsonGenerationException e) {
                    this.log.error("error get application info", (Throwable) e);
                    invokeExceptionHandler(e, httpRequest);
                } catch (JsonMappingException e2) {
                    this.log.error("error get application info", (Throwable) e2);
                    invokeExceptionHandler(e2, httpRequest);
                } catch (IOException e3) {
                    this.log.error("error get application info", (Throwable) e3);
                    invokeExceptionHandler(e3, httpRequest);
                }
            } else {
                httpResponse = Response.createResponse(HttpResponseStatus.NOT_FOUND, Response.CLIENT_APP_NOT_EXIST);
            }
        } else {
            httpResponse = Response.createNotFoundResponse();
        }
        return httpResponse;
    }

    protected HttpResponse handleTokenValidate(HttpRequest httpRequest) {
        HttpResponse createBadRequestResponse;
        String firstElement = QueryParameter.getFirstElement(new QueryStringDecoder(httpRequest.getUri()).getParameters(), QueryParameter.TOKEN);
        if (firstElement == null || firstElement.isEmpty()) {
            createBadRequestResponse = Response.createBadRequestResponse();
        } else {
            AccessToken isValidToken = this.auth.isValidToken(firstElement);
            if (isValidToken != null) {
                String json = new Gson().toJson(isValidToken);
                this.log.debug(json);
                createBadRequestResponse = Response.createOkResponse(json);
            } else {
                createBadRequestResponse = Response.createUnauthorizedResponse();
            }
        }
        return createBadRequestResponse;
    }

    protected HttpResponse handleToken(HttpRequest httpRequest) {
        HttpResponse httpResponse = null;
        String str = httpRequest.headers().get("Content-Type");
        if (str == null || !str.contains("application/x-www-form-urlencoded")) {
            httpResponse = Response.createResponse(HttpResponseStatus.BAD_REQUEST, Response.UNSUPPORTED_MEDIA_TYPE);
        } else {
            try {
                AccessToken issueAccessToken = this.auth.issueAccessToken(httpRequest);
                if (issueAccessToken != null) {
                    String writeValueAsString = new ObjectMapper().writeValueAsString(issueAccessToken);
                    this.log.debug("access token:" + writeValueAsString);
                    httpResponse = Response.createOkResponse(writeValueAsString);
                    accessTokensLog.debug("token {}", writeValueAsString);
                }
            } catch (OAuthException e) {
                httpResponse = Response.createOAuthExceptionResponse(e);
                invokeExceptionHandler(e, httpRequest);
            } catch (JsonGenerationException e2) {
                this.log.error("error handle token", (Throwable) e2);
                invokeExceptionHandler(e2, httpRequest);
            } catch (JsonMappingException e3) {
                this.log.error("error handle token", (Throwable) e3);
                invokeExceptionHandler(e3, httpRequest);
            } catch (IOException e4) {
                this.log.error("error handle token", (Throwable) e4);
                invokeExceptionHandler(e4, httpRequest);
            }
            if (httpResponse == null) {
                httpResponse = Response.createBadRequestResponse(Response.CANNOT_ISSUE_TOKEN);
            }
        }
        return httpResponse;
    }

    protected void invokeRequestEventHandlers(HttpRequest httpRequest, HttpResponse httpResponse) {
        invokeHandlers(httpRequest, httpResponse, LifecycleEventHandlers.getRequestEventHandlers());
    }

    protected void invokeResponseEventHandlers(HttpRequest httpRequest, HttpResponse httpResponse) {
        invokeHandlers(httpRequest, httpResponse, LifecycleEventHandlers.getResponseEventHandlers());
    }

    protected void invokeExceptionHandler(Exception exc, HttpRequest httpRequest) {
        List<Class<ExceptionEventHandler>> exceptionHandlers = LifecycleEventHandlers.getExceptionHandlers();
        for (int i = 0; i < exceptionHandlers.size(); i++) {
            try {
                exceptionHandlers.get(i).newInstance().handleException(exc, httpRequest);
            } catch (IllegalAccessException e) {
                this.log.error("cannot invoke exception handler", (Throwable) e);
                invokeExceptionHandler(exc, httpRequest);
            } catch (InstantiationException e2) {
                this.log.error("cannot instantiate exception handler", (Throwable) e2);
                invokeExceptionHandler(e2, httpRequest);
            }
        }
    }

    protected void invokeHandlers(HttpRequest httpRequest, HttpResponse httpResponse, List<Class<LifecycleHandler>> list) {
        for (int i = 0; i < list.size(); i++) {
            try {
                list.get(i).newInstance().handle(httpRequest, httpResponse);
            } catch (IllegalAccessException e) {
                this.log.error("cannot invoke handler", (Throwable) e);
                invokeExceptionHandler(e, httpRequest);
            } catch (InstantiationException e2) {
                this.log.error("cannot instantiate handler", (Throwable) e2);
                invokeExceptionHandler(e2, httpRequest);
            }
        }
    }

