package org.ametys.plugins.captchetat.captcha;

import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.time.Duration;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import org.ametys.core.cache.AbstractCacheManager;
import org.ametys.core.cache.Cache;
import org.ametys.core.util.JSONUtils;
import org.ametys.runtime.config.Config;
import org.ametys.runtime.i18n.I18nizableText;
import org.ametys.runtime.plugin.component.AbstractLogEnabled;
import org.apache.avalon.framework.activity.Initializable;
import org.apache.avalon.framework.component.Component;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceManager;
import org.apache.avalon.framework.service.Serviceable;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;

/* loaded from: input_file:org/ametys/plugins/captchetat/captcha/CaptchEtatHelper.class */
public class CaptchEtatHelper extends AbstractLogEnabled implements Component, Initializable, Serviceable {
    private static final String CAPTCHA_CLIENT_ID = "captchetat.client_id";
    private static final String CAPTCHA_CLIENT_SECRET = "captchetat.client_secret";
    private static final String CAPTCHA_ENDPOINT = "captchetat.endpoint";
    protected Endpoint _endpoint;
    private AbstractCacheManager _cacheManager;
    private CloseableHttpClient _httpClient;
    private JSONUtils _jsonUtils;
    public static final String ROLE = CaptchEtatHelper.class.getName();
    public static final String CAPCHETAT_TOKEN_CACHE = CaptchetatReader.class.getName();
    private static final Map<Endpoint, String> CAPTCHA_ENDPOINT_AUTH = Map.of(Endpoint.PRODUCTION, "https://oauth.piste.gouv.fr/api/oauth/token", Endpoint.SANDBOX, "https://sandbox-oauth.piste.gouv.fr/api/oauth/token");
    private static final Map<Endpoint, String> CAPTCHA_ENDPOINT_PISTE = Map.of(Endpoint.PRODUCTION, "https://api.piste.gouv.fr/piste/captchetat/v2/", Endpoint.SANDBOX, "https://sandbox-api.piste.gouv.fr/piste/captchetat/v2/");

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:org/ametys/plugins/captchetat/captcha/CaptchEtatHelper$Endpoint.class */
    public enum Endpoint {
        PRODUCTION,
        SANDBOX
    }

    public void service(ServiceManager serviceManager) throws ServiceException {
        this._jsonUtils = (JSONUtils) serviceManager.lookup(JSONUtils.ROLE);
        this._cacheManager = (AbstractCacheManager) serviceManager.lookup(AbstractCacheManager.ROLE);
    }

    public void initialize() {
        String str;
        Duration ofMinutes = Duration.ofMinutes(50L);
        if (!this._cacheManager.hasCache(CAPCHETAT_TOKEN_CACHE)) {
            this._cacheManager.createMemoryCache(CAPCHETAT_TOKEN_CACHE, new I18nizableText("plugin.captchetat", "PLUGINS_CAPTCHETAT_CACHE_TOKEN_LABEL"), new I18nizableText("plugin.captchetat", "PLUGINS_CAPTCHETAT_CACHE_TOKEN_DESCRIPTION"), true, ofMinutes);
        }
        this._httpClient = HttpClientBuilder.create().setDefaultRequestConfig(RequestConfig.custom().setConnectTimeout(20000).setConnectionRequestTimeout(20000).setSocketTimeout(20000).build()).disableRedirectHandling().useSystemProperties().build();
        Config config = Config.getInstance();
        if (config == null || (str = (String) config.getValue(CAPTCHA_ENDPOINT)) == null) {
            return;
        }
        this._endpoint = Endpoint.valueOf(str.toUpperCase());
    }

    private Cache<Pair<String, String>, String> _getCache() {
        return this._cacheManager.get(CAPCHETAT_TOKEN_CACHE);
    }

    private String _getToken(Pair<String, String> pair) {
        return (String) _getCache().get(pair, this::_computeToken);
    }

    private String _computeToken(Pair<String, String> pair) {
        HttpPost httpPost = new HttpPost(CAPTCHA_ENDPOINT_AUTH.get(this._endpoint));
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair("grant_type", "client_credentials"));
        arrayList.add(new BasicNameValuePair("client_id", (String) pair.getLeft()));
        arrayList.add(new BasicNameValuePair("client_secret", (String) pair.getRight()));
        arrayList.add(new BasicNameValuePair("scope", "piste.captchetat"));
        try {
            httpPost.setEntity(new UrlEncodedFormEntity(arrayList));
            try {
                CloseableHttpResponse execute = this._httpClient.execute(httpPost);
                try {
                    String entityUtils = EntityUtils.toString(execute.getEntity(), "UTF-8");
                    switch (execute.getStatusLine().getStatusCode()) {
                        case 200:
                            String str = (String) this._jsonUtils.convertJsonToMap(entityUtils).get("access_token");
                            if (execute != null) {
                                execute.close();
                            }
                            return str;
                        case 403:
                            throw new IllegalStateException("The CMS back-office refused the connection");
                        case 500:
                        default:
                            throw new IllegalStateException("The captchEtat token generator server returned an error " + execute.getStatusLine().getStatusCode() + ": " + entityUtils);
                    }
                } finally {
                }
            } catch (Exception e) {
                throw new RuntimeException("Error during request, can't compute token", e);
            }
        } catch (UnsupportedEncodingException e2) {
            throw new RuntimeException("Error while building request, can't compute token", e2);
        }
    }

    public String getToken() {
        return _getToken(Pair.of((String) Config.getInstance().getValue(CAPTCHA_CLIENT_ID), (String) Config.getInstance().getValue(CAPTCHA_CLIENT_SECRET)));
    }

    public String getEndpoint() {
        return CAPTCHA_ENDPOINT_PISTE.get(this._endpoint);
    }

    public boolean checkAndInvalidateCaptcha(String str, String str2) {
        HttpPost httpPost = new HttpPost(getEndpoint() + "valider-captcha");
        httpPost.addHeader("Authorization", "Bearer " + getToken());
        httpPost.addHeader("accept", "application/json");
        httpPost.addHeader("Content-Type", "application/json");
        HashMap hashMap = new HashMap();
        hashMap.put(_getIdentifierParameterName(), str);
        hashMap.put("code", str2);
        httpPost.setEntity(new StringEntity(this._jsonUtils.convertObjectToJson(hashMap), ContentType.create("application/json", StandardCharsets.UTF_8)));
        try {
            CloseableHttpResponse execute = this._httpClient.execute(httpPost);
            try {
                switch (execute.getStatusLine().getStatusCode()) {
                    case 200:
                        boolean z = BooleanUtils.toBoolean(EntityUtils.toString(execute.getEntity(), "UTF-8"));
                        if (execute != null) {
                            execute.close();
                        }
                        return z;
                    case 403:
                        throw new IllegalStateException("The CMS back-office refused the connection");
                    case 500:
                    default:
                        throw new IllegalStateException("The captchEtat verification server returned an error");
                }
            } finally {
            }
        } catch (Exception e) {
            getLogger().error("Error during request, can't verify captcha", e);
            return false;
        }
    }

    protected String _getIdentifierParameterName() {
        return "uuid";
    }
}
