package org.xwiki.contrib.oidc.provider.internal.store;

import com.nimbusds.oauth2.sdk.AuthorizationCode;
import com.nimbusds.oauth2.sdk.id.ClientID;
import com.nimbusds.oauth2.sdk.token.AccessToken;
import com.xpn.xwiki.XWikiContext;
import com.xpn.xwiki.XWikiException;
import com.xpn.xwiki.doc.XWikiDocument;
import com.xpn.xwiki.objects.BaseObject;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Provider;
import javax.inject.Singleton;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.xwiki.component.annotation.Component;
import org.xwiki.model.reference.DocumentReference;
import org.xwiki.model.reference.DocumentReferenceResolver;
import org.xwiki.query.Query;
import org.xwiki.query.QueryException;
import org.xwiki.query.QueryManager;

@Singleton
@Component(roles = {OIDCStore.class})
/* loaded from: input_file:org/xwiki/contrib/oidc/provider/internal/store/OIDCStore.class */
public class OIDCStore {

    @Inject
    private Provider<XWikiContext> xcontextProvider;

    @Inject
    private QueryManager queryManager;

    @Inject
    @Named("current")
    private DocumentReferenceResolver<String> resolver;

    @Inject
    private Logger logger;
    private Map<AuthorizationCode, DocumentReference> authorizationMap = new ConcurrentHashMap();

    public OIDCConsent getConsent(DocumentReference documentReference, ClientID clientID, URI uri) throws XWikiException {
        XWikiContext xWikiContext = (XWikiContext) this.xcontextProvider.get();
        for (OIDCConsent oIDCConsent : xWikiContext.getWiki().getDocument(documentReference, xWikiContext).getXObjects(OIDCConsent.REFERENCE)) {
            if (oIDCConsent != null && clientID.equals(oIDCConsent.getClientID()) && (uri == null || uri.equals(oIDCConsent.getRedirectURI()))) {
                return oIDCConsent;
            }
        }
        return null;
    }

    public OIDCConsent getConsent(Map<String, String> map) throws QueryException, XWikiException {
        StringBuilder sb = new StringBuilder();
        for (String str : map.keySet()) {
            if (sb.length() == 0) {
                sb.append("select doc.fullName, consent.number from Document doc, doc.object(XWiki.OIDC.ConsentClass) as consent where ");
            } else {
                sb.append(" AND ");
            }
            sb.append("consent." + str + " = :" + str);
        }
        Query createQuery = this.queryManager.createQuery(sb.toString(), "xwql");
        for (Map.Entry<String, String> entry : map.entrySet()) {
            createQuery.bindValue(entry.getKey(), entry.getValue());
        }
        List execute = createQuery.execute();
        if (execute.isEmpty()) {
            return null;
        }
        Object[] objArr = (Object[]) execute.get(0);
        XWikiContext xWikiContext = (XWikiContext) this.xcontextProvider.get();
        return (OIDCConsent) xWikiContext.getWiki().getDocument(this.resolver.resolve((String) objArr[0], new Object[0]), xWikiContext).getXObject(OIDCConsent.REFERENCE, ((Number) objArr[1]).intValue());
    }

    public OIDCConsent getConsent(AccessToken accessToken) throws QueryException, XWikiException {
        HashMap hashMap = new HashMap();
        hashMap.put(OIDCConsent.FIELD_ACCESSTOKEN, accessToken.getValue());
        return getConsent(hashMap);
    }

    public OIDCConsent getConsent(ClientID clientID, URI uri) throws QueryException, XWikiException {
        HashMap hashMap = new HashMap();
        hashMap.put(OIDCConsent.FIELD_CLIENTID, clientID.getValue());
        hashMap.put(OIDCConsent.FIELD_REDIRECTURI, uri.toString());
        return getConsent(hashMap);
    }

    public OIDCConsent getConsent(ClientID clientID, URI uri, AuthorizationCode authorizationCode) throws XWikiException {
        DocumentReference userReference = getUserReference(authorizationCode);
        this.logger.debug("Get consent USER: reference={}", userReference);
        if (userReference == null) {
            return null;
        }
        XWikiContext xWikiContext = (XWikiContext) this.xcontextProvider.get();
        XWikiDocument document = xWikiContext.getWiki().getDocument(userReference, xWikiContext);
        if (document.isNew()) {
            return null;
        }
        String value = clientID != null ? clientID.getValue() : "";
        String uri2 = uri.toString();
        this.logger.debug("Get consent OIDC: clientIDString={} redirectURIString={}", value, uri2);
        for (BaseObject baseObject : document.getXObjects(OIDCConsent.REFERENCE)) {
            this.logger.debug("Get consent STORED: clientIDString={} redirectURIString={}", baseObject.getStringValue(OIDCConsent.FIELD_CLIENTID), baseObject.getStringValue(OIDCConsent.FIELD_REDIRECTURI));
            if (baseObject != null && value.equals(baseObject.getStringValue(OIDCConsent.FIELD_CLIENTID)) && uri2.equals(baseObject.getStringValue(OIDCConsent.FIELD_REDIRECTURI))) {
                return (OIDCConsent) baseObject;
            }
        }
        return null;
    }

    public XWikiDocument getUserDocument() throws XWikiException {
        XWikiContext xWikiContext = (XWikiContext) this.xcontextProvider.get();
        return xWikiContext.getWiki().getDocument(xWikiContext.getUserReference(), xWikiContext);
    }

    public OIDCConsent saveConsent(OIDCConsent oIDCConsent, String str) throws XWikiException {
        XWikiDocument ownerDocument = oIDCConsent.getOwnerDocument();
        XWikiContext xWikiContext = (XWikiContext) this.xcontextProvider.get();
        xWikiContext.getWiki().saveDocument(ownerDocument, str, xWikiContext);
        return oIDCConsent;
    }

    public BaseObject getUserObject(OIDCConsent oIDCConsent) throws XWikiException {
        XWikiContext xWikiContext = (XWikiContext) this.xcontextProvider.get();
        return oIDCConsent.getOwnerDocument().getXObject(xWikiContext.getWiki().getUserClass(xWikiContext).getDocumentReference());
    }

    public URI getUserAvatarURI(XWikiDocument xWikiDocument) throws URISyntaxException {
        String stringValue = xWikiDocument.getStringValue("avatar");
        if (StringUtils.isEmpty(stringValue)) {
            return null;
        }
        return new URI(xWikiDocument.getExternalAttachmentURL(stringValue, "download", (XWikiContext) this.xcontextProvider.get()));
    }

    public URI getUserProfileURI(XWikiDocument xWikiDocument) throws URISyntaxException {
        return new URI(xWikiDocument.getExternalURL("view", (XWikiContext) this.xcontextProvider.get()));
    }

    public DocumentReference getUserReference(AuthorizationCode authorizationCode) {
        return this.authorizationMap.get(authorizationCode);
    }

    public void setAuthorizationCode(AuthorizationCode authorizationCode, DocumentReference documentReference) {
        this.authorizationMap.put(authorizationCode, documentReference);
    }

    public void removeAuthorizationCode(AuthorizationCode authorizationCode) {
        this.authorizationMap.remove(authorizationCode);
    }
}