    protected HttpResponse handleAuthorize(HttpRequest httpRequest) {
        HttpResponse createOAuthExceptionResponse;
        try {
            String issueAuthorizationCode = this.auth.issueAuthorizationCode(httpRequest);
            this.log.debug("redirectURI: {}", issueAuthorizationCode);
            JsonObject jsonObject = new JsonObject();
            jsonObject.addProperty("redirect_uri", issueAuthorizationCode);
            createOAuthExceptionResponse = Response.createOkResponse(jsonObject.toString());
            accessTokensLog.info("authCode {}", jsonObject.toString());
        } catch (OAuthException e) {
            createOAuthExceptionResponse = Response.createOAuthExceptionResponse(e);
            invokeExceptionHandler(e, httpRequest);
        }
        return createOAuthExceptionResponse;
    }

    protected HttpResponse handleRegister(HttpRequest httpRequest) {
        HttpResponse httpResponse = null;
        try {
            String writeValueAsString = new ObjectMapper().writeValueAsString(this.auth.issueClientCredentials(httpRequest));
            this.log.debug("credentials:" + writeValueAsString);
            httpResponse = Response.createOkResponse(writeValueAsString);
        } catch (OAuthException e) {
            httpResponse = Response.createOAuthExceptionResponse(e);
            invokeExceptionHandler(e, httpRequest);
        } catch (JsonGenerationException e2) {
            this.log.error("error handle register", (Throwable) e2);
            invokeExceptionHandler(e2, httpRequest);
        } catch (JsonMappingException e3) {
            this.log.error("error handle register", (Throwable) e3);
            invokeExceptionHandler(e3, httpRequest);
        } catch (IOException e4) {
            this.log.error("error handle register", (Throwable) e4);
            invokeExceptionHandler(e4, httpRequest);
        }
        if (httpResponse == null) {
            httpResponse = Response.createBadRequestResponse(Response.CANNOT_REGISTER_APP);
        }
        return httpResponse;
    }

    protected HttpResponse handleTokenRevoke(HttpRequest httpRequest) {
        try {
            return Response.createOkResponse("{\"revoked\":\"" + this.auth.revokeToken(httpRequest) + "\"}");
        } catch (OAuthException e) {
            this.log.error("cannot revoke token", (Throwable) e);
            invokeExceptionHandler(e, httpRequest);
            return Response.createOAuthExceptionResponse(e);
        }
    }

    protected HttpResponse handleRegisterScope(HttpRequest httpRequest) {
        HttpResponse createResponse;
        try {
            createResponse = Response.createOkResponse(getScopeService().registerScope(httpRequest));
        } catch (OAuthException e) {
            invokeExceptionHandler(e, httpRequest);
            createResponse = Response.createResponse(e.getHttpStatus(), e.getMessage());
        }
        return createResponse;
    }

    protected HttpResponse handleUpdateScope(HttpRequest httpRequest) {
        HttpResponse createNotFoundResponse;
        Matcher matcher = OAUTH_CLIENT_SCOPE_PATTERN.matcher(httpRequest.getUri());
        if (matcher.find()) {
            try {
                createNotFoundResponse = Response.createOkResponse(getScopeService().updateScope(httpRequest, matcher.group(1)));
            } catch (OAuthException e) {
                invokeExceptionHandler(e, httpRequest);
                createNotFoundResponse = Response.createResponse(e.getHttpStatus(), e.getMessage());
            }
        } else {
            createNotFoundResponse = Response.createNotFoundResponse();
        }
        return createNotFoundResponse;
    }

    protected HttpResponse handleGetAllScopes(HttpRequest httpRequest) {
        HttpResponse createResponse;
        try {
            createResponse = Response.createOkResponse(getScopeService().getScopes(httpRequest));
        } catch (OAuthException e) {
            invokeExceptionHandler(e, httpRequest);
            createResponse = Response.createResponse(e.getHttpStatus(), e.getMessage());
        }
        return createResponse;
    }

    protected HttpResponse handleGetScope(HttpRequest httpRequest) {
        HttpResponse createNotFoundResponse;
        Matcher matcher = OAUTH_CLIENT_SCOPE_PATTERN.matcher(httpRequest.getUri());
        if (matcher.find()) {
            try {
                createNotFoundResponse = Response.createOkResponse(getScopeService().getScopeByName(matcher.group(1)));
            } catch (OAuthException e) {
                invokeExceptionHandler(e, httpRequest);
                createNotFoundResponse = Response.createResponse(e.getHttpStatus(), e.getMessage());
            }
        } else {
            createNotFoundResponse = Response.createNotFoundResponse();
        }
        return createNotFoundResponse;
    }

