package de.unijena.bioinf.auth;

import com.github.scribejava.apis.Auth0Api;
import de.unijena.bioinf.babelms.utils.Base64;
import de.unijena.bioinf.ms.properties.PropertyManager;
import java.io.IOException;
import java.net.URI;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.util.function.Consumer;
import okhttp3.OkHttpClient;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/unijena/bioinf/auth/AuthServices.class */
public class AuthServices {
    private AuthServices() {
    }

    public static AuthService createDefault(@NotNull URI uri, Path path, @Nullable OkHttpClient okHttpClient) {
        return createDefault(audienceFromURI(uri), path, okHttpClient);
    }

    public static AuthService createDefault(@NotNull String str, Path path, @Nullable OkHttpClient okHttpClient) {
        String str2 = null;
        try {
            if (Files.exists(path, new LinkOption[0])) {
                str2 = readRefreshToken(path);
            }
        } catch (IOException e) {
            LoggerFactory.getLogger(AuthServices.class).warn("Could not read refresh token from file! (re)login might be needed!", e);
        }
        return createDefault(str, str2, okHttpClient, authService -> {
            if (authService.hasRefreshToken()) {
                try {
                    writeRefreshToken(authService, path);
                    return;
                } catch (IOException e2) {
                    LoggerFactory.getLogger(AuthServices.class).warn("Error when writing refresh token. Login might not be persistent. You probably have to re-login next time", e2);
                    return;
                }
            }
            try {
                clearRefreshToken(path);
            } catch (IOException e3) {
                LoggerFactory.getLogger(AuthServices.class).warn("Error when try to remove refresh token. Token might still be present at '" + String.valueOf(path) + "'. Please remove the file manually to ensure that your are logged out!", e3);
            }
        });
    }

    public static AuthService createDefault(@NotNull URI uri, @Nullable OkHttpClient okHttpClient) {
        return createDefault(audienceFromURI(uri), okHttpClient);
    }

    public static AuthService createDefault(@NotNull String str, @Nullable OkHttpClient okHttpClient) {
        return createDefault(str, PropertyManager.getProperty("de.unijena.bioinf.sirius.security.rToken"), okHttpClient, new Consumer[0]);
    }

    protected static AuthService createDefault(@NotNull URI uri, @Nullable String str, @Nullable OkHttpClient okHttpClient) {
        return createDefault(audienceFromURI(uri), str, okHttpClient, new Consumer[0]);
    }

    @SafeVarargs
    protected static AuthService createDefault(@NotNull String str, @Nullable String str2, @Nullable OkHttpClient okHttpClient, Consumer<AuthService>... consumerArr) {
        return new AuthService(createDefaultApi(str), PropertyManager.getProperty("de.unijena.bioinf.sirius.security.clientID"), PropertyManager.getProperty("de.unijena.bioinf.sirius.security.clientSecret"), str2, okHttpClient, consumerArr);
    }

    public static Auth0Api createDefaultApi(@NotNull URI uri) {
        return createDefaultApi(audienceFromURI(uri));
    }

    public static Auth0Api createDefaultApi(@NotNull String str) {
        return Auth0Api.instance(PropertyManager.getProperty("de.unijena.bioinf.sirius.security.authServer"), str);
    }

    protected static String audienceFromURI(@NotNull URI uri) {
        return uri.getScheme() + "://" + uri.getHost() + "/";
    }

    public static void writeRefreshToken(@NotNull AuthService authService, @NotNull Path path) throws IOException {
        writeRefreshToken(authService, path, false);
    }

    public static void writeRefreshToken(@NotNull AuthService authService, @NotNull Path path, boolean z) throws IOException {
        if (authService.needsLogin()) {
            if (!z) {
                throw new LoginException(new IllegalStateException("Cannot save refresh token if user is not logged in."));
            }
        } else if (authService.getRefreshToken() != null) {
            writeRefreshToken(authService.getRefreshToken(), path);
        } else {
            LoggerFactory.getLogger(AuthServices.class).warn("Cannot write refresh token. Given Service seems to rely on client credentials flow, so  refresh token is obsolete. Skipping!");
        }
    }

    public static void writeRefreshToken(String str, Path path) throws IOException {
        Files.write(path, Base64.encodeBytesToBytes(str.getBytes(StandardCharsets.UTF_8)), new OpenOption[0]);
    }

    public static String readRefreshToken(Path path) throws IOException {
        return new String(Base64.decode(Files.readAllBytes(path)), StandardCharsets.UTF_8);
    }

    public static boolean clearRefreshToken(Path path) throws IOException {
        return clearRefreshToken(null, path);
    }

    public static boolean clearRefreshToken(@Nullable AuthService authService, @NotNull Path path) throws IOException {
        if (authService != null) {
            authService.logout();
        }
        return Files.deleteIfExists(path);
    }
}
