package com.checkmarx.sdk.service;

import com.checkmarx.sdk.config.CxProperties;
import com.checkmarx.sdk.dto.cx.CxAuthResponse;
import com.checkmarx.sdk.exception.CheckmarxLegacyException;
import com.checkmarx.sdk.exception.InvalidCredentialsException;
import com.checkmarx.sdk.utils.ScanUtils;
import java.time.LocalDateTime;
import java.util.Map;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Service;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.web.client.HttpStatusCodeException;
import org.springframework.web.client.RestTemplate;

@Service
/* loaded from: input_file:com/checkmarx/sdk/service/CxAuthService.class */
public class CxAuthService implements CxAuthClient {
    private static final String LOGIN = "/auth/identity/connect/token";
    private static final String DEFAULT_TOKEN = "DEFAULT";
    private final CxProperties cxProperties;
    private final CxLegacyService cxLegacyService;
    private final RestTemplate restTemplate;
    private Map<String, String> tokens;
    private static final Logger log = LoggerFactory.getLogger(CxAuthService.class);
    private static final Integer LEGACY_SESSION_TIME = 5;
    private String token = null;
    private String session = null;
    private LocalDateTime tokenExpires = null;
    private LocalDateTime sessionTokenExpires = null;

    public CxAuthService(CxProperties cxProperties, CxLegacyService cxLegacyService, @Qualifier("cxRestTemplate") RestTemplate restTemplate) {
        this.cxProperties = cxProperties;
        this.cxLegacyService = cxLegacyService;
        this.restTemplate = restTemplate;
    }

    private void getAuthToken() {
        getAuthToken(this.cxProperties.getUsername(), this.cxProperties.getPassword(), this.cxProperties.getClientId(), this.cxProperties.getClientSecret(), this.cxProperties.getScope());
    }

    @Override // com.checkmarx.sdk.service.CxAuthClient
    public String getAuthToken(String str, String str2, String str3, String str4, String str5) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
        LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
        linkedMultiValueMap.add("username", str);
        linkedMultiValueMap.add("password", str2);
        linkedMultiValueMap.add("grant_type", "password");
        linkedMultiValueMap.add("scope", this.cxProperties.getScope());
        linkedMultiValueMap.add("client_id", str3);
        if (!ScanUtils.empty(this.cxProperties.getClientSecret())) {
            linkedMultiValueMap.add("client_secret", str4);
        }
        HttpEntity httpEntity = new HttpEntity(linkedMultiValueMap, httpHeaders);
        try {
            log.info("Logging into Checkmarx {}", this.cxProperties.getUrl().concat(LOGIN));
            CxAuthResponse cxAuthResponse = (CxAuthResponse) this.restTemplate.postForObject(this.cxProperties.getUrl().concat(LOGIN), httpEntity, CxAuthResponse.class, new Object[0]);
            if (cxAuthResponse == null) {
                throw new InvalidCredentialsException();
            }
            this.token = cxAuthResponse.getAccessToken();
            this.tokenExpires = LocalDateTime.now().plusSeconds(cxAuthResponse.getExpiresIn().longValue() - 500);
            return this.token;
        } catch (NullPointerException | HttpStatusCodeException e) {
            log.error("Error occurred white obtaining Access Token.  Possibly incorrect credentials");
            log.error(ExceptionUtils.getStackTrace(e));
            throw new InvalidCredentialsException();
        }
    }

    @Override // com.checkmarx.sdk.service.CxAuthClient
    public String getCurrentToken() {
        return this.token;
    }

    @Override // com.checkmarx.sdk.service.CxAuthClient
    public String legacyLogin(String str, String str2) throws InvalidCredentialsException {
        try {
            this.session = this.cxLegacyService.login(str, str2);
            return this.session;
        } catch (CheckmarxLegacyException e) {
            throw new InvalidCredentialsException();
        }
    }

    private boolean isTokenExpired() {
        if (this.tokenExpires == null) {
            return true;
        }
        return LocalDateTime.now().isAfter(this.tokenExpires);
    }

    private boolean isSessionTokenExpired() {
        if (this.sessionTokenExpires == null) {
            return true;
        }
        return LocalDateTime.now().isAfter(this.sessionTokenExpires);
    }

    @Override // com.checkmarx.sdk.service.CxAuthClient
    public HttpHeaders createAuthHeaders() {
        if (this.token == null || isTokenExpired()) {
            getAuthToken();
        }
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.set("Authorization", "Bearer ".concat(this.token));
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        return httpHeaders;
    }

    @Override // com.checkmarx.sdk.service.CxAuthClient
    public String getLegacySession() {
        if (this.session == null || isSessionTokenExpired()) {
            this.session = legacyLogin(this.cxProperties.getUsername(), this.cxProperties.getPassword());
            this.sessionTokenExpires = LocalDateTime.now().plusHours(LEGACY_SESSION_TIME.intValue());
        }
        return this.session;
    }
}