    protected HttpResponse handleDeleteScope(HttpRequest httpRequest) {
        HttpResponse createNotFoundResponse;
        Matcher matcher = OAUTH_CLIENT_SCOPE_PATTERN.matcher(httpRequest.getUri());
        if (matcher.find()) {
            try {
                createNotFoundResponse = Response.createOkResponse(getScopeService().deleteScope(matcher.group(1)));
            } catch (OAuthException e) {
                invokeExceptionHandler(e, httpRequest);
                createNotFoundResponse = Response.createResponse(e.getHttpStatus(), e.getMessage());
            }
        } else {
            createNotFoundResponse = Response.createNotFoundResponse();
        }
        return createNotFoundResponse;
    }

    protected ScopeService getScopeService() {
        return new ScopeService();
    }

    protected HttpResponse handleUpdateClientApplication(HttpRequest httpRequest) {
        HttpResponse httpResponse = null;
        Matcher matcher = APPLICATION_PATTERN.matcher(httpRequest.getUri());
        if (matcher.find()) {
            try {
                if (this.auth.updateClientApp(httpRequest, matcher.group(1))) {
                    httpResponse = Response.createOkResponse(Response.CLIENT_APP_UPDATED);
                }
            } catch (OAuthException e) {
                httpResponse = Response.createOAuthExceptionResponse(e);
                invokeExceptionHandler(e, httpRequest);
            }
        } else {
            httpResponse = Response.createNotFoundResponse();
        }
        return httpResponse;
    }

    protected HttpResponse handleGetAllClientApplications(HttpRequest httpRequest) {
        HttpResponse createResponse;
        try {
            createResponse = Response.createOkResponse(new ObjectMapper().writeValueAsString(filterClientApps(httpRequest, DBManagerFactory.getInstance().getAllApplications())));
        } catch (JsonGenerationException e) {
            this.log.error("cannot list client applications", (Throwable) e);
            invokeExceptionHandler(e, httpRequest);
            createResponse = Response.createResponse(HttpResponseStatus.BAD_REQUEST, Response.CANNOT_LIST_CLIENT_APPS);
        } catch (JsonMappingException e2) {
            this.log.error("cannot list client applications", (Throwable) e2);
            invokeExceptionHandler(e2, httpRequest);
            createResponse = Response.createResponse(HttpResponseStatus.BAD_REQUEST, Response.CANNOT_LIST_CLIENT_APPS);
        } catch (IOException e3) {
            this.log.error("cannot list client applications", (Throwable) e3);
            invokeExceptionHandler(e3, httpRequest);
            createResponse = Response.createResponse(HttpResponseStatus.BAD_REQUEST, Response.CANNOT_LIST_CLIENT_APPS);
        }
        return createResponse;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v11, types: [java.util.List] */
    /* JADX WARN: Type inference failed for: r0v15, types: [java.util.List] */
    protected List<ApplicationInfo> filterClientApps(HttpRequest httpRequest, List<ApplicationInfo> list) {
        ArrayList arrayList = new ArrayList();
        Map<String, List<String>> parameters = new QueryStringDecoder(httpRequest.getUri()).getParameters();
        if (parameters != null) {
            String firstElement = QueryParameter.getFirstElement(parameters, ApplicationInfo.JSON_STATUS);
            if (firstElement == null || firstElement.isEmpty()) {
                arrayList = Collections.unmodifiableList(list);
            } else {
                try {
                    Integer valueOf = Integer.valueOf(firstElement);
                    for (ApplicationInfo applicationInfo : list) {
                        if (applicationInfo.getStatus() == valueOf) {
                            arrayList.add(applicationInfo);
                        }
                    }
                } catch (NumberFormatException e) {
                    arrayList = Collections.unmodifiableList(list);
                }
            }
        }
        return arrayList;
    }

    protected HttpResponse handleGetAccessTokens(HttpRequest httpRequest) {
        Map<String, List<String>> parameters = new QueryStringDecoder(httpRequest.getUri()).getParameters();
        String firstElement = QueryParameter.getFirstElement(parameters, QueryParameter.CLIENT_ID);
        String firstElement2 = QueryParameter.getFirstElement(parameters, QueryParameter.USER_ID);
        return (firstElement == null || firstElement.isEmpty()) ? Response.createBadRequestResponse(String.format(Response.MANDATORY_PARAM_MISSING, QueryParameter.CLIENT_ID)) : (firstElement2 == null || firstElement2.isEmpty()) ? Response.createBadRequestResponse(String.format(Response.MANDATORY_PARAM_MISSING, QueryParameter.USER_ID)) : !this.auth.isExistingClient(firstElement) ? Response.createBadRequestResponse("{\"error\": \"invalid client_id/client_secret\"}") : Response.createOkResponse(new Gson().toJson(DBManagerFactory.getInstance().getAccessTokenByUserIdAndClientApp(firstElement2, firstElement)));
    }
}
